Public Git Hosting - wireshark.git/log

OCFS2: dissector incorrectly takes pdu length as little endian

This patch fixes incorrect endian conversion in pdu length.
Actually pdu length is big endian.

Ping-Bug: 12122
Change-Id: I9f8827293e684a5b4c957138f5879efdd140c500
Reviewed-on: https://code.wireshark.org/review/17533
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit c95c536f47fbf0daac4f6f6258ed8902766a9a3c)
Reviewed-on: https://code.wireshark.org/review/17548
Reviewed-by: Makoto Shimamura <makoto.shimamura@toshiba.co.jp>

Autotools: Distribute packaging/wix.

…otherwise you can't compile from the tarball on Windows.

Change-Id: I99c73b09d9468f0da753c05451fa54348680963f
Reviewed-on: https://code.wireshark.org/review/17544
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ISAKMP: Fix handling of cert requests without CA

Check IKEv1 Certificate Request Payloads for an empty
Certificate Authority field, which is allowed by RFC 2408.
Suppress dissection of this field if it is indeed empty.

Change-Id: Ifb997e460a4c12003215fde86c374cfc769c5d72
Reviewed-on: https://code.wireshark.org/review/17501
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 70f3737c3e4d9402cb2bb67cdd892e0e7e0ee991)
Reviewed-on: https://code.wireshark.org/review/17504

ERF: Fix dissector abort on short meta tags and typos

Fix dissector abort on short tags.
Fix value typo in hash mode enum.
Differentiate unexpectedly short value, zero length (deliberate invalid)
and off-end-of-record tags through expertinfo.
Continue to use proto_tree_add_*() length mismatch warnings for unxepectedly
long tags for now.
Change WWN tags to FT_BYTES for now as they are 16 not 8 byte WWN. Not
currently implemented outside Wireshark anyway.

Ping-Bug: 12303
Change-Id: I79fe4332f0c1f2aed726c69acdbc958eb9e08816
Reviewed-on: https://code.wireshark.org/review/17382
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit e2b0aa21ea0f5ed136e802546c9861f2e2609fd0)
Reviewed-on: https://code.wireshark.org/review/17494

S1AP: fix dissection of TransportLayerAddress IE when it contains both IPv4 and IPv6

Change-Id: I8c257d79b4e842da6853ea3c53ae479f33a8047a
Reviewed-on: https://code.wireshark.org/review/17491
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 87519e4c06260f78ecd55defb86bb20c3f4d7697)
Conflicts:
epan/dissectors/asn1/s1ap/s1ap.cnf
epan/dissectors/packet-s1ap.c
Reviewed-on: https://code.wireshark.org/review/17492

[Automatic update for 2016-09-04]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I2ff2a8a9f66f3c1e1ec26aa46b2f585c1794e19c
Reviewed-on: https://code.wireshark.org/review/17485
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ssl,http: rename http-over-ssl to http-over-tls

This name is displayed in the SSL prototcol tree (Application Data
Protocol: http-over-tls), rename to avoid possible user confusion.

Modify the SSL dissector such that both "http" and "http-over-tls"
invoke the same dissector function.

Change-Id: I2d52890a8ec8fa88b6390b133a11df607a5ec3dc
Reviewed-on: https://code.wireshark.org/review/17481
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 7c7497a77e30f8098bcaffd0a9c96be24855c0e8)
Reviewed-on: https://code.wireshark.org/review/17482

irda: restore a line removed by mistake in ge4c059f

Bug: 12821
Change-Id: If6423c7f8443eccd6ddb4b699bbc327a965d0d74
Reviewed-on: https://code.wireshark.org/review/17477
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 29a243d61cb1ae9d6eda404dad2038b85cfdb487)
Reviewed-on: https://code.wireshark.org/review/17479

Qt: Conversation time column updates.

Add a checkbox which lets you toggle between absolute and relative start
times. Use the local time for now. Fixes bug 11618.

Adjust our time precision based on the capture file's time precision.
Fixes bug 12803.

Bug: 11618
Bug: 12803
Change-Id: I0049d6db6e4d0b6967bf35e6d056a61bfb4de10f
Reviewed-on: https://code.wireshark.org/review/17471
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

gtk: fix compilation with GTK+ before 2.18

Removed in v1.99.2rc0-399-g43f09e6, but some includes are still needed.

Basically I looked for the functions defined in the
ui/gtk/old-gtk-compat.h header file that were in files below ui/gtk/.
Then I matched it against the removed part in the above commit and added
the header back at its old place. In two other cases, the header was
only needed for Windows.

If the above commit did not reference the file, I checked which function
was in use and added the header on top, removing redundant conditionals.

Reported and tested by a user of GTK+ 2.12.12 on top of v2.0.5.

Change-Id: I649eec1e5531070f88c99d893c4920306f56d849
Reviewed-on: https://code.wireshark.org/review/17371
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 77ae30ffc598a56e71e0f57e151d0b6801110b03)
Reviewed-on: https://code.wireshark.org/review/17438

Pacify GTK checkAPIs.pl warnings.

Add "Wireshark" macros to old-gtk-compat.h for GTK APIs that have been deprecated.
The macros are setup by version number to limit their proliferation (not that I
suspect much development will really be done there since GTK is deprecated).
Just want to make buildbots happy for the time being.

Change-Id: I095f850065166a0bc2e2456fb2e886ab64fdd97d
Reviewed-on: https://code.wireshark.org/review/16635
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit ee7f9c33f63532bc69899a0750177756be53c0c1)
Reviewed-on: https://code.wireshark.org/review/17437
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Qt: Preserve capture filter when preferences changed

Avoid that the last entry from recent.capture_filter is added to the
capture filter combo when editing preferences or changing profile.

This bug was introduced in gb7897dde.

Change-Id: I38a32386765c9e7ffaa93d006ff0ef7b78ac8252
Reviewed-on: https://code.wireshark.org/review/17453
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 770aaf1dde2c57687beb0ebe9a3af9003c3c2c14)
Reviewed-on: https://code.wireshark.org/review/17468
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

diam_dict.l: remove use of strdup

This should fix crashes on Windows, _strdup should not be mixed with
g_free. This was only uncovered in v2.3.0rc0-474-ga04b6fc, before that
ddict_free was never called.

Change-Id: I34111385c82715de70fb42fe44b99b89e132a374
Reviewed-on: https://code.wireshark.org/review/17423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 5c2d82a6c24a06da0132fb7bd493ce4e58594f0d)
Reviewed-on: https://code.wireshark.org/review/17466

xml: fix some memleaks

No more memleaks reported for the attachment in bug 12790 :-)

Change-Id: I8472e442143b332edfacdf9ef3b8b893f1ec4386
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17365
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 961f743d69b323aa217a6b39184485d6a0bfb2d5)
Reviewed-on: https://code.wireshark.org/review/17465
Reviewed-by: Guy Harris <guy@alum.mit.edu>

diameter: fix 400kb leaked memory on exit

Before:

    SUMMARY: AddressSanitizer: 399684 byte(s) leaked in 17208 allocation(s).

After addressing to-do by calling ddict_free:

    SUMMARY: AddressSanitizer: 3024 byte(s) leaked in 256 allocation(s).

After fixing all remaining leaks cases in the flex file for diameter:

    SUMMARY: AddressSanitizer: 735 byte(s) leaked in 58 allocation(s).

Not bad huh :-)

Ping-Bug: 12790
Change-Id: I0c730ad77ae15c69390bc6cf0a3a985395a64771
Reviewed-on: https://code.wireshark.org/review/17364
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit a04b6fcb3db901734ed948134c973996786be8b7)
Reviewed-on: https://code.wireshark.org/review/17464
Reviewed-by: Guy Harris <guy@alum.mit.edu>

tvbparse: fix memleak

Use same wmem_epan_scope() as "w" (tvbparse_wanted_t).

Change-Id: I73fdb1fb3b55a91b7bb0fc36e435024c6f0b3d73
Ping-Bug: 12790
Reviewed-on: https://code.wireshark.org/review/17361
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 0bae8424fe651ea5de1f7e160666781e60ce3c86)
Reviewed-on: https://code.wireshark.org/review/17463
Reviewed-by: Guy Harris <guy@alum.mit.edu>

pcapng: do not leak blocks

pcapng_open and pcapng_read have 'wblock' allocated on the stack, so if
they return, they do not have to set wblock.block to NULL.

pcapng_read_block always sets wblock->block to NULL and may initialize
it for SHB, IDB, NRB and ISB. Be sure to release the memory for IDB and
ISB. It is better to have more wtap_block_free calls on a NULL value
than missing them as this would be a memleak (on the other hand, do not
release memory that is stored elsewhere such as SHB and NRB).

Ping-Bug: 12790
Change-Id: I081f841addb36f16e3671095a919d357f4bc16c5
Reviewed-on: https://code.wireshark.org/review/17362
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 14312835c63a3e2ec9d311ed1ffee5285141f4f9)
Reviewed-on: https://code.wireshark.org/review/17462
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Clear open files list when clear recent menu

Remove all recent files from the main welcome page when clearing
recent files from the menu.

Change-Id: Ic410a729e63d82ee58b6bbb31f7e4a658b17d794
Reviewed-on: https://code.wireshark.org/review/17456
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit fb7a60e611b4cea46978d4f2452fe9ad7a1916ed)
Reviewed-on: https://code.wireshark.org/review/17460

Qt: Add newly saved files to the recent files

Update the recent files list when saving unsaved capture files.

Change-Id: I469fa1f2ce3216c66de328c0b3558c9f9db115e0
Reviewed-on: https://code.wireshark.org/review/17459
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

CMake: Move version declarations to the top of CMakeLists.txt.

This lets me be more lazy during releases.

Change-Id: Ie321454db362e08c7420943a1b07a53599818b7e
Reviewed-on: https://code.wireshark.org/review/17451
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

gtk: fix 32-bit build

32-bit glib before 2.31.2 expand GUINT_TO_POINTER(x) as (gpointer)x.
add explicit cast since curr_layer_num is 8 bits. Fixes
v1.99.10rc0-179-g1d7bcb2.

Storing a 64-bit integer into a 32-bit pointer makes the compiler
complain. Add explicit cast. Fixes v1.99.1rc0-76-ged0b19b.

Change-Id: I75fdf17882a0f5ddce7d3b3e74b1bf80ff6cd4ae
Reviewed-on: https://code.wireshark.org/review/17417
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit e3c3d7a4afeeb8bc0519717e6c85c038fb99170a)
Reviewed-on: https://code.wireshark.org/review/17435

erf: fix build against older glib

Commit v2.1.0rc0-2561-g3db7b1e started using g_int64_equal which does
not exist before glib 2.22. Note that master requires 2.22 and does not
need this fix.

Change-Id: Ie89432a6cd688b89dd346ce5cdecf96a76e92692
Reviewed-on: https://code.wireshark.org/review/17395
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

OSSP: Retrieve OUI at proper offset in packet

Bug: 12801
Change-Id: Ic70f0d93bbffc99ceacf6b2963b04d7477e4914b
Reviewed-on: https://code.wireshark.org/review/17425
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit cb2f8fc8914b89d7455a4a7f5e99b9de64f32556)
Reviewed-on: https://code.wireshark.org/review/17429

2.2.0rc2 → 2.2.0rc3.

Change-Id: I1c4f6a2857534aff6cfb01d7102edbd8140e759d
Reviewed-on: https://code.wireshark.org/review/17427
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Build 2.2.0rc2.

Change-Id: I7b6db7384303aaa41fc164a20da1f634b1d3cbff
Reviewed-on: https://code.wireshark.org/review/17424
Reviewed-by: Gerald Combs <gerald@wireshark.org>

autotools: really disable warnings by default

The v2.2.0rc1 release tarball accidentally enables warnings as errors,
this led to build failures due to warnings that occur on 32-bit builds.

Change-Id: Ib12f5762e9b30a681b193014ed78dc73bc794b0f
Reviewed-on: https://code.wireshark.org/review/17420
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ipv6: fix build with old 32-bit glib headers

glib versions before 2.31.2 expand GUINT_TO_POINTER(x) as (gpointer)x
instead of (gpointer)(guint)x, resulting in these errors:

packet-ipv6.c:2129: error: cast to pointer from integer of different size
packet-ipv6.c:2185: error: cast to pointer from integer of different size

Change-Id: I1b25060ed329ce05e4f1ab75e32a56feda8e3435
Reviewed-on: https://code.wireshark.org/review/17401
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>

Use "ecatf" as the protocol name, to parallel everything else.

The fields have names beginning with "ecatf.", the dissector is called
"ecatf", and it's only the frame layer of EtherCAT anyway, so just call
it "ecatf".

Change-Id: I2f127363fd115c307f0525f612fe184a30d46c55
Reviewed-on: https://code.wireshark.org/review/17406
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit d78197955050f0ddf4a91379018f41b58923c56b)
Reviewed-on: https://code.wireshark.org/review/17407

Don't do any Decode As stuff for dissector tables not used with Decode As.

Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.

When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.

For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.

This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.

Change-Id: I4e98bfe0061f1014cd7ffdf4c51d9b6e8a2a5689
Reviewed-on: https://code.wireshark.org/review/17405
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Support Decode As for {SSL,TLS}-over-TCP.

We register dissectors for "Decode As" for {SSL,TLS}-over-TCP, so we
should actually set up the "Decode As" stuff for it.

Change-Id: I2a738667efdec1007069df74885a4fe8fc3fcbab
Reviewed-on: https://code.wireshark.org/review/17400
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit afa2605e4359509a8e188f3d7ae118246e9e0ac7)
Reviewed-on: https://code.wireshark.org/review/17404

RTPS: Allowing duplicates in the rtps.type_name table

Change-Id: Ie7a35b0bb3275a0895fad646bf9a81406eadf37c
Reviewed-on: https://code.wireshark.org/review/17393
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 1dbd2216edfe34e3dbb1f8967d325e7fa00ecb51)
Reviewed-on: https://code.wireshark.org/review/17403

time_util: fix -Wshadow issue

time_util.c was already fixed, but the header was missing the change,
breaking the build on a very old compiler.

Change-Id: I95685c9a3e25dcb7567f2551b92f20c8792a6e47
Reviewed-on: https://code.wireshark.org/review/17384
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit a892c90367a9f1b1d3d962cfe958174b8fefcaee)
Reviewed-on: https://code.wireshark.org/review/17390

Avoid colliding with the (old) UNIX stime() system call.

Rename "stime" to "sys_time", and, for consistency, do the same with
"utime". This failed when I tried a build on an Ubuntu 12.04 LTS
machine.

Change-Id: Ib955b723506346aa742db0de4d26dc157bcd4fc8
Reviewed-on: https://code.wireshark.org/review/16935
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 66711eb2612ddc7f523b7cc5990e1674a755cb00)
Reviewed-on: https://code.wireshark.org/review/17389
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Use correct relative path.

The build is done in epan/wmem, so libwsutil.la is in ../../wsutil.

Change-Id: I053f6b925829e9c5e9ded014fbc716abc527b46a
Reviewed-on: https://code.wireshark.org/review/16790
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit c2ac9c5c0316a27f54830fae0b70cf7825c6d99c)
Reviewed-on: https://code.wireshark.org/review/17388
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

ifdef out a variable used only on Windows.

Also, fix identation - tab stops are set every 8 spaces, not every 4
spaces, in UN*X, which is why the mode lines specify that.

Change-Id: If7cfc2cdae26feb2d5c13e31a32ed950354fb15b
Reviewed-on: https://code.wireshark.org/review/16789
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit f6322a4977181103431637703f11649e5023d6b0)
Reviewed-on: https://code.wireshark.org/review/17387
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Add string function times to wmem_test.

The system, GLib, and wmem string functions can perform differently,
particularly on Windows. Start adding performance tests to wmem_test so
that we can see the differences.

With this change applied "wmem_test --verbose" prints out the following
on a Windows 7 x64 VM here. wmem_test is linked against GLib 2.4.20.

(MINPERF:g_printf_string_upper_bound (via g_snprintf) 1 string: u 327.602 ms s 0
.000 ms)
(MINPERF:g_printf_string_upper_bound (via g_snprintf) 5 strings: u 1419.609 ms s
0.000 ms)
(MINPERF:g_printf_string_upper_bound (via g_snprintf) mixed args: u 1606.810 ms
s 0.000 ms)
(MINPERF:_snprintf_s upper bound 1 string: u 124.801 ms s 0.000 ms)
(MINPERF:_snprintf_s upper bound 5 strings: u 140.401 ms s 0.000 ms)
(MINPERF:_snprintf_s upper bound mixed args: u 124.801 ms s 0.000 ms)
(MINPERF:g_strdup_printf 2 strings: u 702.005 ms s 0.156 ms)
(MINPERF:g_strconcat 2 strings: u 78.000 ms s 0.000 ms)
(MINPERF:g_strdup_printf 5 strings: u 1419.609 ms s 0.156 ms)
(MINPERF:g_strconcat 5 strings: u 93.601 ms s 0.156 ms)
(MINPERF:wmem_strdup_printf 2 strings: u 343.202 ms s 0.312 ms)
(MINPERF:wmem_strconcat 2 strings: u 93.601 ms s 0.468 ms)
(MINPERF:wmem_strdup_printf 5 strings: u 327.602 ms s 8.268 ms)
(MINPERF:wmem_strconcat 5 strings: u 62.400 ms s 3.432 ms)

Change-Id: Id9b23918829db1719d141e7f830b9eba6245a25b
Reviewed-on: https://code.wireshark.org/review/14857
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 183d7f3b78de30581390244a72c6ab328e6338f0)
Reviewed-on: https://code.wireshark.org/review/17386
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

extcap: Remove g_spawn_check_exit_status

This function is not supported in the min GLIB version, therefore
the code is to be removed

Change-Id: Ie39170bfc0662e5a477cbc45d7eadebcf2c70d4e
Reviewed-on: https://code.wireshark.org/review/16827
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
(cherry picked from commit d62ad9dd47d368f7545c3cc91f44ecc07476d2e1)
Reviewed-on: https://code.wireshark.org/review/17383
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>

Don't use a no-longer-extant variable.

Change-Id: I41c1a37248335d983da58b0b657a28ec521be290
Reviewed-on: https://code.wireshark.org/review/17378
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 8e9b6f4abe06a32bb5c8e8842403c4cf8dccd765)
Reviewed-on: https://code.wireshark.org/review/17379

tap-iostat.c: ensure that interval is set to its maximum value when using 0

Otherwise the statistics will be wrong if the capture duration is greater
than G_MAXINT32 and it the user specifies an interval of 0

Bug: 12778
Change-Id: I83a0f627ec0bb7c535446c17afa486835091ab8b
Reviewed-on: https://code.wireshark.org/review/17367
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 24fd16d86553279ca3fe8f651d85cace14edfc6c)
Reviewed-on: https://code.wireshark.org/review/17369

[Automatic update for 2016-08-28]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I582a41fbd6f895572b3c5822cf04fb3c5fb03c2b
Reviewed-on: https://code.wireshark.org/review/17359
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ISAKMP: fix # of SPIs field name in Delete payload

Fix the "Number of SPIs" field name in the Delete payload.
References: RFC 2408, RFC 7296

Change-Id: I205fb830275fc011e6605fdae53c6b9141e1628b
Reviewed-on: https://code.wireshark.org/review/17353
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 294fcd11bfc2a76306e0c6ea8e8f53445df940cf)
Reviewed-on: https://code.wireshark.org/review/17356

Qt: Support "Resolve Names" with multiple custom column fields

Make "Resolve Names" enabled if at least one of the custom column
fields can be resolved.

Change-Id: I702471be5d90c91f71209923e6abcc6921dca850
Reviewed-on: https://code.wireshark.org/review/17350
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 5fe3e6af39fc55650ff9563906d016aa7becbaf1)
Reviewed-on: https://code.wireshark.org/review/17351

QUIC: Fix some typo (copy/paste error) on GOAWAY/CONNECTION_CLOSE Frame

Issue reported by Lucas Perdue

Change-Id: I9c4ede6ba2fb0303aab05f1d59835e5a8b386a3e
Reviewed-on: https://code.wireshark.org/review/17340
Reviewed-by: Lucas Pardue <lucas.pardue@bbc.co.uk>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit df28c8266ff9ebc404fd53408050c507a442ac04)
Reviewed-on: https://code.wireshark.org/review/17349
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

qt: fix crash on Search Packet while redissecting

Before redissection, PacketList::freeze() is called which clears the
model. This results in a NULL-deref when pressing Ctrl-F (Packet
Search) or Ctrl-G (Go To Packet). Reproducer: in a large capture file,
enter some display filter (e.g. "udp") and immediately press Ctrl-F.

Thanks to Github user SNAPESNATCH for the initial report via IRC that
included a helpful stack trace on Windows.

Change-Id: If7334d6df4e9591fb1f2a52e3e2f837285b2959f
Reviewed-on: https://code.wireshark.org/review/17326
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 09be46361bab677842cc598405cbc7a44b974f1f)
Reviewed-on: https://code.wireshark.org/review/17342

xmpp/xml: Store item length in xml_frame.

The created XML proto_item can be faked (if not visible and not referenced),
so ensure we store the correct item length to be used in XMPP.

This will avoid an invalid "Malformed Packet" for some XMPP packets.

Change-Id: I79d805b725dbeb93f26a38b72bdcc84187aee16f
Reviewed-on: https://code.wireshark.org/review/17324
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit ce9a4b212ec7b75985cef3b9ab362808e6fd25c5)
Reviewed-on: https://code.wireshark.org/review/17338
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Handle ETH_P_CANFD as well as ETH_P_CAN.

Both of them need to have the CAN ID/flags field of the header
byte-swapped as necessary to make sure it's in the *reading* host's byte
order, not the *writing* host's byte order, if the two are different.

Change-Id: Iac1589fdd9fe4d9ee6fbac8d821b48694d68919b
Reviewed-on: https://code.wireshark.org/review/17333
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 17f977ec5695259ec02c7e6e4cd24e3e2ed263c1)
Reviewed-on: https://code.wireshark.org/review/17334

One more change for the removal of LINKTYPE_SOCKETCAN_HOSTENDIAN.

Change-Id: If1615e23efa30119fff5eb2935335c2cde34b89e
Reviewed-on: https://code.wireshark.org/review/17330
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 27372ca7379b3ff5cccf1488d96a72d06dfba0d1)
Reviewed-on: https://code.wireshark.org/review/17331

Go back to having only one SocketCAN LINKTYPE_ value.

Libpcap just backed out the "host-endian" SocketCAN LINKTYPE_ value; we
don't need it any more.

Change-Id: I33a7dc21207a0009e20b4abaefe1119eb649c39a
Reviewed-on: https://code.wireshark.org/review/17327
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit c8157aa6b4afdbc2f84779ffbeea4f8d3bdc8666)
Reviewed-on: https://code.wireshark.org/review/17328

Documentation with unset license is under project's license (GPL-2+)

doc/idl2deb.pod is licensed explicitly under GPL-2+ it is just
not recognized by the check.

Change-Id: Iabc7ee6bd6fe9080d6cdd28a29bb4c5f97b0ece9
Reviewed-on: https://code.wireshark.org/review/17268
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
(cherry picked from commit 40ac3c86825d4a15e585035fbae6e9a86424ee4e)
Reviewed-on: https://code.wireshark.org/review/17283
Reviewed-by: Michael Mann <mmann78@netscape.net>

Fuzz test: Make Valgrind error detection more verbose.

When we set VG_ERR_CNT=1 print the reason.

Change-Id: Icb8f2a1e7074044521873b116fc891cc4be4b204
Reviewed-on: https://code.wireshark.org/review/17286
Reviewed-by: Gerald Combs <gerald@wireshark.org>

isakmp Fix IKEv2 modification UAT crash

Problem is that not all fields of UAT are updated on change (only those
defined in UAT definition with ikev2_uat_flds, specifically pointers to
encr_spec and auth_spec in ike2_decr_data_t were set to NULL.

Fixed by re-setting pointers after update table callback was called.

Also fixed memory leaks after UAT modification.

Bug was partially resolved with change
Ibdab979b5959eb561635cbcb446e17138baca87b
https://code.wireshark.org/review/17078

which eliminated crash, but decryption still didn't work after UAT
modification (DISSECTOR BUG was displayed).

Bug: 12748
Change-Id: I8209edd8e214d62e34b641fdd2e046b9ff4c95eb
Reviewed-on: https://code.wireshark.org/review/17249
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 505bcefd20501ae0811f6074f2113b52788d78c5)
Conflicts:
epan/dissectors/packet-isakmp.c
Reviewed-on: https://code.wireshark.org/review/17299
Reviewed-by: Michał Skalski <mskalski13@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>

ISAKMP: Fix Result of operation is garbage or undefined found by Clang Analyzer

Change-Id: I47233968dfc87494b3c959896622db5cd31244a7
Reviewed-on: https://code.wireshark.org/review/17065
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Mirko Parthey <mirko.parthey@web.de>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 3c8f657e01f1548fbf9cc5740374552aa8c6fdc6)
Reviewed-on: https://code.wireshark.org/review/17267
Reviewed-by: Peter Wu <peter@lekensteyn.nl>

Fix IKEv1 decryption and initialization vectors

Generate initialization vectors during Wireshark's first pass,
in order to improve reliability and efficiency. (bug #12699)
Remove a dissection shortcut in first pass to allow early analysis
of the transform payloads, which is needed to find out the crypto
algorithms.

Introduce a hash table to store an IV per message ID. (bug #12610)
Fix handling of the initial phase 1 IV. (bug #12620)
Cache IVs as per-packet data instead of a list.

Use the wmem allocator to avoid memory leaks.
Ensure libgcrypt resource cleanup on error paths.

Rely only on IKE attributes to find the decryption algorithm,
do not consider the length of the user-configured secret at this point.

Split code into small functions.

Ping-Bug: 12610
Ping-Bug: 12620
Ping-Bug: 12699
Change-Id: I7137943da42d54816808312cd1716a7e05478cbb
Reviewed-on: https://code.wireshark.org/review/16846
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 561a2f056bd76bfcb4f89a05542ffce32eed5049)
Reviewed-on: https://code.wireshark.org/review/17198
Reviewed-by: Mirko Parthey <mirko.parthey@web.de>

ISAKMP: fix DOI field read size

Read 4 bytes from the packet instead of 1 because that is the
correct size of the DOI field.
Reference: RFC 2408

Change-Id: I5745363811bb46af307a925d688ec36cfb29984b
Reviewed-on: https://code.wireshark.org/review/17271
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 0fcca6f0c8392b16ebfefdc69086d02e1dba2c7e)
Reviewed-on: https://code.wireshark.org/review/17295

call_heur_dissector_direct: do not trigger an assert if heuristic dissector rejects packet

This can happen for example is the heuristics changed between the Wireshark
version used to export PDUs, and the one used to open the file.
Instead, call data dissector.

Change-Id: I29f7754f883fd710c3557a610583ef988ca13e43
Reviewed-on: https://code.wireshark.org/review/17280
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 2095b325998f1da06a4e80efeb186ec99d6e39ed)
Reviewed-on: https://code.wireshark.org/review/17294
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

SCSI: Mode Sense 10: Wrong block descriptor length

Issue reported by Sharon Samuel Enoch

Bug:12780
Change-Id: I94ad5355cdfa4d8cd3915c9e261931ff56dc765b
Reviewed-on: https://code.wireshark.org/review/17272
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 20908f55f6c93fb79fbd39e60affa2d4428b4951)
Reviewed-on: https://code.wireshark.org/review/17292

[lg8979] - Fix dissection of 'Analog Group Change Report' Responses (FC2)

They follow the same dissection as normal 'Analog Change Report' Responses (FC0)

Change-Id: I854084f43fd0cc52ba02b6f1e760a63033ab48dd
Reviewed-on: https://code.wireshark.org/review/17270
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
(cherry picked from commit e11d4a891373c0f47062dd526a1f5ff6baa09ba6)
Reviewed-on: https://code.wireshark.org/review/17281

IPMI: do not use col_set_str with non const strings

Bug: 12782
Change-Id: Ia082ccf5355d7f8dd6073861c59c804fecc96266
Reviewed-on: https://code.wireshark.org/review/17289
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 5213496250aceff086404c568e3718ebc0060934)
Reviewed-on: https://code.wireshark.org/review/17290

Update the release notes.

Add missing new protocols, move a "what's new item", add a bug.

Change-Id: I84e4cf36591a503d96032c6be9ba14bdc0dc016c
Reviewed-on: https://code.wireshark.org/review/17273
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

MAC LTE: fix dissection of CE Mode A RAR message

The Msg3 PUSCH narrowband index parameter depends on the UL bandwidth

Change-Id: Ib57c85ffbd4c108e9c8f3d14fa53a48f0df1b0e6
Reviewed-on: https://code.wireshark.org/review/17274
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 12cae9dc80a09ba0ed75b421d328143ac98a298b)
Reviewed-on: https://code.wireshark.org/review/17276

checklicenses: Fix a FIXME

We do not whitelist GPLv2 only code because of the
incompatibility with GPLv3.

Move the path exception to its proper place. These files are
dual-licensed in the sense of "choose one or the other", not
"both licenses are in use".

If the exception becomes unnecessary later it can be removed,
but let's get rid of the FIXME until then.

Change-Id: Ia040284b72c2ff6588b0544896cc37ae19a61613
Reviewed-on: https://code.wireshark.org/review/16957
Reviewed-by: João Valverde <j@v6e.pt>
(cherry picked from commit e3009b0b1c78b25337c915fb66232314f769688c)
Reviewed-on: https://code.wireshark.org/review/17264
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Move airpdcap's print_debug_line() to airpdcap_debug.h

It saves a little on file pollution and the g_warning call isn't
bothered in the header file.

Change-Id: Ia9bdd96d9d93bbba6811769c4e6e1ed9124c2e5a
Reviewed-on: https://code.wireshark.org/review/16698
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 9a73978ba5bbb78026721500aaf332f53e19d0cd)
Reviewed-on: https://code.wireshark.org/review/17266
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

isakmp: fix type confusion

Caught by ASAN with WIRESHARK_DEBUG_WMEM_OVERRIDE=simple set.

Manually inspection of all type casts to decrypt_data_t and
ikev2_decrypt_data_t showed no other users that do not check
isakmp_version first.

Change-Id: If889afff85a20e31222d33cbea8db3a91a77f389
Reviewed-on: https://code.wireshark.org/review/17246
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michał Skalski <mskalski13@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 52910f4e3fa7d771a671cd30bd5320d70aee3eec)
Reviewed-on: https://code.wireshark.org/review/17260
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

debian: Fix libwscodecs' symbols file

Change-Id: I168a630643fc7a6cbc27d7879006d31acca30e37
Reviewed-on: https://code.wireshark.org/review/17263
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>

debian: Refresh patches

Change-Id: I7b756f3f88e664687602be6ced77f0d9a29a1238
Reviewed-on: https://code.wireshark.org/review/17262
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

debian: Make wireshark-common depend on proper libwiretap package

Change-Id: I251f4807732fc091629899b6c792bc53a43d3e64
Reviewed-on: https://code.wireshark.org/review/17261
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

See if *this* convinces the compiler that valuelen and value will be set.

Change-Id: I2a7715ac3255502f244a0d0a7e588b3a44c34f11
Reviewed-on: https://code.wireshark.org/review/17258
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit bee0cd776219fc3cd6ac6a932a1d25b944c299a0)
Reviewed-on: https://code.wireshark.org/review/17259

Fix handling of parameters with no value.

Return a value length of 0 if there's no parameter value.

(And don't return anything if the pointers through which we return them
are null.)

If no value is present, return NULL from ws_find_media_type_parameter().

Change-Id: I32b57623d7651bcf065af5b81f2390a600988b21
Reviewed-on: https://code.wireshark.org/review/17255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit ff00166a96d887e03899577caae3a355c26b0837)
Reviewed-on: https://code.wireshark.org/review/17256

Add cast to squelch "building with a C++ compiler" warnings.

Change-Id: Ia95c40096018479aec99fafd93d7b95d31ba4723
Reviewed-on: https://code.wireshark.org/review/17253
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 4458c48cf4b94da8626361499a044d7c8c096538)
Reviewed-on: https://code.wireshark.org/review/17254

Handle quoted-pairs in quoted-strings correctly.

Backslash, in a quoted-string, escapes quotes (and any other characters,
although the only ones that *need* escaping are a double-quote and a
backslash).

This means that the value of a parameter isn't just the raw characters
from the parameters string; for a quoted string, it needs to be
un-escaped, and for a *non*-quoted string, it has to stop at the first
non-token character (you can put comments in). So
ws_find_media_type_parameter() must return an allocated string with the
actual value.

Get rid of index_of_char(); it doesn't do anything that strchr() does.

Change-Id: I36328ea71c28fe6ac4918a8e73c281a25f6be844
Reviewed-on: https://code.wireshark.org/review/17251
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 0b3a96222b39ea4df1fdc899a950c50ec56a1077)
Reviewed-on: https://code.wireshark.org/review/17252

2.2.0rc1 → 2.2.0rc2.

Change-Id: I8272c2a8eb05fd5215999657728f56cf09950920
Reviewed-on: https://code.wireshark.org/review/17248
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Build 2.2.0rc1.

Change-Id: Ie10bd263ed766273c279c9dc52062aed4bdac0b5
Reviewed-on: https://code.wireshark.org/review/17244
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Temporarily disable IKEv1 tests.

Temporarily disable the "IKEv1 Decryption (simultaneous exchanges)" and
IKEv1 Decryption (unencrypted phase 1) tests. The code that fixes them
hasn't yet been backported.

Change-Id: I9904f057cc6ea5651865b2db87b37d81b6bf117d
Reviewed-on: https://code.wireshark.org/review/17243
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ipp: fix typo indent

Change-Id: Ibc44ab1e009f2dc07258b702f0e08aced38a66e2
Reviewed-on: https://code.wireshark.org/review/17223
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 3f4ef54776cc9216ad1d633723e8984018b4deba)
Reviewed-on: https://code.wireshark.org/review/17242
Reviewed-by: Guy Harris <guy@alum.mit.edu>

ERF: fix no previous prototype for 'erf_ts_to_nstime/dissect_relative_time/dissect_ptp_timeinterval' [-Wmissing-prototypes]

Change-Id: I21ee4f8850f63de3a7fa91ed9e8a426c82a9d62e
Reviewed-on: https://code.wireshark.org/review/17143
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 26464b028baac61102fea77b7ae6f19755c2359e)
Reviewed-on: https://code.wireshark.org/review/17241
Reviewed-by: Gerald Combs <gerald@wireshark.org>

packet-erf.c: Pacify OS X buildbot.

Change-Id: I6ec30e77eac91d1b02eaddada75741b2063426f2
Reviewed-on: https://code.wireshark.org/review/16812
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 9489c80949dcf027be99b6e493b79aeef4e29ab5)
Reviewed-on: https://code.wireshark.org/review/17240
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ERF: Add ERF_TYPE_META clock tags

Adds various clock configuration related tags.
Uses ptp_v2 value strings exported from packet-ptp.

Refactor out common ERF_TYPE_META bitfield code.
Also clean up field registration a bit.
Add flow_hash_mode enum, other minor wording cleanup.
Manually display relative timestamps as nanoseconds for <1ms.
Fix ns_host_* tag subtree summary field name duplication.

Ping-Bug: 12303
Change-Id: I76264d141f1c4a3590627637daa5dcd4fdfd2e93
Reviewed-on: https://code.wireshark.org/review/16782
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 94cb86a0ca62680ceb8565b4f0a716e48010d885)
Reviewed-on: https://code.wireshark.org/review/17238
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

PTP: Expose ptp_v2 value strings for use by other dissectors

Also rename ptp_v2 value strings in packet-ptp for better consistency.
TODO: could also be used and combined with definitions in packet-cip.

Change-Id: I84a9ae566ae6abdd95910cb5709bb63c2b7c26b8
Reviewed-on: https://code.wireshark.org/review/16781
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 765f3b53cfef707272652852639a9194c81f9c3d)
Reviewed-on: https://code.wireshark.org/review/17237
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Bump SOVERSION for upcoming 2.2.0 release

Change-Id: I3c9e3f42d32921288fbf38029d786d40d42ed017
Reviewed-on: https://code.wireshark.org/review/17236
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Gerald Combs <gerald@wireshark.org>

debian: Update symbols file with new symbols

Change-Id: I67ecc259128dfa90ba8b47fc040cdc9a38e264c5
Reviewed-on: https://code.wireshark.org/review/17235
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Make index_of_char() static again

Change-Id: I1c0d344c50ee5d78dd8247ccfe795ce0cd94aaa2
Reviewed-on: https://code.wireshark.org/review/17230
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
(cherry picked from commit ee0f94aaaec4cc35b463a94df601a83a23f7967e)
Reviewed-on: https://code.wireshark.org/review/17234

Rename find_parameter() to ws_find_media_type_parameter()

The symbols exported from libs should use less generic. preferably
prefixed names to avoid name collisions with other shared library
symbols.

Change-Id: I8323b3e194a7ee4d61baec0c007342fab6cbde84
Reviewed-on: https://code.wireshark.org/review/17229
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit c43b8b5ef95b7b2dc865d8b0df89222b224059ce)
Reviewed-on: https://code.wireshark.org/review/17233
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

wmem_array_index() returns a *pointer* to the array element.

The array is an array of guint8 *'s that point to strings;
wmem_array_index() doesn't return a pointer to the string, it returns a
pointer to a pointer to the string, and you have to dereference the
result of the wmem_array_index() call to get a pointer to the string.

Change-Id: I8c7b3320f0979b01383ad255419c21cdeb7df4c7
Reviewed-on: https://code.wireshark.org/review/17221
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit e83bdc67cc413c25321ae75792a2c92d55b6e544)
Reviewed-on: https://code.wireshark.org/review/17222

Get rid of trailing blank line.

Change-Id: I409a843b48983355c242708f6c9972bd8f337bf6
Reviewed-on: https://code.wireshark.org/review/17218
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit e1f11c97349dad879c3d3a875c289a195a8ba52c)
Reviewed-on: https://code.wireshark.org/review/17220

Pass an HTTP message type to all HTTP subdissectors.

This gets complicated, because those subdissectors might be called by
other dissectors as well. We need a better way of passing that sort of
out-of-bound information.

Pull some routines used for processing Content-Type parameters into
common code; we can't guarantee that the media parameters passed in
would be writable (passing it as *the* data hid that; passing a
structure with that *and* the HTTP message type revealed it), so don't
convert it to lower-case in place.

Use that information, if available, to determine whether an IPP message
is a requet or a response.

Change-Id: I4bccc9f05cd0b14ad445be7ab37b3d884d841325
Reviewed-on: https://code.wireshark.org/review/17216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 5825f59ddccb8af2b4a06356f61195dd26c977d7)
Reviewed-on: https://code.wireshark.org/review/17217

CDP: Don't read outside payload for Port ID

Check if tvb remaining length is greater than expected length.

Bug: 12767
Change-Id: Ia04b559432af417db519cfcfbec06e6010b496bf
Reviewed-on: https://code.wireshark.org/review/17208
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit dc42aadcac2636df4c15f8650b668503911e3017)
Reviewed-on: https://code.wireshark.org/review/17210
Reviewed-by: Michael Mann <mmann78@netscape.net>

[Automatic update for 2016-08-21]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I8a0cd33f827f67960d0f320fb5b56f7d8bdc4326
Reviewed-on: https://code.wireshark.org/review/17206
Reviewed-by: Gerald Combs <gerald@wireshark.org>

ISAKMP: Add regression tests

Add regression tests for bugs 12610 and 12620

Bug: 12610
Bug: 12620
Change-Id: I6325a3ccb3e27fd4d3be52190e8763737b99fe73
Reviewed-on: https://code.wireshark.org/review/17083
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 302660bf575fcb7b8423b9cfbdf32e58e3a14e94)
Reviewed-on: https://code.wireshark.org/review/17199

BOOTP: Catch undefined Client Identifier (Option 61)

[1] stats "A hardware type of 0 (zero) should be used when the value field
contains an identifier other than a hardware address (e.g. a fully
qualified domain name)."

This commit displays these other identifier.

[1] https://tools.ietf.org/html/rfc2132#section-9.14

Bug: 12766
Change-Id: I3d991164641b41fb95891b2f78411d2e98a22e0d
Reviewed-on: https://code.wireshark.org/review/17180
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
(cherry picked from commit 8f98f7ce67d23fbeb17a4a3fd75cb376a705300f)
Reviewed-on: https://code.wireshark.org/review/17200
Reviewed-by: Michael Mann <mmann78@netscape.net>

COAP: ensure that key_token is always initialized

Even when the token length is 0.

Bug: 12771
Change-Id: I0d77f0411fe90a6702d1f23ba9cd4b61433a5995
Reviewed-on: https://code.wireshark.org/review/17194
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 0a9e84264947c75bbe96d0b67cb2dbe0f521f3b8)
Reviewed-on: https://code.wireshark.org/review/17196

mongo: set on subtree when Empty Document

Change-Id: I2b6b7cf771ab7bc2f6dbc0aac5eddda2a9d2fb53
Reviewed-on: https://code.wireshark.org/review/17167
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 2557f033f5124ad5d777c0f8a93c80b2722a80bb)
Reviewed-on: https://code.wireshark.org/review/17170

Add a preference to byte-swap the CAN ID field.

This can be useful when dealing with 1) captures from versions of
libpcap without the bug fix to use DLT_CAN_SOCKETCAN_HOSTENDIAN when
appropriate and 2) DLT_CAN_SOCKETCAN_HOSTENDIAN captures if processed by
a machine with a different byte order from the capturing machine with
software that doesn't properly put the field into host byte order when
reading and writing.

Change-Id: Ia206e5c51aecccf2508cca01cff65a4feb379ac8
Reviewed-on: https://code.wireshark.org/review/17187
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit c06da45f3cea0263cfe2a02ee4294b754e5657df)
Reviewed-on: https://code.wireshark.org/review/17188

NLM: fix dissection of NLM_FREE_ALL message

The second parameter is the state, not the status as seen in C702 doc, page 159

Bug: 12764
Change-Id: I0a91a0e586c7663ace7c4c6b1044cafc1c0975ac
Reviewed-on: https://code.wireshark.org/review/17178
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 6cfb20da0dd5617c620e7f48f95e931c19a0dac4)
Reviewed-on: https://code.wireshark.org/review/17185

Do all data fetching in the appropriate byte order.

Change-Id: I481288b566c2b9888b3f068d2dbae1240fa2930e
Reviewed-on: https://code.wireshark.org/review/17181
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 9a0a7e50cf2f832d1f140e8d7db65efd18c6c0b0)
Reviewed-on: https://code.wireshark.org/review/17183

NAS EPS: fix dissection of multiple partial tracking area identity list

As reported on https://ask.wireshark.org/questions/54955/nas-tracking-area-identity-list-decoding-not-proper

Change-Id: I8c4ed1982e1d72136558fb381d2d15b15c9e376c
Reviewed-on: https://code.wireshark.org/review/17151
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit d1c763c3f68c764ed7da85c79c4b000e5dad7ffb)
Reviewed-on: https://code.wireshark.org/review/17161
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Adjust to the split of the SocketCAN encapsulation.

Change-Id: Ibbe97f15854163163ad2bdf3b425c63d4cbfed50
Reviewed-on: https://code.wireshark.org/review/17158
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 8963303df76537d9520a3e9c431cb420fdcd7707)
Reviewed-on: https://code.wireshark.org/review/17159

Handle the new LINKTYPE_CAN_SOCKETCAN_HOSTENDIAN.

Unfortunately, only one libpcap code path puts the CAN ID in the
SocketCAN header in network byte order; the others leave it in host byte
order.  Therefore, a new LINKTYPE_/DLT_ value was introduced, and
libpcap was changed to use that for the cases where the CAN ID is in
host byte order.  Support them both.

This means we need to, when reading pcap and pcapng files, fix up the
CAN ID if the host that wrote the file has a different byte order from
ours (as libpcap also now does).  This includes Linux "cooked" captures,
which can include CAN packets.

Change-Id: I75ff2d68d1fbdb42753ce85d18f04166f21736dd
Reviewed-on: https://code.wireshark.org/review/17155
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 95c4c432c43a07d8a43eae33591616145cabc57a)
Reviewed-on: https://code.wireshark.org/review/17156

fix endianess of rejoin source address

Change-Id: I71e6e2f569524642a24778ceef81c03fdc0f54c5
Reviewed-on: https://code.wireshark.org/review/17149
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 2a4d6f1b3caccc015a1d18ea3267233a5503c703)
Reviewed-on: https://code.wireshark.org/review/17154