[Wireshark-dev] Why does Gerritt sometimes allow a merge but other times want a cherry-pick?
Hi folks, I notice that Gerritt wants to use a cherry-pick strategy for my latest changes for bug 14455 here https://code.wireshark.org/review/#/c/26046 I am not sure how to proceed at this point? Do I cherry-pick the change to master? -- Regards, Richard Sharpe (何以解憂?唯有杜康。--曹操) ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Wireshark 2.4.5 is now available
I'm proud to announce the release of Wireshark 2.4.5. __ What is Wireshark? Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education. __ What's New Bug Fixes The following vulnerabilities have been fixed: * [1]wnpa-sec-2018-05 The IEEE 802.11 dissector could crash. [2]Bug 14442, [3]CVE-2018-7335 * [4]wnpa-sec-2018-06 Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors ([5]Bug 1), along with the DICOM ([6]Bug 14411), DMP ([7]Bug 14408), LLTD ([8]Bug 14419), OpenFlow ([9]Bug 14420), RELOAD ([10]Bug 14445), RPCoRDMA ([11]Bug 14449), RPKI-Router ([12]Bug 14414), S7COMM ([13]Bug 14423), SCCP ([14]Bug 14413), Thread ([15]Bug 14428), Thrift ([16]Bug 14379), USB ([17]Bug 14421), and WCCP ([18]Bug 14412) dissectors were susceptible. * [19]wnpa-sec-2018-07 The UMTS MAC dissector could crash. [20]Bug 14339, [21]CVE-2018-7334 * [22]wnpa-sec-2018-08 The DOCSIS dissector could crash. [23]Bug 14446, [24]CVE-2018-7337 * [25]wnpa-sec-2018-09 The FCP dissector could crash. [26]Bug 14374, [27]CVE-2018-7336 * [28]wnpa-sec-2018-10 The SIGCOMP dissector could crash. [29]Bug 14398, [30]CVE-2018-7320 * [31]wnpa-sec-2018-11 The pcapng file parser could crash. [32]Bug 14403, [33]CVE-2018-7420 * [34]wnpa-sec-2018-12 The IPMI dissector could crash. [35]Bug 14409, [36]CVE-2018-7417 * [37]wnpa-sec-2018-13 The SIGCOMP dissector could crash. [38]Bug 14410, [39]CVE-2018-7418 * [40]wnpa-sec-2018-14 The NBAP disssector could crash. [41]Bug 14443, [42]CVE-2018-7419 The following bugs have been fixed: * Change placement of "double chevron" in Filter Toolbar to eliminate overlap. ([43]Bug 14121) * AutoScroll does not work. ([44]Bug 14257) * BOOTP/DHCP: malformed packet -> when user class option (77) is present. ([45]Bug 14312) * GET MAX LUN wLength decoded as big-endian - USB Mass Storage. ([46]Bug 14360) * Unable to create Filter Expression Button for a yellow filter. ([47]Bug 14369) * Buildbot crash output: fuzz-2018-01-28-15874.pcap. ([48]Bug 14371) * NetScaler RPC segmentation fault / stack overflow. ([49]Bug 14399) * [oss-fuzz] #6028 RPC_NETLOGON: Direct-leak in g_malloc (generate_hash_key). ([50]Bug 14407) * Newline "\n" in packet list field increase line height for all rows. ([51]Bug 14424) * ieee80211-radio.c preamble duration calculation not correct. ([52]Bug 14439) * DIS: Malformed packet in SISO-STD-002 transmitter. ([53]Bug 14441) New and Updated Features There are no new features in this release. New Protocol Support There are no new protocols in this release. Updated Protocol Support ASN.1 BER, BOOTP/DHCP, DCE RPC NETLOGON, DICOM, DIS, DMP, DOCSIS, EPL, FCP, GSM A RR, HSRP, IAX2, IEEE 802.11, Infiniband, IPMI, IPv6, LDAP, LLTD, NBAP, NetScaler RPC, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, SIGCOMP, Thread, Thrift, TLS/SSL, UMTS MAC, USB, USB Mass Storage, and WCCP New and Updated Capture File Support pcap pcapng __ Getting Wireshark Wireshark source code and installation packages are available from [54]https://www.wireshark.org/download.html. Vendor-supplied Packages Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the [55]download page on the Wireshark web site. __ File Locations Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About->Folders to find the default locations on your system. __ Known Problems Dumpcap might not quit if Wireshark or TShark crashes. ([56]Bug 1419) The BER dissector might infinitely loop. ([57]Bug 1516) Capture filters aren't applied when capturing from named pipes. ([58]Bug 1814) Filtering tshark captures with read filters (-R) no longer works. ([59]Bug 2234) Application crash when changing real-time option. ([60]Bug 4035) Wireshark and TShark will display incorrect delta times in some cases. ([61]Bug 4985) Wireshark should let you work with multiple capture files. ([62]Bug 10488)
Re: [Wireshark-dev] Dissector for decryted content
On Wed, Feb 21, 2018 at 11:07 AM, Jose Selviwrote: > Hi there, > > It's my first time developing a dissector, so apologize in advance if my > question is too obvious for you guys. > > I'm trying to code a dissector (I'm using LUA) for a quick test. It > should match a piece of traffic inside a ESP tunnel. I have seen that > other dissectors are working inside the decrypted content, but not mine. > > Browsing forums, I found this: > > https://osqa-ask.wireshark.org/questions/58217/how-do-i- > dissect-decrypted-ssl-data-when-im-using-a-master-secret-log > > However, I can't find similar options for ESP, so I guess it only works > for SSL. > Actually I think the same principle applies for IPSEC/ESP traffic: I think you'd need to register your dissector in the `ip.proto` dissector table. ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] APT clang
Fixed for me too :-) On Fri, Feb 23, 2018 at 4:54 PM, Graham Bloicewrote: > > > On 23 February 2018 at 15:32, Dario Lombardo > wrote: > >> I've contacted the mantainer of the repo, and he confirmed some network >> issue. They're working now. >> >> > Yep, update now works for me as well. No new version of clang though. > > graham@host:/mnt/c/Users/graham$ clang-6.0 --version > clang version 6.0.0-svn321683-1~exp1 (trunk) > Target: x86_64-pc-linux-gnu > Thread model: posix > InstalledDir: /usr/bin > > >> On Thu, Feb 22, 2018 at 11:16 AM, Dario Lombardo < >> dario.lombardo...@gmail.com> wrote: >> >>> I guess it's an error their side >>> >>> http://lists.llvm.org/pipermail/llvm-bugs/2018-February/062765.html >>> >>> That's pretty annoying, since it broke my automated docker builds :(. >>> >>> On Thu, Feb 22, 2018 at 11:06 AM, Graham Bloice < >>> graham.blo...@trihedral.com> wrote: >>> On 22 February 2018 at 08:34, Dario Lombardo < dario.lombardo...@gmail.com> wrote: > Hi > I'm using clang from apt on ubuntu 16.04. According to this page > https://apt.llvm.org/ I've added this > > deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main > deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial main > # 5.0 > deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main > deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main > # 6.0 > deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main > deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main > > to my lists, and then I've run apt update. Now I get this error: > > E: Failed to fetch http://apt.llvm.org/xenial/dis > ts/llvm-toolchain-xenial/main/source/Sources.gz Hash Sum mismatch > > Anyone experiencing the same error? > > > Yes, in WSL on my Win 10 desktop (Ubuntu 16.04.3). I don't know how to fix it either. -- Graham Bloice ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org ?subject=unsubscribe >>> >>> >> >> >> ___ >> Sent via:Wireshark-dev mailing list >> Archives:https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr >> ibe >> > > > > -- > Graham Bloice > Software Developer > Trihedral UK Limited > > > ___ > Sent via:Wireshark-dev mailing list > Archives:https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject= > unsubscribe > ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] APT clang
I've contacted the mantainer of the repo, and he confirmed some network issue. They're working now. On Thu, Feb 22, 2018 at 11:16 AM, Dario Lombardo < dario.lombardo...@gmail.com> wrote: > I guess it's an error their side > > http://lists.llvm.org/pipermail/llvm-bugs/2018-February/062765.html > > That's pretty annoying, since it broke my automated docker builds :(. > > On Thu, Feb 22, 2018 at 11:06 AM, Graham Bloice < > graham.blo...@trihedral.com> wrote: > >> On 22 February 2018 at 08:34, Dario Lombardo> > wrote: >> >>> Hi >>> I'm using clang from apt on ubuntu 16.04. According to this page >>> https://apt.llvm.org/ I've added this >>> >>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main >>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial main >>> # 5.0 >>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main >>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main >>> # 6.0 >>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main >>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main >>> >>> to my lists, and then I've run apt update. Now I get this error: >>> >>> E: Failed to fetch http://apt.llvm.org/xenial/dis >>> ts/llvm-toolchain-xenial/main/source/Sources.gz Hash Sum mismatch >>> >>> Anyone experiencing the same error? >>> >>> >>> >> Yes, in WSL on my Win 10 desktop (Ubuntu 16.04.3). I don't know how to >> fix it either. >> >> -- >> Graham Bloice >> >> >> ___ >> Sent via:Wireshark-dev mailing list >> Archives:https://www.wireshark.org/lists/wireshark-dev >> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev >> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr >> ibe >> > > ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Wireshark User’s Guide: 1.1.1. Some intended purposes
Hello, Here is my idea what to add to 1.1.1. Some intended purposes: QA engeneers use it to verify network applications ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] not all libraries included in macOS DMG
Hi, I like your idea. The attached patch works fine for me. Regards, Peter Am 22.02.2018 um 19:52 schrieb Guy Harris: > find "$pkglib" "$pkgexec" -type f -print0 | xargs -0 otool -L > $lib_dep_search_list diff --git a/packaging/macosx/osx-app.sh b/packaging/macosx/osx-app.sh index cb507ae17b..429cef7d92 100755 --- a/packaging/macosx/osx-app.sh +++ b/packaging/macosx/osx-app.sh @@ -354,11 +354,6 @@ echo -e "\nFixing up $bundle...\n" a=1 nfiles=0 endl=true -lib_dep_search_list=" - $pkglib/* - $pkgexec/* - $pkgexec/extcap/* - " while $endl; do echo -e "Looking for dependencies. Round" $a @@ -369,7 +364,8 @@ while $endl; do # what the sed command does. # libs="`\ - otool -L $lib_dep_search_list 2>/dev/null \ + find "$pkglib" "$pkgexec" -type f -print0 \ + | xargs -0 otool -L 2>/dev/null \ | fgrep compatibility \ | cut -d\( -f1 \ | sed '1,$s;^ libssh; /usr/local/lib/libssh;' \ exit 1 ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe