Age | Commit message (Collapse) | Author | Files | Lines |
|
DCE/RPC MAPI dissector.
Also remove the use of proto_tree_add_text for something filterable.
Change-Id: I7c252fb24f5ab51e4d1913fe3b0e520a4150baec
Reviewed-on: https://code.wireshark.org/review/4214
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I61ecc58be4b0688c43df0b0f006fb899bdc1721c
Reviewed-on: https://code.wireshark.org/review/4216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I9ea4fe42ccdbc85c8c3f22a426b6e08d595a7460
Reviewed-on: https://code.wireshark.org/review/4215
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: If3b623d82d6bbbf9943a35c8885620881eedb091
Reviewed-on: https://code.wireshark.org/review/4204
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The new icons are patterned after the existing capture icons. They could
probably benefit from some adjustments here and there.
Start moving toward icon names and a directory layout compliant with
freedesktop.org's Icon Naming Specification and Icon Theme
Specification. We aren't fully compliant and might never be but anyone
with exposure to FDO icon themes should at least know where everything
is.
Make Capture Start (x-capture-start) the first icon in the toolbar.
Define the Colorize Packets, Auto Scroll, and zoom icons even though the
Qt UI doesn't use them yet.
Leave the Capture Filter, Display Filter, Coloring Rules, Preferences,
and Help icons off for now. The GTK+ toolbar is overly cluttered and I'm
not sure they're necessary.
Try not to break ui/gtk/toolbar_icons.h.
Remove welcome.qrc. I initially added it in case we needed to overlay
the welcome screen with translucent .pngs but that never happened.
To do:
- Move the old GTK+ icons to their own directory.
- Find a better name for the "toolbar" directory. "stock"?
- Make the toolbar configurable.
Change-Id: Ie07592113d307b8db786aedace672312a870fe38
Reviewed-on: https://code.wireshark.org/review/4182
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
4 jobs
* autotools / gcc
* autotools / clang
* cmake / gcc
* cmake / clang
Change-Id: Ifc5b079415232b77680c87b2dee441566e08c835
Reviewed-on: https://code.wireshark.org/review/3944
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
We don't care *why* it fails; it's printed a message to indicate that.
Just have it indicate whether it succeeded or not.
Change-Id: I98160999baa5f25ea03ef803b7dbf77dff1518de
Reviewed-on: https://code.wireshark.org/review/4213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I57fbb17baf43b0f1365fef72778ac0e65935456a
Reviewed-on: https://code.wireshark.org/review/4210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
pcap_read_block() takes err and err_info arguments, and sets them on
error; no need to call file_error() if pcap_read_block() fails.
Change-Id: I33b96d31395bf7d66abdecbebd5cf775e8662004
Reviewed-on: https://code.wireshark.org/review/4209
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If file_read() doesn't return the exact number of bytes you asked for,
and you really need all those bytes to be there, you have to call
file_error() to find out what the problem is.
Change-Id: I4cc87bc1b6cc5a49bbcbf93b56106f57af290d20
Reviewed-on: https://code.wireshark.org/review/4205
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Do this by emitting the StaticRecentFilesRead signal after reading the static
portion of the recent file.
Unfortunately this results in the main window appearing in one size and
then resizing to the saved size but I haven't figured out how to fix that yet.
At the very least this prevents qtshark's default geometry from being saved to
my recent file and affecting wireshark-gtk's geometry.
Change-Id: I47b66078a9d00cb321badc744f1337ff39ca42a7
Reviewed-on: https://code.wireshark.org/review/4177
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I5bfbfc03795cd8ba3cd102d2249672ce3e48bc5f
Reviewed-on: https://code.wireshark.org/review/4179
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Some Vendors can provide own subset of HCI commands/events, so provide them
possibility to write own dissectors and use them by "Decode As".
Change-Id: I87ff60ae12ac63ddd4b12b26951aa9f5143eabc6
Reviewed-on: https://code.wireshark.org/review/4166
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I46152382be0a374019d51f18e7116aad8241e95a
Reviewed-on: https://code.wireshark.org/review/4162
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Description:
Ignore the specified bytes number at the beginning of the frame during MD5 hash calculation.
Useful to remove duplicated packets taken on several routers or SW(differents mac addresses for example).
e.g. -I 26 in case of Ether/IP/ will ignore ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).
The default value is 0.
This option is only relevant when used with -d|-D|-w
Bug: 8511
Change-Id: I009a09d32778a182b2d88f372651f658a4938882
Reviewed-on: https://code.wireshark.org/review/4104
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
they're stored in a static variable so we only ever need compile them once and
they can just hang around forever
Change-Id: Icf43745ad80f4984443a67af21c979625363fc6f
Ping-Bug: 10474
Reviewed-on: https://code.wireshark.org/review/4139
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
If it fails due to, for example, the file being gzipped and having a bad
gzip CRC, the error returned is WTAP_ERR_DECOMPRESS and, for that error,
err_info is expected to be set to a string giving details of the
problem, so we need to pass back to our caller the string in question.
Bug: 10484
Change-Id: I3aa2a92d04fcc08946ff073a40efa708079bbb3e
Reviewed-on: https://code.wireshark.org/review/4201
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I84755d059ef70ca98b0e7626b6425360daf0529d
Reviewed-on: https://code.wireshark.org/review/4199
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 10462
Change-Id: I37d532edc41193123b1a7bb380d48cb76c118bf4
Reviewed-on: https://code.wireshark.org/review/4161
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
I don't know why it was unavailable at some point, but it appears to be
available again. Update the comment to reflect that.
Change-Id: I7dc1fcb554e73d3b0fc2bd2fbdf6235e791a4253
Reviewed-on: https://code.wireshark.org/review/4200
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ied0778af9d5ff0e49c6efd4ea9411ae1a72cb8e5
Reviewed-on: https://code.wireshark.org/review/4190
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
For now, this just pacifies fuzz-testing. If real world examples have this, there needs to be a drastic overhaul to support fields that could be either 32 or 64-bit values.
Bug:9329
Change-Id: I3e28808ca0291868a5f84258b0ee1e2a922703c2
Reviewed-on: https://code.wireshark.org/review/4189
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
In case like reusing "connection handle" number in next connection
(2 -> 3 -> 2 again) AVDTP dissector does not properly dissected packets
(it should be Signal, but dissect as Media).
Add expert error to all packets that are not in ACL connection. This will
show invalid packages (send after dissconnect), however incomplete
(mostly beginning) connection will be marked too, but I think it have more
pros than cons.
Change-Id: I29cf706600cb12c8b93d0188dd2fba18dd5eba88
Reviewed-on: https://code.wireshark.org/review/4167
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I024a882030e489cbd273a4245b0cd3be656f060f
Reviewed-on: https://code.wireshark.org/review/4191
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Now all generated dissectors can successfully compile.
Change-Id: I74728926915d5a9f1694cc49c753b80f213df767
Reviewed-on: https://code.wireshark.org/review/2598
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Change-Id: I0885f7d110014cb8a7eba1c1892ed8d0852d076a
Reviewed-on: https://code.wireshark.org/review/4187
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
- incorrect fetch/display of hf_http2_push_promise_r field
Change-Id: Iddf2db4807713017519b5abcbff3ba824b3624c6
Reviewed-on: https://code.wireshark.org/review/4186
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ie8d4056ab706bbc85c8247682b1a64ea98bc89f2
Reviewed-on: https://code.wireshark.org/review/4185
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Specifically: A number of cases of the use of the encoding arg
"ENC_ASCII | ENC_NA" for FT_BYTES FIELDTYPEs seem to
have crept into Wireshark source.
Also: Add a ToDo comment as to code rework needed to be able to
better *validate* encoding args.
Change-Id: I9d4b10b869fe2aef3f20bcd2d7ad6531375aba87
Reviewed-on: https://code.wireshark.org/review/4183
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I63b2c51ba857dc5282897c32594102aad2ef9e2f
Reviewed-on: https://code.wireshark.org/review/4127
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Logic error Dereference of null pointer epan/dissectors/packet-bthci_acl.c 379
Logic error Dereference of null pointer epan/dissectors/packet-bthci_acl.c 390
Logic error Dereference of null pointer epan/dissectors/packet-btsdp.c 3673
Logic error Dereference of null pointer epan/dissectors/packet-btsdp.c 1439
Logic error Dereference of null pointer epan/dissectors/packet-btsdp.c 1662
Thanks for Alexis La Goutte for pointing that.
Change-Id: Ia646b33de9e368d32983efddfaa41edf7896d7fd
Reviewed-on: https://code.wireshark.org/review/4165
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ic22e154859877c48a85b808d0029e10e07876b73
Reviewed-on: https://code.wireshark.org/review/4174
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Misc: (as needed)
- Add editor modelines;
- Adjust whitespace.
Change-Id: I0e5d877a2a6273842ad8e771ac0c0acbfcb83200
Reviewed-on: https://code.wireshark.org/review/4173
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
file checked
Another perl "You can't DO that" ...
Change-Id: I56e11bec19515f883f15286c6aa45018a255ab53
Reviewed-on: https://code.wireshark.org/review/4172
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
We really need a buildbot or Petri-Dish which doesn't have GeoIP because
this problem keeps popping up.
Bug: 10480
Change-Id: Iccba50dfcafd2dbacb315b9416324de4114be220
Reviewed-on: https://code.wireshark.org/review/4171
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
|
|
Change-Id: Idddd491da8b6c1d5d2824121f9c334d864aafb8c
Reviewed-on: https://code.wireshark.org/review/4169
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
It still not complete.
Change-Id: I53c3efe9c6cf0456fcea55336114086445d3bfe9
Reviewed-on: https://code.wireshark.org/review/2719
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
Add all logcat format like brief, threadtime, long, etc. when try to save
logcat logs where there is EXPORTED_PDU layer.
Change-Id: I338f0bbd46dd8db984efc1c03980c7e9c7401a44
Reviewed-on: https://code.wireshark.org/review/4164
Reviewed-by: Michal Orynicz <michal.orynicz@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
If it is used, there is a modified file in git.
Fix this by only including the file if it exists.
Other changes:
- Rename the existing Custom files to CMakeListsCustom.txt.example.
- Move the plugins custom file to the top level (same level as its
including parent).
- Optionally allow a list of custom includes instead of the default one.
Change-Id: I8960eac6222f741c045055d43d1d5a2d4979caf6
Reviewed-on: https://code.wireshark.org/review/4163
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
more AllJoyn Messages are combined in single TCP packet.
Fixed bugs where multiple messages are combined in a single packet.
Fixed bugs where a single message is distributed across multiple packets.
Fixed bug where arrays of zero length were not dissected properly.
Change-Id: Icfb83e73519d8217d6c477edf531ba6d3f3dcd48
Reviewed-on: https://code.wireshark.org/review/4159
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
* "Accept" option: The option number was changed late in the
specification process.
* "Proxy-Scheme" / "Size1": After including those, all option numbers
specified in the RFC can be dissected by wireshark.
Change-Id: I1b475ac6920fd021e3217cd3b44c173d264a5298
Reviewed-on: https://code.wireshark.org/review/4123
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I575bd2f93202837b2ce15a39b1b0bd9b5c53f5bf
Reviewed-on: https://code.wireshark.org/review/4151
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I5ca5d41edf1f56b24da6360a10f0c6e2600572d2
Reviewed-on: https://code.wireshark.org/review/4150
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I0b533edd7bad52922dd1e0aaa2c980e56dd88b78
Reviewed-on: https://code.wireshark.org/review/4149
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I78963640e32393f3ac399e59a659ddf619d15c3d
Reviewed-on: https://code.wireshark.org/review/4148
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It's unclear how the ports should be separated, this additional text in the tooltip clarifies it
Change-Id: I686482522d006024f920a3cc26b83cd21c19f8a5
Reviewed-on: https://code.wireshark.org/review/4147
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Id4f258e0e45e44c1ab63bd77a6fab10013a4810c
Reviewed-on: https://code.wireshark.org/review/4160
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
|
|
Move the map creation code from ui/gtk/hostlist_table.c to
ui/traffic_table_ui.c.
Add CMake commands to copy ipmap.html to the run directory so that
WIRESHARK_RUN_FROM_BUILD_DIRECTORY works for the endpoint map. Not sure
if they're entirely correct but they appear to work.
Add boundary checkes to geoip_db_lookup_ipv[46].
To do:
- It looks like there are prettier maps and newer APIs that we
might want to use.
Change-Id: Ie06992c9bc9c9aa683328aecab3f5f69c9cab966
Reviewed-on: https://code.wireshark.org/review/4011
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Different GeoIP databases have the same column name, e.g. "City"
currently matches two revisions each for IPv4 and IPv6. Map each
uniquely named column to a list of databases and populate
EndpointTreeWidgetItem columns based on the first database match.
Fix a copy/pasteo introduced in g30f3d52: Make sure
geoip_db_lookup_ipv[46] returns longitude instead of latitude.
Change-Id: Idd31f976dfd1cb011cfa7b5aec14b7031ee0e25e
Reviewed-on: https://code.wireshark.org/review/4157
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|