git.samba.org - jlayton/wireshark.git/log

Calculate and print CWmin and CWmax in addition to ECWmin and ECWmax

This also changes the summary presentation to make it more compact

Change-Id: I27ef8b2da280e36cff84dcb97d6d40dc0015a74b
Reviewed-on: https://code.wireshark.org/review/16000
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

Fix problems when compiling without pcap.

Change-Id: Id682a76ac561f92f65638bbdfcd4236eb92e46b7
Reviewed-on: https://code.wireshark.org/review/16010
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Put #ifdef/#endif around a variable used only on Windows.

Change-Id: Ia6fed6db03cb88433469e758693fcc72c4bd9071
Reviewed-on: https://code.wireshark.org/review/16009
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Refactor command-line handling of GUI options.

Both GTK and Qt both use the same command-line options, so refactor
the parsing and (possibly) applying of those arguments to a single
location.

Ping-Bug: 12546
Change-Id: Ib31e576c509c5d3d21c33d3247640d9f9c68661b
Reviewed-on: https://code.wireshark.org/review/16006
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cmake: add PIDL dissector generation support

The dissectors list is generated based on regex magic on pidl/Makefile.
A dssetup.cnf file is added because all other protocols already have
this file. The srvsvc and wkssvc protocols cannot be built for some
reason, so just disable it (this mirrors the original Makefile).

Add frsrpc and samr to PIDL_DISSECTOR_SRC list which was missing
compared to autotools.

Tested with an out-of-tree and in-tree build with cmake (make and ninja):

    cmake -GNinja && ninja -v pidl-dissectors
    touch epan/dissectors/pidl/dfs/dfs.idl && ninja generate_dissector-dcerpc-dfs
    cmake . && make -C epan/dissectors/pidl generate_dissector-dcerpc-dfs

Change-Id: Id8bf34e76c20053a8a393024560d90a048473e03
Reviewed-on: https://code.wireshark.org/review/15962
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DCE/RPC: fix array of pointers with NULL

Change-Id: Ie89f8fd4ec744d427d41866206d5a6784c5b224f
Reviewed-on: https://code.wireshark.org/review/16004
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ZigBee dissector added support for the Power Negotiation bit

An update to R22 adds the Power Negotiation bit to the Parent
Information of the End Device Timeout Response

Change-Id: I3d423e1088821ccaba98183e2be7f2152bd659d1
Reviewed-on: https://code.wireshark.org/review/16001
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

GTPv2: Use proto_tree_add_bitmask

Change-Id: I236a3513237a7a977389438adaf381542281943d
Reviewed-on: https://code.wireshark.org/review/15997
Reviewed-by: Michael Mann <mmann78@netscape.net>

MKA: tvbrange for all subtrees corrected

* Incorrect tvbrabge was affecting highlight on selection.

* AN & Confidentiality Offset dissection fixed.

Change-Id: Ibc4422322b765b0073471345f6e0bc3b1aeba2f9
Reviewed-on: https://code.wireshark.org/review/15996
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssh: add RSA host key printing

Adds a dissector for the ssh-rsa type of public key where the modulus
and public exponent are extracted out.

Change-Id: I10b1f2d6f41878d9f7ffe5d399b9b7d4f69ad96e
Reviewed-on: https://code.wireshark.org/review/15975
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssh: add hostkey information

Adds a framework for hostkey to be printed out separately from the rest
of the key exchange. This will allow for individual key information to
be presented separately in subsequent changes.

Change-Id: I27433772ef1a9e1c45f388809017ed07cf6e41fa
Reviewed-on: https://code.wireshark.org/review/15974
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Diameter-3GPP: add AVP 21 RAT-Type decoding

Change-Id: Ibede796a52bb382525bc1f430d5fdecd555c233f
Reviewed-on: https://code.wireshark.org/review/15993
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add an expert item to asure that aifsn is at least 2

Change-Id: If7105ba2e476acca8a02ce740decc4966b0af1bb
Reviewed-on: https://code.wireshark.org/review/15998
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

tap: change glib functions to wmem.

Change-Id: I878ae6b121a669f9b7f4e1e57bc079f0cb44c0bf
Reviewed-on: https://code.wireshark.org/review/15270
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

GTPV2: add decoding of ECI into enodebid and cellid

Change-Id: If46cc354e202ff9a126580bf742d747e42678f83
Reviewed-on: https://code.wireshark.org/review/15994
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Fix a compile error occurring on RedHat Enterprise Linux.

Another missing Qt #include; probably caused by commit 157721c.

Change-Id: I8ab4be9f18dffde7159debd842201e2a67230ec8
Reviewed-on: https://code.wireshark.org/review/15995
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>

autotool: Add -Wc99-extensions CFLAGS

See with CMake (ga9070e1a90)

Change-Id: If768b663f9ed032503fc121785b078c0107cdadc
Reviewed-on: https://code.wireshark.org/review/15909
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

tshark JSON and Elasticsearch output

Added ouput -T for json|ek
Added -j switch fo filter EK json|ek fields.
Added -x switch to work with json|ek to insert raw fields.

Bug: 11754

Change-Id: Iad5a9092b843c074b0b774d1745fa14fca09f6b7
Reviewed-on: https://code.wireshark.org/review/15869
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

idl2wrs: fix more bad strndups

Fixed another g_strndup case that truncated the name and replaced more
by strdups when possible.

Change-Id: Id7ce4d82da9fb1d0071bc7a6b4e7c2062bf77f55
Reviewed-on: https://code.wireshark.org/review/15988
Reviewed-by: Anders Broman <a.broman58@gmail.com>

mswsp: Remove null check (CID1355407)

value->type is already asserted as not null (and probably shouldn't be).

Change-Id: I574d3e7e0d5c636e6b731c1c817f2e457447afc1
Reviewed-on: https://code.wireshark.org/review/15990
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Align AUTHORS.src column

Change-Id: I17ed5e0be356666e9b29490ce43deb357fe177ff
Reviewed-on: https://code.wireshark.org/review/15991
Reviewed-by: João Valverde <j@v6e.pt>

LDSS: Add an assertion (CID280539,CID280540)

Change-Id: I18082a4d45f0c320b8ee0e11139295eb1aee2c89
Reviewed-on: https://code.wireshark.org/review/15968
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

Qt: Add "Copy As…" to VoIP Calls.

Bug: 4389
Change-Id: I88dba82bd63e8c3be2b6fac3eca88f810c62d8bd
Reviewed-on: https://code.wireshark.org/review/15985
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

CANopen: Check array bounds for untrusted index (CID 1356262)

Change-Id: If5ca51e5703fa4137ab9f388a99d613752d3b0d0
Reviewed-on: https://code.wireshark.org/review/15983
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

Add a sequence analysis wishlist item.

Change-Id: Idea0bab80c7c05e3ad9f8591904e882df69a17ff
Reviewed-on: https://code.wireshark.org/review/15984
Reviewed-by: Gerald Combs <gerald@wireshark.org>

lemon: use a define for fseek()'s whence parameter

for people who don't immediately understand what fseek(fp, 0, 2) does

Change-Id: I297ba6fd718ef0f09c4d0b29bf433262c3c38435
Reviewed-on: https://code.wireshark.org/review/15976
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

ldap: added modify-increment operation identification in packet dissection and generate the modified dissector dissector

Change-Id: Iad745b9e0e8ab0bc055da7f26ec0822433897db7
Reviewed-on: https://code.wireshark.org/review/15977
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DEC DNART: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Ic2d333b418928351f32673890c9c432c7bfa0f16
Reviewed-on: https://code.wireshark.org/review/15982
Reviewed-by: Anders Broman <a.broman58@gmail.com>

SITA: Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: I2565b0bee66f934561df506e87a35fdd14590f92
Reviewed-on: https://code.wireshark.org/review/15981
Reviewed-by: Anders Broman <a.broman58@gmail.com>

DCE/RPC proto_tree_add_boolean -> proto_tree_add_bitmask_value

Change-Id: I88398aa1923e86bb83b97cc3904529a5810f6c40
Reviewed-on: https://code.wireshark.org/review/15978
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Add Cisco ttag dissector

Add dissector for Cisco ttag protocol.

Bug: 12518
Change-Id: Id17293a80b2b6827fd2d5c7ead098784c35a28ef
Reviewed-on: https://code.wireshark.org/review/15964
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>

Finish getting making the Diameter XML valid XML.

... Except for the fact that many AVP names start with "3GPP".

Make the AVP names XML IDs again.

Fix all the grouped AVPs that reference AVPs (by name) or vice-versa. This
includes:
* Fixing a bunch of typos (including type mismatches).
* Commenting out a number of references to vendor AVPs for which we don't have
the specs.
* Adding a few missing AVPs.

Change-Id: Ic2ddb50cc947877de9086be51f7813e8f9be02b4
Reviewed-on: https://code.wireshark.org/review/15973
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ssh: set packet lengths correctly

Each SSH packet was being set to be the remaining length of the frame.
This change sets the packet lengths correctly for each SSH packet.

Change-Id: Id9c2331d875465cd5e6bb788d420e0025f5d496e
Reviewed-on: https://code.wireshark.org/review/15966
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

ssh: packets after SSH_MSG_NEWKEYS are encrypted

According to RFC 4253 section 7.3, once the SSH_MSG_NEWKEYS is received
all packets after that will be encrypted using the negotiated keys. This
can happen in the middle of a frame, so account for the offset in the
frame where this happens.

Change-Id: Ibc3b06a4bdfe38ae15b0e65afac6f5d3646cb58d
Reviewed-on: https://code.wireshark.org/review/15965
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

DCE/RPC proto_tree_add_boolean -> proto_tree_add_bitmask_with_flags

Change-Id: I8891ec90244ffd9609d8443df631a7c8e6453b7e
Reviewed-on: https://code.wireshark.org/review/15942
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

MKA: Fix for GCM-AES-256 dissection & Added Enumeration for macsec-cipher-suite

Change-Id: Ief38f949d3e30754a65fbfeaa64cbbd2f5646a9b
Reviewed-on: https://code.wireshark.org/review/15969
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

NSH: Correct the display of the NSH header fields

Change-Id: I3be75d20a3f00091aa3077e475f9ddb00eeca06c
Reviewed-on: https://code.wireshark.org/review/15963
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtk: Check chunk before g_string_chunk_clear

Avoid this warning from wireshark-gtk:
(wireshark-gtk:39505): GLib-CRITICAL **: g_string_chunk_clear: assertion
'chunk != NULL' failed

Change-Id: I413b3435a1ac595236dd1c4e619e3af1543b6a91
Reviewed-on: https://code.wireshark.org/review/15970
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Typing error line 4928 of packet-dns.c

Change-Id: I1a6409262614a87c159236375223707c85114650
Reviewed-on: https://code.wireshark.org/review/15972
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

gitignore: updated cmake paths

* files.txt: v2.1.0rc0-2918-g2e23b50 ("Add checkAPI calls to CMake.")
* epan: v2.1.0rc0-2202-g6b54fbf ("CMake: Add more structure to
libwireshark build")
* asn1: v2.1.0rc0-2330-g54a520d ("Move /asn1 to /epan/dissectors")

Change-Id: I0ef590de7d262d96c011be360b958fbda72a61fa
Reviewed-on: https://code.wireshark.org/review/15961
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

filesystem: Fix build dir detection when using cmake

Fixes loading of plugins by detecting the build output directory of
cmake. This requires a "CMakeCache.txt" file to be present in the parent
directory (above run/).

Change-Id: I297432cdcd0981646058410f3eadf5f73b5248c8
Reviewed-on: https://code.wireshark.org/review/7453
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Add a note about the new intelligent scroll bar.

Should we call it the intelligenter scroll bar?

Change-Id: I67e76c1aabeb4b2e87e38815fe4ab120f0869b25
Reviewed-on: https://code.wireshark.org/review/15936
Reviewed-by: Anders Broman <a.broman58@gmail.com>

CID 1250642: check the return value of dup()

abort if it is -1

Change-Id: Ie14c18679ff74529731558d6742f63ebfb9fe97b
Reviewed-on: https://code.wireshark.org/review/15958
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make the rest of the Diameter AVP names unique.

In most cases this means prepending the application- or vendor-name to force
uniqueness. A few vendors have duplicates within their namespace--append the
AVP code to these.

Also fix a few other invalid names (with spaces or parentheses in the names).

Change-Id: I5bb78d31526122dd5782055638af410cc497e49d
Reviewed-on: https://code.wireshark.org/review/15960
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cmake: Detect proper large file defines even with -Wno-error

Without this change large file support was detected as available
even when it was not without additional flags on 32 architectures.

As a result mergecap and other programs are built without large
file support causing mergecap not being able to write files
bigger than 2GB on i386 systems. This used to work properly
with autotools builds, but not with CMake ones.

Change-Id: Ibfd043342b2a48310d2ac9d760e6404a701c5808
Reviewed-on: https://code.wireshark.org/review/15937
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

qt: move free_stat_tables from SimpleStatisticsDialog::fillTree to ~SimpleStatisticsDialog.

Add a reference count to stat_tap_table_ui to prevent bad deallocations.

Bug: 12437
Change-Id: Ib9b1f929d08a574c306dc755ec416ab94a3fd6d3
Reviewed-on: https://code.wireshark.org/review/15920
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update the X11 dissector to use the latest mesa and xcbproto.

Change-Id: Ia1395cffaebbcf6585b9167861d8c3b4d86cf821
Reviewed-on: https://code.wireshark.org/review/15923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Clarify follow stream dialog's format button

The stream is not just shown, but also saved in ASCII, EBDIC, Raw, etc.

Change-Id: Ic29e3273ebb9a3eca0fe791bdd48606c4be3b828
Reviewed-on: https://code.wireshark.org/review/15957
Reviewed-by: Anders Broman <a.broman58@gmail.com>

X11: Fix last indent issue on X11 generator

and regenerate X11 dissector

Change-Id: If2c781d346713f5a2a2e97de84c0fedcfd1958af
Reviewed-on: https://code.wireshark.org/review/15944
Reviewed-by: Anders Broman <a.broman58@gmail.com>

x11: Regenerate dissector after indent change on g2b8caf31cca

Change-Id: Iac1522998c5983b417a0083b9c607a60e7f66e8c
Reviewed-on: https://code.wireshark.org/review/15943
Reviewed-by: Anders Broman <a.broman58@gmail.com>

randpktdump: fix a crash.

Randpktdump requires the init the wtap opttypes.
Fixed making the init function public and calling it.

Bug: 12539
Change-Id: I02585c41012deacff1526b51ed09ab555cbfc8ce
Reviewed-on: https://code.wireshark.org/review/15951
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Don't call g_ascii_strcasecmp() with an NULL string.

Change-Id: I6efbdcb51efe5f2db233827e32e2105db6322d6c
Reviewed-on: https://code.wireshark.org/review/15946
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtk: add initializer (CID 1362745).

Change-Id: Ib1bc11e905b0a4e84302e3f9ac43f3a87afd6edf
Reviewed-on: https://code.wireshark.org/review/15954
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>

Remove a bunch of unassigned ETSI AVPs.

These were presumably there to allow indexed search of the AVP list but it
wasn't working anyway (binary search was used). And the expert info for
"unknown" (to Wireshark) AVPs is a good thing.

Change-Id: Id6b9e5c90b8a2a6e3cf4415cd1b6114308c74440
Reviewed-on: https://code.wireshark.org/review/15956
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ip-over-ib description entry was missing

Description entry was missing in the list.

Change-Id: Ia8f8bd4608ee6800a352f4979752b5c45c4a5086
Reviewed-on: https://code.wireshark.org/review/15947
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Export wtap_optionblock_copy_options() symbol

It can be useful for wiretap plugins

Change-Id: Ic56e4357ba3bfcef30d13615efc1361399c3133e
Reviewed-on: https://code.wireshark.org/review/15955
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

file_util.c: do not search in Npcap installation folder when calling ws_load_library()

ws_load_library() is not used to load packet.dll or wpcap.dll (we use ws_module_open() for this).
Let's not lose time checking the folder content.

Change-Id: Ibd4a71b8b0c5ffc0c4c146eca51ad9f20964515b
Reviewed-on: https://code.wireshark.org/review/15938
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

mongo: return the number of bytes we actually consumed

even if the document length is 0, we consumed at least 4 bytes for the
length field

bug: 12534
Change-Id: I2f1612bf575b558c1bcc0afe8202b202747846e3
Reviewed-on: https://code.wireshark.org/review/15934
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Make some more Diameter AVP names unique.

In some cases this means using the correct (updated?) name from the
specification. In others it means prepending the application- or vendor-name
to force uniqueness.

Remove a few more "Unassigned" AVPs from the XML files.

Change-Id: I61d55ef97ff8efc3317c91bf79e73031735f740a
Reviewed-on: https://code.wireshark.org/review/15949
Reviewed-by: Anders Broman <a.broman58@gmail.com>

idl2wrs: fix code generation

Fixes a regression from v1.99.9rc0-470-g87f2bd4 which truncated function
names to 26 characters.

Test:

    cd epan/dissectors/dcerpc/budb
    make IDL2WRS=/tmp/wsbuild/run/idl2wrs
    diff packet-dcerpc-budb.c ../../packet-dcerpc-budb.c

While at it, replace all g_strndup(X, strlen(X)) occurrences with
g_strdup(X) since that is the same thing and less redundant.

Change-Id: Id8da45792c830e2287cf8f14ff6245149751afd2
Reviewed-on: https://code.wireshark.org/review/15939
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

gtk: Fix null dereference in stats

This fixes the bug reported to Debian:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786704

Change-Id: Iabe19c11067318d78664a17fa00d6a4d1998250c
Reviewed-on: https://code.wireshark.org/review/15948
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

proto.c: allow calling proto_item_add_bitmask_tree() with a length set to 0

This is required for the flags from packet-frame.c

Bug: 12536
Change-Id: I60bfe671687bcd3a9b5c997ba62bed563e890548
Reviewed-on: https://code.wireshark.org/review/15945
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>

capture info (wslua): Dereference of null pointer

Change-Id: Iced579d5acaefa9d1c8e3775a53916773bf87659
Reviewed-on: https://code.wireshark.org/review/15929
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

documentation: Suggest using prefixed public symbols

Change-Id: I9153756b0e921fd74d7df9d119337f5484856ba0
Reviewed-on: https://code.wireshark.org/review/15940
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: Adjust the search frame layout.

Add padding on the left side of the search frame in order to reduce the
amount of mousing required on large screens.

Change-Id: I1dcd8c4a103f4a462f4ab60a22a93b8c0f28b055
Reviewed-on: https://code.wireshark.org/review/15928
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Make some Diameter AVP names unique.

In some cases this means using the correct (updated?) name from the
specification. In others it means prepending the application name to force
uniqueness.

Change-Id: I8301c769af2b2279c0be7c1bc65e99fe25c1cc80
Reviewed-on: https://code.wireshark.org/review/15935
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ZigBee: decode ZBOSS traffic dump and Interpan frames as ZigBee.

If decoded ZBOSS traffic dump, sure this is ZigBee, so bypass heuristic.
If decoding air sniffer dump, try to go thru heuristic by checking for ext address src mode required for interpan.

Change-Id: Iddf799400a4cf0fd73714f06b99e3d11c8cb2e60
Reviewed-on: https://code.wireshark.org/review/15921
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Pass "/utf-8" to Visual C++ 2015.

Many projects (Qt[1] and GNOME[2] in particular) either recommend, use,
or at least allow for UTF-8 in source and header files. Pass /utf-8 to
Visual C++ 2015 so that it will behave itself around UTF-8 and be more
like that nice compiler down the street.

[1] https://wiki.qt.io/Strings_and_encodings_in_Qt
[2] https://bugzilla.gnome.org/show_bug.cgi?id=767218

Change-Id: Ibc90d235742134cb42dd796ba529699bcbbe3ad0
Reviewed-on: https://code.wireshark.org/review/15821
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

diameter (3GPP): Fix Dead Store (Dead assignement/Dead increment) Warning found by Clang

Change-Id: Iaa74265df66455528c86658a26812876574a904a
Reviewed-on: https://code.wireshark.org/review/15927
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Update to the latest config.guess and config.sub

Change-Id: Id493fb3b79326b522a3a11c3258531683f159187
Reviewed-on: https://code.wireshark.org/review/15924
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ZigBee: add support for inter-pan transmissions.

Added dissection of inter-pan nwk and aps stub to be used to decode ZLL commissioning cluster.

Change-Id: I871016a93854f1caf2f14f2f84e5397de5f1e2ff
Reviewed-on: https://code.wireshark.org/review/15918
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Remove Nmake build system

Change-Id: I3bd474f3cda9667dec66426b5729449953df3e61
Reviewed-on: https://code.wireshark.org/review/15777
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

Don't map the interface ID for records that don't pertain to an interface.

And revert to the previous behavior of map_phdr_interface_id(); that
change broke the mergecap tests when it was merging pcap files into a
pcapng file.

Change-Id: I2e079b0e87dce06e98faa9ab7615f9b9b2701b77
Reviewed-on: https://code.wireshark.org/review/15932
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Win: convert atkversion.h to UTF-8

Change-Id: I7bfa9be11596cc9a3e1b0226c6865edf47e96782
Reviewed-on: https://code.wireshark.org/review/15931
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

qt: add initializer to ExpertPacketTreeWidgetItem (CID 1362746).

Change-Id: I8ca154907e01fb40affb9e5f5a0aaf55921c95db
Reviewed-on: https://code.wireshark.org/review/15926
Reviewed-by: Gerald Combs <gerald@wireshark.org>

zbee-nwk: don't THROW() an exception from a dissector

we already have an expert info, so we can just return the number of
bytes in the tvb

Change-Id: I6199760316d7ef141877bc8f65012d36e4dd357b
Reviewed-on: https://code.wireshark.org/review/15925
Reviewed-by: Anders Broman <a.broman58@gmail.com>

wtap: Make default_filter static

Address of stack memory associated with local variable 'default_filter'
is still referred to by the global variable 'filter_option' upon returning
to the caller. This will be a dangling reference.

Change-Id: I6160a37f05b8aea245b723ec50803e4062886738
Reviewed-on: https://code.wireshark.org/review/14427
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Display "IP DSCP" column as short text

Ping-Bug: 12429
Change-Id: I618b2017e161d89f0efa25ce2fb82a1808e8d315
Reviewed-on: https://code.wireshark.org/review/10701
Reviewed-by: João Valverde <j@v6e.pt>

androiddump: fix leak on --extcap-interfaces

extcap_base_register_interface duplicates the memory, so there is no
need to keep it around.

Change-Id: I2bac8be519b659504c512d4eb29be8f7ef6dbd59
Reviewed-on: https://code.wireshark.org/review/15919
Reviewed-by: Anders Broman <a.broman58@gmail.com>

win-setup.ps1: stop downloading user-guide; with CMake it is generated from source code

Change-Id: I3b015594bd6a6b0c41938ba17d5690c08e04f490
Reviewed-on: https://code.wireshark.org/review/15917
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

proto_tree_add_boolean -> proto_tree_add_bitmask_list_value

Change-Id: Ic644042d238b5f2abcd874bca92c6dea55804ba9
Reviewed-on: https://code.wireshark.org/review/15913
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

More Sysdig / system event support.

Add REC_TYPE_SYSCALL to wiretap and use it for Sysdig events. Call the
Sysdig event dissector from the frame dissector. Create a "syscall"
protocol for system calls, but add "frame" items to it for now.

Add the ability to write Sysdig events. This lets us merge packet
capture and syscall capture files.

Change-Id: I12774ec69c89d8e329b6130c67f29aade4e3d778
Reviewed-on: https://code.wireshark.org/review/15078
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Let the calculated window scale be 16 bit wide.

Even though TCP window scale shift is only 8 bits, the scale
calculated from it is max 16384. therefor a 16 bit value.
Let the tree item map to the single byte in the TVB, while
allowing the value to be 16 bit.

Bug: 12525
Change-Id: I41cebc62f6b8b09e13efa5f3b7432001e8d994e1
Reviewed-on: https://code.wireshark.org/review/15914
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Allow control of individual columns to be (un)writable.

Most protocols just want to limit COL_INFO or COL_PROTOCOL
so give that level of granularity.

Bug: 12144
Bug: 5117
Bug: 11144
Change-Id: I8de9b7d2c69e90d3fbfc0a52c2bd78c3de58e2f8
Reviewed-on: https://code.wireshark.org/review/15894
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

cmake: fix ENABLE_ASAN detection

Do not add -fsanitize=undefined when ASAN is requested, UBSAN is a
different feature (which could be added later as desired). This makes
the -DENABLE_ASAN=1 option match the autotools --enable-asan option.

Fail hard if ASAN support is requested but not supported, this avoids
surprises when something is wrong. Fix ASAN detection by setting the
linker option too.

Note: if you have previously set ENABLE_ASAN=1 with the broken ASAN
detection, you have to clear your CMakeCache.txt file to redo the
detection.

Change-Id: Iba6ca0da0336eccedd0cf31a251baad9d1aff5b4
Reviewed-on: https://code.wireshark.org/review/15908
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Change how dissectors do late-field-registration to avoid a double-registration
assertion.

If a dissector forces registration of fields during dissection it needs to do
so in a way that clears the prefix registration. Otherwise epan will call the
registration routine a 2nd time (which will cause us to assert out) if a user
types a display filter (with the dissector's prefix) that doesn't exist.

Update the proto_register_prefix() comments to reflect this.

Change-Id: I3ce29243395fb55192bb5dfd950baa88410ac136
Reviewed-on: https://code.wireshark.org/review/15881
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>

mount: fix a memory leak

don't copy the wmem-buffer from address_to_str() into a g_malloc()ed one
that is never freed

instead, realloc the wmem-buffer and add the nfs path to it

(nfs_name_snoop_add_name() will make a copy internally)

Change-Id: I4274a4a413c09f3f1d78beba65d94748ce185413
Reviewed-on: https://code.wireshark.org/review/15902
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

Clean up some messages.

We're checking for more than just a 64-bit off_t; we're checking for the
ability to do 64-bit seeks in files, even if, as on Windows, the APIs
are different.

Remove trailing white space and clean up some comments while we're at
it.

Change-Id: I6122b6d6b44ff5dd3a4d8268f9793193e65817ce
Reviewed-on: https://code.wireshark.org/review/15912
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix OSX buildbot

Dirty CORBA IDL dissectors must be compiled without -Werror option

Change-Id: I46431c635274399cd6d365a608cdc0aecbc59c95
Reviewed-on: https://code.wireshark.org/review/15911
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

dns_stats: generate stats just for pure dns (not mDNS, not LLMR).

The stats for mDNS and llmnr are pending. The change just resolves a bug
in the stats that are wrongly generated when the traffic is mDNS or LLMR.

Bug: 12492
Change-Id: Ie772e204d0ddea997dd8cbf609725605c8a507c8
Reviewed-on: https://code.wireshark.org/review/15897
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

proto(.h): fix '@return' command used in a comment that is attached to a function returning void [-Wdocumentation]

Change-Id: Ie0e502adcc8eb00f65ffa6c018d5b9d79655ddb7
Reviewed-on: https://code.wireshark.org/review/15907
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

FIX dissector - Improve Message info

Bug: 5350
Change-Id: I4b2d60549f9680bbc008a2abba5d7ec108f6bf22
Reviewed-on: https://code.wireshark.org/review/15905
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

CORBA IDL: compile dissectors with /Ox when using MSVC2013 x64

By default Windows files are compiled with /O2 optimization flag (that brings the best performance).
But MSVC2013 x64 compiler generates buggy code for CORBA IDL dissectors.
Let's downgrade the optimization to /Ox for those files specifically.

Bug: 12495
Change-Id: Ibbb532653808d915c82bd20b55dd9e68d86b1207
Reviewed-on: https://code.wireshark.org/review/15884
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Don't list "AVP" as a possible member of a grouped AVP.

There's no AVP named "AVP". And there's no need to tell Wireshark that any AVP
may put in the group (the RFC lists "AVP" for that purpose).

Change-Id: I3591af725ebe089e13eae7b712ef4404cb7924a2
Reviewed-on: https://code.wireshark.org/review/15906
Reviewed-by: Anders Broman <a.broman58@gmail.com>

packet.c: remove const compiler warning.

Change-Id: Ida9384dccb0e8bacbc9aad39515c3dae9c5ce563
Reviewed-on: https://code.wireshark.org/review/14768
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: fix crash when opening Expert Info dialog

g6ff19ff tried to access cinfo by following a chain of pointers from
expert_info. Access cinfo from cap_file_, which is more reliable. While
we are at it, let's explicitly check the pointer validity.

Change-Id: I0da72c5b1d2230a49c125a1b57c81c3115c4f2fb
Reviewed-on: https://code.wireshark.org/review/15901
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Give unique names to a bunch of reserved, experimental, etc., AVPs.

Also remove a bunch of AVPs that are unassigned/unallocated--there's no
real benefit to telling users that...

Change-Id: I1b18a11a1b65189d21520c74aae3dde77688e592
Reviewed-on: https://code.wireshark.org/review/15895
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Replace wlan_ignore_wep_ by wlan_ignore_prot_ and WLAN_IGNORE_WEP_ by WLAN_IGNORE_PROT_

Change-Id: I870cc1e5293dd6e1a1b71157987e27399e080a73
Reviewed-on: https://code.wireshark.org/review/15904
Reviewed-by: Jörg Mayer <jmayer@loplof.de>

tvbparse: change g_hash_table to wmem_map.

Change-Id: I245595051617f6d6333314240825a526adf19339
Reviewed-on: https://code.wireshark.org/review/15244
Reviewed-by: Michael Mann <mmann78@netscape.net>

addr_resolv: change g_hash to wmem_map.

Change-Id: Ice7533fbeac700dae0a46766838818a32b0d5736
Reviewed-on: https://code.wireshark.org/review/15051
Reviewed-by: Michael Mann <mmann78@netscape.net>