Build 2.0.1. Second try.

Change-Id: I857f23daedb27a7a9ed01ec110a6bfe39f78e66e
Reviewed-on: https://code.wireshark.org/review/12929
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Revert "Qt: Remove usage of setWindowFilePath"

Follow up to ge0c78b4.

This reverts commit 7fed2f4304268a7558c42e406ba6a2bd5b6b0731.

Change-Id: Iac4c580c1a73480bf8014b84ec84676460fc874c
Reviewed-on: https://code.wireshark.org/review/12925
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Revert "Qt: Add support of gui.window_title"

It broke the OS X build.

This reverts commit 77a8f26bc2289ab3e5bef106ad419063eaaf34e8.

Change-Id: I3af5a4a2799518ac55c9d63ee3d07cbdcc0bc015
Reviewed-on: https://code.wireshark.org/review/12924
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Build 2.0.1.

Change-Id: Iddb9bb73ba7ba5309f52f478d1d40ebd9d4a470e
Reviewed-on: https://code.wireshark.org/review/12922
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: Add support of gui.window_title

Ping-Bug: 11102
Bug: 11691
Change-Id: I7b1673ffafcda644f4905265061ba11733dd91d3
Reviewed-on: https://code.wireshark.org/review/12650
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 6c42a103e81feef35c9a35571c5866ae644279cc)
Reviewed-on: https://code.wireshark.org/review/12920

Qt: Remove usage of setWindowFilePath

Change-Id: I29591709d88d1858e44c753d09e4a29d0f28ce53
Reviewed-on: https://code.wireshark.org/review/12781
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit f145108f5ead2bf764c50e6a6b27ce418d185ea5)
Reviewed-on: https://code.wireshark.org/review/12919

Update translations.

Change-Id: I90bd01b73d176005d6534906d6e7f004f0d67b3e
Reviewed-on: https://code.wireshark.org/review/12918
Reviewed-by: Gerald Combs <gerald@wireshark.org>

debian: Recommend libqt5multimedia5-plugins for wireshark-qt

This makes RTP Player actually play RTP stream using Qt, too.

Conflicts:
debian/control

Bug: 11918
Change-Id: I9a90f50ceeccc1f298bf1b0a8dcc7a9017107484
Reviewed-on: https://code.wireshark.org/review/12882
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-on: https://code.wireshark.org/review/12904
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

NAS EPS: fix a copy/paste error

Change-Id: I462c35f43baf1e90d47e301cc8d334bb3851d884
Reviewed-on: https://code.wireshark.org/review/12907
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>

Prep for 2.0.1.

Change-Id: I9dcf13e9493856727f958606c58b3964423149aa
Reviewed-on: https://code.wireshark.org/review/12901
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Qt: Add missing multi-field column validation

GTK already has it, but Qt forgot about it, so multi-field custom column
works ok if previously saved in GTK-shark. Invalid validation prevent from
modifying and saving multi-field custom column in Qt version.

This is a manual merge from 9bb3f6be without the field -> fields change.

Change-Id: I4f9ddecd468cf5521d3ed6b4d64f98c3b094c9e4
Reviewed-on: https://code.wireshark.org/review/12893
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: fix QString::arg: Argument missing: "PT=%u telephone/event" warning

Change-Id: If6065d0895a4bf8311badfff74bb1dff5841490d
Ping-Bug: 11918
Reviewed-on: https://code.wireshark.org/review/12881
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit a1c27ef7cf3686fae90b034bcad40c68dbc91fb1)
Reviewed-on: https://code.wireshark.org/review/12883

Sanity check column size to prevent allocating an unrealistic amount of memory.

Bug: 11931
Change-Id: I19fa2937a649382b3a2eda2c8192246e3e9d9e28
Reviewed-on: https://code.wireshark.org/review/12875
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[Automatic update for 2015-12-27]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: I00853ed4371029ca2bbf7774615925e376ada77a
Reviewed-on: https://code.wireshark.org/review/12877
Reviewed-by: Gerald Combs <gerald@wireshark.org>

[mp2t] adaptation_field_control for NULL packets should not be 0

just remove the wrong statement, I'll add some expert info later...

Bug: 11921
Change-Id: I1a4f2e32e9c7c32c54b251445f8750d7c3f5ab6f
Reviewed-on: https://code.wireshark.org/review/12850
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
(cherry picked from commit 1308189348b43e3ec1cfea13bc66060a844edd3d)
Reviewed-on: https://code.wireshark.org/review/12851

QUIC: Need also to increment tag_offset when tag_len is not zero

Change-Id: Id693f906bfbd03438de579755a4db7ee8dfcc474
Reviewed-on: https://code.wireshark.org/review/12843
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit e0bde412a0d56cbafddcc99fc2fcae93c88573d7)
Reviewed-on: https://code.wireshark.org/review/12849

QUIC: It is possible to have multiple CCS

Change-Id: I0b073d8ef5b004cf14e5236d210543c8eed7cde2
Reviewed-on: https://code.wireshark.org/review/12844
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 2247caf58b564bfb734828c5835ade6a1ed68071)
Reviewed-on: https://code.wireshark.org/review/12848

Plug memory leak in filter_expression_free

The list_head itself will leak in filter_expression_free(),
so ensure we also free this.

Change-Id: Ide6ef0c013d172b0c0120c744ce4ed46ee4321e0
Reviewed-on: https://code.wireshark.org/review/12837
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-on: https://code.wireshark.org/review/12839

ui: Plug memory leak in decode_build_reset_list.

The strings passed to decode_build_reset_list() is not freed, so
ensure we cleanup in decode_clear_all().

Change-Id: Ib68bde71403e260199482831272beb161fe033f9
Reviewed-on: https://code.wireshark.org/review/12836
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 976642ab0a6099010d08113fe4080010d39ab766)
Reviewed-on: https://code.wireshark.org/review/12838

ui: Optimize col_custom_prime_edt()

The col_item->col_custom_fields_ids list does not change between
packet so this can be initialized in build_column_format_array().

Change-Id: I171b583912dbd1568c3d85159fac1ab435dcaa7c
Reviewed-on: https://code.wireshark.org/review/12801
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-on: https://code.wireshark.org/review/12829
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

Qt: Plug memory leak in ByteViewText.

Each time we create a ByteViewText, which is twice when a packet is
selected, the menu items leaks.  Ensure we clear the items when done.

Change-Id: Idf0c7b82bf241120dd4c42ba85c56c0a2bf8db46
Reviewed-on: https://code.wireshark.org/review/12826
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 299717879554ee2fc7d06fedded6207cfdcd1f22)
Reviewed-on: https://code.wireshark.org/review/12830

DNS: fix malformed warning when there is no quest(ions)

Change-Id: I14ef5244ddcc34fc0edea159e3e8593da8f50ffe
Reviewed-on: https://code.wireshark.org/review/12819
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 66ce1e6811728bc68e42cc9fc2e92de188505f03)
Reviewed-on: https://code.wireshark.org/review/12822

Don't write out statistics if we don't have any.

We don't know when the capture started or ended (the time stamps of the
first and last packets aren't necessarily the time when the capture
started or ended), we don't know how many packets were dropped in the
capture process, and we don't know how many packets were seen in various
stages before they were received by whatever software dumped them out as
text, so we have no statistics to report.

Change-Id: Ic6de25242d2ea536f0f17a1a20a4e05cf03d8416
Reviewed-on: https://code.wireshark.org/review/12813
Reviewed-by: Guy Harris <guy@alum.mit.edu>

g_malloc the decrypted key in AES_unwrap(), but always free it.

It doesn't need to exist after AirPDcapDecryptWPABroadcastKey() returns.

Change-Id: Ifaf08dfb285be3cf54429f7b77d44565962d4450
Reviewed-on: https://code.wireshark.org/review/12808
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit a3e80157c830e75a8b7c5bae89dabd943c7bfc85)
Reviewed-on: https://code.wireshark.org/review/12809

g_mallocate the encrypted key, but free it in all paths out of the function.

It doesn't need to persist after the function returns.

Change-Id: Ic601a6ef6a0aa0f22f9c8b9a1c586cec95093f27
Reviewed-on: https://code.wireshark.org/review/12805
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 6ede7d4ba3d7acaf90846618afd0830a57511b64)
Reviewed-on: https://code.wireshark.org/review/12806

[airpdcap rijndael] use packet scoped wmem memory in AES_unwrap()

at the moment, AirPDcapDecryptWPABroadcastKey() does not free the buffer
allocated by AES_unwrap() if there's an error while parsing the returned data

this could be fixed by adding more g_free() calls or by using wmem
memory

Change-Id: I332968da2186fbd17cbb7708082fa701dcab668e
Reviewed-on: https://code.wireshark.org/review/12770
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

[SMTP] Combine username and password when base64 decoding fails or is disabled.

Also add expert info "hint" that base64 decoding may be disabled.

Bug: 11853
Change-Id: Ib2138ae0c70e22f311e1369c66816ff9d6fbdb82
Reviewed-on: https://code.wireshark.org/review/12734
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 3b39b1d226394dc013734b5cff349ad5166b94fb)
Reviewed-on: https://code.wireshark.org/review/12803

ui: Fixed column tooltip when having multi-field custom columns.

Change-Id: Iac09b841ff782ea351052ad6b20f5b4ff170e8e8
Reviewed-on: https://code.wireshark.org/review/12752
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-on: https://code.wireshark.org/review/12799

ui: Improved splitting custom column multi-field

Improved the custom column prime regex so that all fields must be
separated by "||" or "or" to avoid false positives when having
multi-fields which is valid display filters but not valid for
custom columns (e.g. "udp and tcp").

Change-Id: Iec9942d458d6b265d04e14b5966907f1de43b782
Reviewed-on: https://code.wireshark.org/review/12751
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit dc06d7f0f288a48621715fbd6cd61b02b17745f3)
Reviewed-on: https://code.wireshark.org/review/12797

Add COL_CUSTOM_PRIME_REGEX

Use this as a common regex to split multi-field custom columns.

Change-Id: I40f76743284c5981c95d2e47d6d1d2a7f357d2ea
Reviewed-on: https://code.wireshark.org/review/12753
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-on: https://code.wireshark.org/review/12796

Don't g_free() stuff allocated with wmem.

This syncs this file up with the trunk.

Change-Id: I14e6e7521e17360d048b3616f3893b2efe42b95f
Reviewed-on: https://code.wireshark.org/review/12795
Reviewed-by: Guy Harris <guy@alum.mit.edu>

WPA (IEEE802.11) decryption function cleanups

 - Updated AirPDcapPacketProcess function description
 - Try to return better error codes
 - Remove broken/useless return of keys from AirPDcapRsna4WHandshake

Change-Id: I19ae46e54114e0c5953dd1d1e0b78d4123410b30
Reviewed-on: https://code.wireshark.org/review/12794
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Fix compilation when _DEBUG is defined.

CMake's Visual C++ generator creates projects that compile with the
Debug configuration by default, which defines _DEBUG. Fix DEBUG_DUMP's
declaration so that we compile in that case.

While we're here note that the "airpd" prefix isn't limited to AirPcap,
so we might want to change it accordingly.

Change-Id: I5476f28c63020f0f66ee9128731bc4b3dc720765
Reviewed-on: https://code.wireshark.org/review/11787
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 18b8f48bc113267f2c548e4ce9a3e5b744ca9c1e)
Reviewed-on: https://code.wireshark.org/review/12793
Reviewed-by: Guy Harris <guy@alum.mit.edu>

WPA/WPA2 decoding fixes and improvements

- start decoding when we have eapol1+2 packets
  Do not insist on a complete captured handshake, decode what we can.

- more robust way to detect eapol #2 packets
  At least Win 10 is violating the spec on rekey by setting the secure
  bit in #2. Unpatched version shows and handles #2 as #4, breaking
  decoding after rekey.

- fixed eapol rekey key handling
  Inital patch (see https://code.wireshark.org/review/8268)
  is adding redundant keys, since it scans all the time
  and not only once.

- ignore tailing garbage after eapol sections in frame
  See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9065#c8

Included testcase to test decode for incomplete handshakes and eapol2
packets with secure bit set on rekey.

Ping-Bug: 9065
Change-Id: Id775088db9b5aaa80da9efdeed6902d024b5c0cd
Reviewed-on: https://code.wireshark.org/review/11484
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit cb3dd958af31099772c8934179e113929ae0c020)
Reviewed-on: https://code.wireshark.org/review/12775
Reviewed-by: Guy Harris <guy@alum.mit.edu>

[airpdcap] check the length of the WPA broadcast key we calculated

return an error if our key is shorter than the key type required for the
encryption method we detected

this check prevents an out-of-bounds memory access when the key is copied

Bug: 11826
Change-Id: Ic779b5d87aa97a3b2d2b2c92ce12d0fff4a85adc
Reviewed-on: https://code.wireshark.org/review/12743
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-on: https://code.wireshark.org/review/12769
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

[aidpdcap] use packet scoped wmem memory for szEncryptedKey

to make sure that AirPDcapDecryptWPABroadcastKey() does not leak memory
when it returns an error

Change-Id: I01dc8dc0d6cc1e72e9784a262e35e24844e35dbc
Reviewed-on: https://code.wireshark.org/review/12745
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-on: https://code.wireshark.org/review/12768
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

ICMP timestamp is in mseconds, not seconds.

Introduced in Iad5e28aa

Bug: 11910
Change-Id: I80be5f156786ddb9f7bbe25460b48dbb4588cb8d
Reviewed-on: https://code.wireshark.org/review/12755
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit f66fedc04e2142dc608c165fcf60646c8f2d34ce)
Reviewed-on: https://code.wireshark.org/review/12772

Squelch another warning.

Change-Id: I7340954d9ca2fd11a6db2aa7cd5493d870181e23
Reviewed-on: https://code.wireshark.org/review/12765
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit c9670e334c38f98da485b53bbd09571047836064)
Reviewed-on: https://code.wireshark.org/review/12766

Squelch some compiler warnings.

Change-Id: Iee46c43498f42e19dfab0178e80743d35d843d2d
Reviewed-on: https://code.wireshark.org/review/12762
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit f553431ad0340355885fc9820f5727205c44e7c4)
Reviewed-on: https://code.wireshark.org/review/12763

Rename some variables to make it a bit clearer what they are.

rec_length_remaining is the amount of data we haven't already read from
the record; it starts out as the record length and gets decreased.  It
is not the length of data in the packet.

Change-Id: I46cd78e29aee13a686f1f6c8efbe258277e15686
Reviewed-on: https://code.wireshark.org/review/12759
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 1a5ed10bad99a96389d0ccbee5d7804c8cf98a0a)
Reviewed-on: https://code.wireshark.org/review/12760

Add bounds checks and fix a length argument.

Before reading the record header of a REC_FRAME{2,4,6} record, make sure
the record length is >= the length of that header.

Whe calling fix_pseudo_header(), pass the actual length of the packet
data, not the remaining length of the record (which may include
padding), so we don't read past the end of the packet data.

Bug: 11827
Change-Id: I1c63a4cb014c4616ffdd202660e68c576f266872
Reviewed-on: https://code.wireshark.org/review/12756
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 53a3e53fce30523d11ab3df319fba7b75d63076f)
Reviewed-on: https://code.wireshark.org/review/12757

Qt: Fix Confirm unsaved capture files preference.

Set initial value for confirmUnsavedCheckBox.

Change-Id: I7dfebf21e516a9d1be1bd3f543a00834222c9ff7
Reviewed-on: https://code.wireshark.org/review/12739
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 25e417f01a25e3c862135659f7a2df50f2c1e61a)
Reviewed-on: https://code.wireshark.org/review/12754

[Automatic update for 2015-12-20]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Ib9594391c069fae57bc461d3d7042a190c6abe2b
Reviewed-on: https://code.wireshark.org/review/12748
Reviewed-by: Gerald Combs <gerald@wireshark.org>

Add %ProgramW6432% to the list of search paths when looking for 7-Zip.

This allows a 64bit 7-Zip installation to be located even though
win-setup.ps1 is run by a 32-bit process.

This applies to 64bit Windows (7, 10, Server 2008 R2, Server 2012).
Tested on 2012.

Ref:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa384274%28v=vs.85%29.aspx

Change-Id: I6f4f3226b25c890cd674bf4c4d9ea73ddfc8ece0
Reviewed-on: https://code.wireshark.org/review/12740
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit aa002845d931e0a17a35c93385054bddc8524b18)
Reviewed-on: https://code.wireshark.org/review/12742

Add missing ERF types, mention another missing type, mention reserved space.

Add the TYPE_COLOR_HASH_POS and TYPE_COLOR_HASH_ETH types, note that
type 26 has no #define, mention that types 28 through 31 are reserved
for future record types.

Change-Id: Ic828254599599c6bd7399d4682f9a3d4bff1f0f7
Reviewed-on: https://code.wireshark.org/review/12728
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit f9a848ac308aa2da3542cea3119430c389d55e68)
Reviewed-on: https://code.wireshark.org/review/12729

ERF: Add basic no-break support for ERF_TYPE_META.

Update erf_open heuristic to not break when ERF_TYPE_META records are present.
Remove check for maximum non-pad ERF type and add defines for reserved types.
No dissection in this commit beyond record type name, this will come later.

Change-Id: Ib64e450e26b2878b5519fb6afeafa2ce9477ac85
Reviewed-on: https://code.wireshark.org/review/12708
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit dcfbf927055bb3e9a27fdcb78d8bd819c871a98e)
Reviewed-on: https://code.wireshark.org/review/12726

Qt UI: use a default (and minimum) value of 2 for the number of files in a
ring buffer.

This matches the Gtk UI.

(Note that the Qt UI's upper limit for this option (1k) is much lower than
the Gtk UI's (100k).)

Change-Id: Ie5b5b7b4bdb9205594ed7fcc38630a6268cc3acf
Reviewed-on: https://code.wireshark.org/review/12711
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 714c59777a136dc75ef4de9dfce3136549fcece0)
Reviewed-on: https://code.wireshark.org/review/12723

Qt UI: there's no need to capitalize kilobytes, megabytes, and megabytes in
the ring buffer and autostop configuration sections.

Change-Id: I2a260e4f9e52444ee9d6c072bce34067dd74cc19
Reviewed-on: https://code.wireshark.org/review/12712
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 8d8f37e28c0676d1ebcd62de2ae730cafef99ea1)
Reviewed-on: https://code.wireshark.org/review/12720

Qt: use recent.gui_bytes_view preference to remember bits / byte view

While we are at it, let's centralize bytes_view_type definition

Bug: 11903
Change-Id: I606c779a8efaea668db1b440d3ae0336e6e3fc67
Reviewed-on: https://code.wireshark.org/review/12706
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 47a4c8f395280bd78bbc733424bb409c00d2c390)
Reviewed-on: https://code.wireshark.org/review/12715

debian: Fix .deb package generation on wheezy

Conflicts:
debian/control

Bug: 11901
Change-Id: Id2bfd33d05e74d197832af21a4ac701e0d84ab50
Reviewed-on: https://code.wireshark.org/review/12709
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Reviewed-on: https://code.wireshark.org/review/12710
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: reset columns when applying a display filter

Bug: 11786
Change-Id: I7d3b4139328adaf2f79f008a8772b3182c1eb1f0
Reviewed-on: https://code.wireshark.org/review/12688
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 38cde83a5c178f8866d9337702733fae2c844363)
Reviewed-on: https://code.wireshark.org/review/12704

ssl: Fix heartbeat message length.

The length of the "Heartbeat Message" element is equal to the record
length.

Change-Id: I10010442db1615b61bad5f525aad4d49a4c8de29
Reviewed-on: https://code.wireshark.org/review/12678
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit ba84919fa7a3dc7d07cd032c1134263d6c83fe8a)
Reviewed-on: https://code.wireshark.org/review/12698

Qt: deactivate "limit to display filter" checkbox when retapping

Bug: 11848
Bug: 11900
Change-Id: I39bc1f6d8006ee9c258c986a69b460cf99c7e65a
Reviewed-on: https://code.wireshark.org/review/12687
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit ad36e1b43ee756ae50a98f584ce723d83eebbbbf)
Reviewed-on: https://code.wireshark.org/review/12693

Add files missing from make dists's tarball

Conflicts:
Makefile.am

Bug: 11893
Change-Id: I11e6a40856f224e65401b01fafb3e561950ec086
Reviewed-on: https://code.wireshark.org/review/12663
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-on: https://code.wireshark.org/review/12686
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

Qt: save custom colors in recent_common file

This allows to save colors across sessions for systems other than
OSX that do not provide a system wide color picker

While we are at it, let's stop reading the recent file twice at startup

Bug: 11888
Change-Id: I69ff14d699d8111fe6a8bdac0157fcd115a60c2b
Reviewed-on: https://code.wireshark.org/review/12659
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit bfe73e3ad7162830c222a5b0d73433a72324baa5)
Conflicts:
ui/recent.c
Reviewed-on: https://code.wireshark.org/review/12672

debian: Sync patches with Debian

Change-Id: Iec369a7c5ecd559310198efca2cadb56a449de49
Reviewed-on: https://code.wireshark.org/review/12662
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 7ce903bee7b01558361b98e6cd6481ed1e257156)
Reviewed-on: https://code.wireshark.org/review/12673
Reviewed-by: Balint Reczey <balint@balintreczey.hu>

Qt: fix memleaks related to interface dialog

Also fix a not-so-problematic recent files "leak" when quitting
Wireshark.

Change-Id: I8556b07c197f0934f93d6da8c573c47fbd3fc060
Reviewed-on: https://code.wireshark.org/review/12529
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit e3dd3f97f1f2afe18501adcfac9400ddc3e3c0a5)
Reviewed-on: https://code.wireshark.org/review/12670

Report an error if the IP total length is bigger than the containing length.

Change-Id: Ib5990fce89304808a585a99164c0176899acbbb7
Reviewed-on: https://code.wireshark.org/review/12667
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit a257ede0fa46e5cd9e81313d7a9c9c48294edb9b)
Reviewed-on: https://code.wireshark.org/review/12668

Don't report an error for a non-multiple-of-4 chunk length.

To quote RFC 4960:

Chunk Length: 16 bits (unsigned integer)

      This value represents the size of the chunk in bytes, including
      the Chunk Type, Chunk Flags, Chunk Length, and Chunk Value fields.
      Therefore, if the Chunk Value field is zero-length, the Length
      field will be set to 4.  *The Chunk Length field does not count any
      chunk padding.*

      Chunks (including Type, Length, and Value fields) are padded out
      by the sender with all zero bytes to be a multiple of 4 bytes
      long.  This padding MUST NOT be more than 3 bytes in total.  The
      Chunk Length value does not include terminating padding of the
      chunk.  However, it does include padding of any variable-length
      parameter except the last parameter in the chunk.  The receiver
      MUST ignore the padding.

      Note: A robust implementation should accept the chunk whether or
      not the final padding has been included in the Chunk Length.

so the the chunk is *not* required to include the length of the final
padding in the chunk, although any padding *between* variable-length
parameters in the chunk must be included in the length (obviously, as
it's part of the chunk data).

Change-Id: I99d64fdd907c41229aa9ad10a230fff4bcdfa5f4
Reviewed-on: https://code.wireshark.org/review/12664
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 68ca26ec75fb9cccbb64a859cafa1fb2c3d0cce7)
Reviewed-on: https://code.wireshark.org/review/12665

Qt: apply '-Y' display filter unconditionally and not only when opening a capture file

Bug: 11891
Change-Id: I20c4497bdf255627c845f5d6fba2ad7797815b08
Reviewed-on: https://code.wireshark.org/review/12645
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
(cherry picked from commit 3efc87726ca29543efd1e413e414703dc87defa8)
Reviewed-on: https://code.wireshark.org/review/12649
Reviewed-by: Anders Broman <a.broman58@gmail.com>

Qt: resize Follow Stream conversation QComboBox to its content

Bug: 11887
Change-Id: Ibc3bd6ed8c0615f8bcf417ca1ba4d872f81ade92
Reviewed-on: https://code.wireshark.org/review/12644
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 9ad40ff6c91115c9e9cb86f2d257260479e63706)
Reviewed-on: https://code.wireshark.org/review/12647

Qt: TCP/UDP streams are off by one in follow stream window

Bug: 11889
Change-Id: I6a274c8b1df8b78f4063534d534002848bd0f199
Reviewed-on: https://code.wireshark.org/review/12642
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 01de59202d79acc1b5d6532f8501bf7a169e9604)
Reviewed-on: https://code.wireshark.org/review/12643

Lua: Fix switch-case braces.

+ fixed a comment.

Change-Id: Ib1a8449054afde3b4df7ad57f0c3da07016281c2
Reviewed-on: https://code.wireshark.org/review/12635
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 39cc323722b0aee95cad3febee628737dc7981cb)
Reviewed-on: https://code.wireshark.org/review/12636

Lua: Free Pref enum values

Free the Pref enum values in Pref__gc().

Change-Id: I4d66dbe7ee4879f3b14094135887d78cba876ea3
Reviewed-on: https://code.wireshark.org/review/12628
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 28207e5b82e7b667b2ea3bd15445b03e4fa7e6d5)
Reviewed-on: https://code.wireshark.org/review/12633

Add comments to explain what we're doing with strings.

Change-Id: I043d02092464ec8cbbec08d11b29dfee248116bf
Reviewed-on: https://code.wireshark.org/review/12629
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 56584b52e09ae806d85210c1f16f586db1c0d9bd)
Reviewed-on: https://code.wireshark.org/review/12632

Lua: Free Pref default string

Store the Pref default string value and ensure this is freed both
when registering the pref and when not.

Use g_malloc0 to allocate Pref and avoid several init's.

Change-Id: I5f97a15d06068d7805f02f7c7feea61f9b2030f5
Reviewed-on: https://code.wireshark.org/review/12626
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 5625b62aa417c23102f254268563995773582e39)
Reviewed-on: https://code.wireshark.org/review/12631

No need to free the value of a string preference in the garbage collector.

The preference has already been deregistered at that point, so the value
of the preference has been freed and the pointer to it has been set to
null, so it's already been freed and its pointer no longer points to it
and the free from Lua will do nothing.
Change-Id: I11bf74932303151483cd3699659f67d64b466759
Reviewed-on: https://code.wireshark.org/review/12606
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 3d0f9a4397125af15f40ab29e3fd1ad0ae2aae1a)
Reviewed-on: https://code.wireshark.org/review/12630

[ppi] initialize phdr to 0

to make sure that it's not used without prior initialisation

Bug: 11876
Change-Id: Ic19279b01dfd7ac4be596b3aeb537e31604e4147
Reviewed-on: https://code.wireshark.org/review/12573
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
(cherry picked from commit 2290eba5cb25f927f9142680193ac1158d35506e)
Reviewed-on: https://code.wireshark.org/review/12595
Reviewed-by: Anders Broman <a.broman58@gmail.com>

ui: Read and write correct recent timestamp format

Rewrite to use value_string to ensure correct value strings used,
to add backward compatibility and to avoid global-buffer-overflow
in possible future inconsistencies.

This bug was introduced in 2a088c1d when adding new timestamp formats.

Change-Id: I1bf4ac8427db92bfb56b4e5b90809fe08eebed20
Reviewed-on: https://code.wireshark.org/review/12597
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Qt: Removed applyRecentColumnWidths from recentFilesRead

Adjusting column widths from recent settings is only needed
when columns has changed.

Don't recreate the columns when changing timestamp options or
name resolution, only reset columns.

Change-Id: I4c9a9f63c34542935dd282188d98b2b5b013c5f3
Reviewed-on: https://code.wireshark.org/review/12579
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit e73fc7e51e29382974e820bc72a859ef9caba693)
Reviewed-on: https://code.wireshark.org/review/12596

Explicitly specify the template for the mktemp command.

Not all versions of mktemp support omitting the template; in particular,
the one provided by some BSD-flavored OSes don't.

Change-Id: I657e002559dce165c677a473aa10bb17cc506037
Reviewed-on: https://code.wireshark.org/review/12592
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit e01f8fb3ad4e635a09f8beb88cb1fcc0baeb0232)
Reviewed-on: https://code.wireshark.org/review/12593

[Automatic update for 2015-12-13]

Update manuf, services enterprise-numbers, translations, and other items.

Change-Id: Ie4ad653069bf0f225a201960dfb685f12ab3fa6c
Reviewed-on: https://code.wireshark.org/review/12589
Reviewed-by: Gerald Combs <gerald@wireshark.org>

NBAP : Verify conversation proto data exists before trying to access it

Bug 11841
Change-Id: Ic0dea6491a68a042ddc0f2dbee19739e4568b18c
Reviewed-on: https://code.wireshark.org/review/12576
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 23379ae3624df82c170f48e5bb3250a97ec61c13)
Reviewed-on: https://code.wireshark.org/review/12585

Qt: Start with correct seconds format

Set seconds type from recent values at startup.

Change-Id: I761f4e25f41cf9eae666196fe5cd69ef9f87556f
Reviewed-on: https://code.wireshark.org/review/12582
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit cda4b0f4b7014ad4c9f7cd5ab36e1b07952e64be)
Reviewed-on: https://code.wireshark.org/review/12583

Qt: validate format string before calling strftime()

According to https://msdn.microsoft.com/en-us/library/fe06s4ak.aspx
an invalid string will trigger invalid parameter handler

Also check the validity of each field before activating import button

Bug: 11873
Change-Id: I9fc1c6e061a02354690871410f0e2cf2e0dd86a7
Reviewed-on: https://code.wireshark.org/review/12537
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit f06bbe37c12c7788702cc8649e3da1f18c730931)
Reviewed-on: https://code.wireshark.org/review/12580

Qt: Apply recent column widths when columns changed

When changing columns in the preferences or when removing a column
from the packet list header menu we need to apply recent column
widths to preserve the remaining columns widths.

Change-Id: Ie5c074722424b5cee31af3b6953ab1b026ba7fa5
Reviewed-on: https://code.wireshark.org/review/12575
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit 5133221a1929ce0bc903c64cf340e2fc5d08a9dc)
Reviewed-on: https://code.wireshark.org/review/12578

Ping on Windows isn't necessarily IPv4-only.

The default prefix policy on modern versions of Windows prefers IPv6.
This in combination with the fact that our ping target (www.wireshark.org)
currently has both A and AAAA records might result in ICMPv6 traffic
instead of ICMPv4. Update the capture test suite accordingly.

Change-Id: I5c88f24fb9458526ffd44c5003f09247b6999ce7
Reviewed-on: https://code.wireshark.org/review/12553
Reviewed-by: Gerald Combs <gerald@wireshark.org>
(cherry picked from commit 4454fb02c7d37803d99c9a1228db35b2c8f75220)
Reviewed-on: https://code.wireshark.org/review/12577
Reviewed-by: Guy Harris <guy@alum.mit.edu>

Increase ZBEE_ZCL_APPL_EVTALT_NUM_STRUCT_ETT to match ZBEE_ZCL_APPL_EVTALT_COUNT_NUM_MASK, to prevent invalid ett_ array access.

Change-Id: I67e79e97e13081a77bb5202cbbc1e4f1ee872c95
Reviewed-on: https://code.wireshark.org/review/12556
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit eb0c034f6e4cdbf5ae36dd9ba8e2743630b7bd38)
Reviewed-on: https://code.wireshark.org/review/12570

Range check ett_ array access.

Bug: 11830
Change-Id: I010093f0ee6f876161de0aca24ea5037616d0039
Reviewed-on: https://code.wireshark.org/review/12555
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit 9352616ec9742f2ed3d2802d0c8c100d51ca410b)
Reviewed-on: https://code.wireshark.org/review/12568

[RSL] Just return rest of packet if TLV type is unknown

Bug: 11829
Change-Id: Id31ec9ee970c3a1e1fe64e3bf823f9ab78f7cd9e
Reviewed-on: https://code.wireshark.org/review/12558
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 2930d3105c3ff2bfb1278b34ad10e2e71c3b8fb0)
Reviewed-on: https://code.wireshark.org/review/12563

Update USBPcap installer packaged

NSIS script modified to:
- check for KB 3033929 presence on Windows 7 / 2008R2 (as we sign drivers with a SHA2 certificate)
- do not delete the installation folder if not empty

Bug: 11766
Change-Id: I5c7b6378b0775bb75c1b9e58e503997176c12213
Reviewed-on: https://code.wireshark.org/review/12546
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 6c38ec1aab82d5347451ba3a0058cd81f4218daa)
Reviewed-on: https://code.wireshark.org/review/12562

cmake: Fix platform introspection for inet_aton() [-Wredundant-decls]

Change-Id: Icd6b8de0a70dd33e70bb0ad4d5c39ffc15454e8c
Reviewed-on: https://code.wireshark.org/review/12559
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit 5a26599a4bd3b5788b318abbeb0e7f140051ccf1)
Reviewed-on: https://code.wireshark.org/review/12560

Clamp zooming so that we don't get zero or negative font sizes.

Those are obviously wrong.

Also, clean up some stuff left over from the GTK+ 1.x days; GTK+ 2.x
doesn't expose raw XLFD font names, it lets you specify a font by name
and size, and font_zoom() doesn't determine whether the font is
resizeable - it just constructs a new font name/size pair and leaves it
up to its callers to try to load the font, so "there's no such font as
Wingdings Gothic" and "you can't blow up Fraktur to 10 million points"
both show up as errors loading the font by name.

Bug: 8854
Change-Id: I6af142c75c9ebabd1a95308c203f8cb1f36dd82f
Reviewed-on: https://code.wireshark.org/review/12549
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(cherry picked from commit b8b77aecc38f8ada88de78939e4d35d0fa535bd4)
Reviewed-on: https://code.wireshark.org/review/12550

Lua: Check for empty name in ProtoField

The check in tmp_fld_check_assert() does terminate with g_error
if given an empty string as name, so we have to check for this.

Change-Id: I084e3e715bd319484a52f60ef90c1a2aea30df1b
Reviewed-on: https://code.wireshark.org/review/12534
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit b031e538f707cead2aa3e9d956eb88ff1d0db4fc)
Reviewed-on: https://code.wireshark.org/review/12535

ENIP: Add sanity check when connection info not available

If the connection info is not available, ensure that enough connected data is available to meet the minimum explicit message size.

Conflicts:
epan/dissectors/packet-enip.c

Change-Id: I6c8bf54dda4adbf23749d2a2c8c19f4ea2bc5222
Reviewed-on: https://code.wireshark.org/review/12520
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-on: https://code.wireshark.org/review/12533
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>

Lua: Validate ProtoExpert.new arguments

Change-Id: I0da829041cda48a35341c315a7889b557b6334d7
Reviewed-on: https://code.wireshark.org/review/12527
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit f142595db72955260976d4257592032bef7d492a)
Reviewed-on: https://code.wireshark.org/review/12528

Qt: Reload Lua expert infos

Support reloading Lua plugins with expert infos.
Use the same delayed deregister logic as for fields.

Change-Id: I36efa0820050b3a7afed4de7a8b0fa16805e8dfa
Reviewed-on: https://code.wireshark.org/review/12498
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit ea1789f925f49027e6b2864e6cc846b7016dc13b)
Reviewed-on: https://code.wireshark.org/review/12526
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>

MIPv6: Fix unknown MH Type message data length

Also improve column info for unknown MH types.

Ping-Bug: 11728
Change-Id: I4e54ae56dbb76eaf9ea4f33eb0ff497a518dbd9a
Reviewed-on: https://code.wireshark.org/review/12513
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 00eb71ac32e2736c85147ad5addf7ceed1e20db6)
Reviewed-on: https://code.wireshark.org/review/12525

6LowPAN: Check for NHC IPv6 No Next Header

Bug: 11728
Change-Id: I7b7cc72b4200e53856283e0716383d661a16fa77
Reviewed-on: https://code.wireshark.org/review/12512
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit e8b8568b7c5d0035a13b6f0dd93a5406ffff0b13)
Reviewed-on: https://code.wireshark.org/review/12523

ssl: fix SSLv2 Client Hello dissection

Regression introduced with v1.99.4rc0-112-gf0855e0 ("Remove
proto_tree_add_text from packet-ssl.c").

While SSL decryption is not needed on the second pass, the items still
have to be added.

Bug: 11851
Change-Id: Iccb43f2ccff19bbe6d998fb08600b226ac054825
Reviewed-on: https://code.wireshark.org/review/12510
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit c96b78f28d72fb2ad05a6370ffb6708be55a5030)
Reviewed-on: https://code.wireshark.org/review/12522

Qt: restore conversation coloring rule shortcuts

GTK+ had this very useful Ctrl+1 .. Ctrl+9 shortcuts for conversation
coloring rules. Add this functionality to Qt too.

Ctrl+0 is not ported though, this now means "Restore zoom" which is
quite logical. Also, Ctrl+= (shortcut in GTK+) somehow does not work in
Qt 5.5.1 (it is detected as Ctrl++ instead).

Change-Id: I5528c723ef6d4ea11298a135db8539a8d03d9aae
Reviewed-on: https://code.wireshark.org/review/12506
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 19cbcca5941abd7be7c37135f367853751980977)
Reviewed-on: https://code.wireshark.org/review/12521

Fix link to Display Filter wiki page in WSUG

Reported by Thomas Guttler in https://wireshark.org/lists/wireshark-dev/201512/msg00069.html

Change-Id: Ia482f01e30b734ddfd9ca21081cf4401d26e827b
Reviewed-on: https://code.wireshark.org/review/12503
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 1ffbd2ae9d4e839460717e9886aeb2661dd1e3ea)
Reviewed-on: https://code.wireshark.org/review/12504

Qt: Reset preferences when reloading Lua plugins

Reading configuration files may duplicate some entries, so ensure
we reset preferences before reloading.

Change-Id: I746414cbc10c206ddf47669856f329b9e0202a0d
Reviewed-on: https://code.wireshark.org/review/12496
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
(cherry picked from commit bfcd1e65141c7929e447132fcb26f4044276ec20)
Reviewed-on: https://code.wireshark.org/review/12500

debian: Build-depend on qtmultimedia5-dev and libqt5svg5-dev to enable more Qt features

Change-Id: I14ff81898cd9154805d35ab67976b354e50fbe16
Reviewed-on: https://code.wireshark.org/review/12471
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
(cherry picked from commit 0d209640e2dacbe9d0f560d27819ab7bc9992f52)
Reviewed-on: https://code.wireshark.org/review/12495
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>

Qt: Disable Refresh Interfaces while refreshing

Doing multiple Refresh Interfaces simultaneously will end up in
duplicated interfaces.

Change-Id: If9bb4252bbfabc557b78ad42efc0011050012417
Reviewed-on: https://code.wireshark.org/review/12414
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 7e06334a87faf64c58a8dbc916480027a21a3aef)
Reviewed-on: https://code.wireshark.org/review/12489

CIP: Ensure that all generated data is properly flagged as Generated and no lengths are set for it.

This ensures:
1. Generated data shows inside brackets [], so it's obvious that the data was actually generated.
2. Clicking on generated data should not highlight bytes in the packet. Previously, this would sometimes highlight parts of the response packet that were unrelated.
3. Fixes some assertions that hit in PDML exporting code, due to wrong data locations being referenced.

Bug: 11863
Change-Id: Ia7ea9d886c8fff0c302088bed44b974ff9447a92
Reviewed-on: https://code.wireshark.org/review/12468
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit 0a33e352f4116b850cded331482e3a9171cc6306)
Reviewed-on: https://code.wireshark.org/review/12488

Qt: various fixes to VoIP calls / RTP player windows

- Flush any remaining tapped packets before emitting captureFileRetapFinished().
  This ensures that all packets have been treated before returning from retapPackets().
- Remove VoIP tap listeners when captureFileRetapFinished() is emitted.
  This avoid summing stats each time the RTP player is opened, leading to wrong
  information in VoIP calls window
- Change voip_calls_tapinfo_t redraw member from a boolean to bitmap so as to identify
  which tap should call the tapinfo->tap_draw() callback. This allows fixing a race condition
  where the RTP player can be empty in Qt UI
- Reset some more statistics in voip_calls_reset_all_taps()

Change-Id: Ie7681702c81d338185c1813f2d340a437edf3a04
Reviewed-on: https://code.wireshark.org/review/12474
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
(cherry picked from commit afaf929d0da03a27ef8824eac3c6b45b4419b062)
Reviewed-on: https://code.wireshark.org/review/12487

Qt: store the absolute path names of recent files.

That way you can still open a file you recently opened (which was in your pwd)
even if you happen to change directories (as shell-prompt-dwellers such as
myself are wont to do).

(The Gtk GUI already stores absolute paths.)

Change-Id: If29bcc25d680825c659f8eb4f13b108764029652
Reviewed-on: https://code.wireshark.org/review/12483
Petri-Dish: Jeff Morriss <jeff.morriss.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(cherry picked from commit eb9d7ebb20976a57ba9693f5f7b5277675849471)
Reviewed-on: https://code.wireshark.org/review/12486

androiddump: fix crash on Windows when running in verbose mode

As explained in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6695#c2
g_frpintf unfortunately crashed on Windows. Let's go back to fprintf instead.
It will create warnings with MSVC2015 but we do not use it officially yet and
at least androiddump will be working correctly again.

Change-Id: Idfdb608576e18af63650af80e01bcda36dd81ac4
Reviewed-on: https://code.wireshark.org/review/12435
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
(cherry picked from commit 1a1893ad54a402bda3b77262ecaf68cfe9831368)
Reviewed-on: https://code.wireshark.org/review/12477

Fix crash caused by nullptr in packet_list

Fix crash caused by nullptr returned from proto_registrar_get_byname
in packet_list.cpp

Change-Id: If8324bf7c926585e964a11b27817f73d444beec4
Reviewed-on: https://code.wireshark.org/review/11558
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
(cherry picked from commit 2f2c8788a93f84b239fc0c0aaf158656d298c6d1)
Reviewed-on: https://code.wireshark.org/review/12476
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>