[Wireshark-dev] Why does Gerritt sometimes allow a merge but other times want a cherry-pick?

[Richard Sharpe]

Hi folks,

I notice that Gerritt wants to use a cherry-pick strategy for my
latest changes for bug 14455 here
https://code.wireshark.org/review/#/c/26046

I am not sure how to proceed at this point? Do I cherry-pick the
change to master?

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Wireshark 2.4.5 is now available

[Gerald Combs]

I'm proud to announce the release of Wireshark 2.4.5.

 __

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer. It is
   used for troubleshooting, analysis, development and education.
 __

What's New

  Bug Fixes

   The following vulnerabilities have been fixed:
 * [1]wnpa-sec-2018-05
   The IEEE 802.11 dissector could crash. [2]Bug 14442,
   [3]CVE-2018-7335
 * [4]wnpa-sec-2018-06
   Multiple dissectors could go into large infinite loops. All ASN.1
   BER dissectors ([5]Bug 1), along with the DICOM ([6]Bug 14411),
   DMP ([7]Bug 14408), LLTD ([8]Bug 14419), OpenFlow ([9]Bug 14420),
   RELOAD ([10]Bug 14445), RPCoRDMA ([11]Bug 14449), RPKI-Router
   ([12]Bug 14414), S7COMM ([13]Bug 14423), SCCP ([14]Bug 14413),
   Thread ([15]Bug 14428), Thrift ([16]Bug 14379), USB ([17]Bug
   14421), and WCCP ([18]Bug 14412) dissectors were susceptible.
 * [19]wnpa-sec-2018-07
   The UMTS MAC dissector could crash. [20]Bug 14339,
   [21]CVE-2018-7334
 * [22]wnpa-sec-2018-08
   The DOCSIS dissector could crash. [23]Bug 14446, [24]CVE-2018-7337
 * [25]wnpa-sec-2018-09
   The FCP dissector could crash. [26]Bug 14374, [27]CVE-2018-7336
 * [28]wnpa-sec-2018-10
   The SIGCOMP dissector could crash. [29]Bug 14398, [30]CVE-2018-7320
 * [31]wnpa-sec-2018-11
   The pcapng file parser could crash. [32]Bug 14403,
   [33]CVE-2018-7420
 * [34]wnpa-sec-2018-12
   The IPMI dissector could crash. [35]Bug 14409, [36]CVE-2018-7417
 * [37]wnpa-sec-2018-13
   The SIGCOMP dissector could crash. [38]Bug 14410, [39]CVE-2018-7418
 * [40]wnpa-sec-2018-14
   The NBAP disssector could crash. [41]Bug 14443, [42]CVE-2018-7419

   The following bugs have been fixed:
 * Change placement of "double chevron" in Filter Toolbar to eliminate
   overlap. ([43]Bug 14121)
 * AutoScroll does not work. ([44]Bug 14257)
 * BOOTP/DHCP: malformed packet -> when user class option (77) is
   present. ([45]Bug 14312)
 * GET MAX LUN wLength decoded as big-endian - USB Mass Storage.
   ([46]Bug 14360)
 * Unable to create Filter Expression Button for a yellow filter.
   ([47]Bug 14369)
 * Buildbot crash output: fuzz-2018-01-28-15874.pcap. ([48]Bug 14371)
 * NetScaler RPC segmentation fault / stack overflow. ([49]Bug 14399)
 * [oss-fuzz] #6028 RPC_NETLOGON: Direct-leak in g_malloc
   (generate_hash_key). ([50]Bug 14407)
 * Newline "\n" in packet list field increase line height for all
   rows. ([51]Bug 14424)
 * ieee80211-radio.c preamble duration calculation not correct.
   ([52]Bug 14439)
 * DIS: Malformed packet in SISO-STD-002 transmitter. ([53]Bug 14441)

  New and Updated Features

   There are no new features in this release.

  New Protocol Support

   There are no new protocols in this release.

  Updated Protocol Support

   ASN.1 BER, BOOTP/DHCP, DCE RPC NETLOGON, DICOM, DIS, DMP, DOCSIS, EPL,
   FCP, GSM A RR, HSRP, IAX2, IEEE 802.11, Infiniband, IPMI, IPv6, LDAP,
   LLTD, NBAP, NetScaler RPC, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router,
   S7COMM, SCCP, SIGCOMP, Thread, Thrift, TLS/SSL, UMTS MAC, USB, USB Mass
   Storage, and WCCP

  New and Updated Capture File Support

   pcap pcapng
 __

Getting Wireshark

   Wireshark source code and installation packages are available from
   [54]https://www.wireshark.org/download.html.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages. You
   can usually install or upgrade Wireshark using the package management
   system specific to that platform. A list of third-party packages can be
   found on the [55]download page on the Wireshark web site.
 __

File Locations

   Wireshark and TShark look in several different locations for preference
   files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
   vary from platform to platform. You can use About->Folders to find the
   default locations on your system.
 __

Known Problems

   Dumpcap might not quit if Wireshark or TShark crashes. ([56]Bug 1419)

   The BER dissector might infinitely loop. ([57]Bug 1516)

   Capture filters aren't applied when capturing from named pipes.
   ([58]Bug 1814)

   Filtering tshark captures with read filters (-R) no longer works.
   ([59]Bug 2234)

   Application crash when changing real-time option. ([60]Bug 4035)

   Wireshark and TShark will display incorrect delta times in some cases.
   ([61]Bug 4985)

   Wireshark should let you work with multiple capture files. ([62]Bug
   10488)
 

Re: [Wireshark-dev] Dissector for decryted content

[Jeff Morriss]

On Wed, Feb 21, 2018 at 11:07 AM, Jose Selvi  wrote:

> Hi there,
>
> It's my first time developing a dissector, so apologize in advance if my
> question is too obvious for you guys.
>
> I'm trying to code a dissector (I'm using LUA) for a quick test. It
> should match a piece of traffic inside a ESP tunnel. I have seen that
> other dissectors are working inside the decrypted content, but not mine.
>
> Browsing forums, I found this:
>
> https://osqa-ask.wireshark.org/questions/58217/how-do-i-
> dissect-decrypted-ssl-data-when-im-using-a-master-secret-log
>
> However, I can't find similar options for ESP, so I guess it only works
> for SSL.
>

Actually I think the same principle applies for IPSEC/ESP traffic: I think
you'd need to register your dissector in the `ip.proto` dissector table.
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] APT clang

[Alexis La Goutte]

Fixed for me too :-)



On Fri, Feb 23, 2018 at 4:54 PM, Graham Bloice 
wrote:

>
>
> On 23 February 2018 at 15:32, Dario Lombardo 
> wrote:
>
>> I've contacted the mantainer of the repo, and he confirmed some network
>> issue. They're working now.
>>
>>
> Yep, update now works for me as well.  No new version of clang though.
>
> graham@host:/mnt/c/Users/graham$ clang-6.0 --version
> clang version 6.0.0-svn321683-1~exp1 (trunk)
> Target: x86_64-pc-linux-gnu
> Thread model: posix
> InstalledDir: /usr/bin
>
>
>> On Thu, Feb 22, 2018 at 11:16 AM, Dario Lombardo <
>> dario.lombardo...@gmail.com> wrote:
>>
>>> I guess it's an error their side
>>>
>>> http://lists.llvm.org/pipermail/llvm-bugs/2018-February/062765.html
>>>
>>> That's pretty annoying, since it broke my automated docker builds :(.
>>>
>>> On Thu, Feb 22, 2018 at 11:06 AM, Graham Bloice <
>>> graham.blo...@trihedral.com> wrote:
>>>
 On 22 February 2018 at 08:34, Dario Lombardo <
 dario.lombardo...@gmail.com> wrote:

> Hi
> I'm using clang from apt on ubuntu 16.04. According to this page
> https://apt.llvm.org/ I've added this
>
> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main
> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial main
> # 5.0
> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main
> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main
> # 6.0
> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main
> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main
>
> to my lists, and then I've run apt update. Now I get this error:
>
> E: Failed to fetch http://apt.llvm.org/xenial/dis
> ts/llvm-toolchain-xenial/main/source/Sources.gz  Hash Sum mismatch
>
> Anyone experiencing the same error?
>
>
>
 Yes, in WSL on my Win 10 desktop (Ubuntu 16.04.3).  I don't know how to
 fix it either.

 --
 Graham Bloice

 
 ___
 Sent via:Wireshark-dev mailing list 
 Archives:https://www.wireshark.org/lists/wireshark-dev
 Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
  mailto:wireshark-dev-requ...@wireshark.org
 ?subject=unsubscribe

>>>
>>>
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>> ibe
>>
>
>
>
> --
> Graham Bloice
> Software Developer
> Trihedral UK Limited
>
> 
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=
> unsubscribe
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] APT clang

[Dario Lombardo]

I've contacted the mantainer of the repo, and he confirmed some network
issue. They're working now.

On Thu, Feb 22, 2018 at 11:16 AM, Dario Lombardo <
dario.lombardo...@gmail.com> wrote:

> I guess it's an error their side
>
> http://lists.llvm.org/pipermail/llvm-bugs/2018-February/062765.html
>
> That's pretty annoying, since it broke my automated docker builds :(.
>
> On Thu, Feb 22, 2018 at 11:06 AM, Graham Bloice <
> graham.blo...@trihedral.com> wrote:
>
>> On 22 February 2018 at 08:34, Dario Lombardo > > wrote:
>>
>>> Hi
>>> I'm using clang from apt on ubuntu 16.04. According to this page
>>> https://apt.llvm.org/ I've added this
>>>
>>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial main
>>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial main
>>> # 5.0
>>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main
>>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-5.0 main
>>> # 6.0
>>> deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main
>>> deb-src http://apt.llvm.org/xenial/ llvm-toolchain-xenial-6.0 main
>>>
>>> to my lists, and then I've run apt update. Now I get this error:
>>>
>>> E: Failed to fetch http://apt.llvm.org/xenial/dis
>>> ts/llvm-toolchain-xenial/main/source/Sources.gz  Hash Sum mismatch
>>>
>>> Anyone experiencing the same error?
>>>
>>>
>>>
>> Yes, in WSL on my Win 10 desktop (Ubuntu 16.04.3).  I don't know how to
>> fix it either.
>>
>> --
>> Graham Bloice
>>
>> 
>> ___
>> Sent via:Wireshark-dev mailing list 
>> Archives:https://www.wireshark.org/lists/wireshark-dev
>> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscr
>> ibe
>>
>
>
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Wireshark User’s Guide: 1.1.1. Some intended purposes

[Alexander Sashnov via Wireshark-dev]

Hello,

Here is my idea what to add to

1.1.1. Some intended purposes:

QA engeneers use it to verify network applications

___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] not all libraries included in macOS DMG

[Peter Meiser]

Hi,

I like your idea. The attached patch works fine for me.

Regards,
Peter

Am 22.02.2018 um 19:52 schrieb Guy Harris:
> find "$pkglib" "$pkgexec" -type f -print0 | xargs -0 otool -L 
> $lib_dep_search_list
diff --git a/packaging/macosx/osx-app.sh b/packaging/macosx/osx-app.sh
index cb507ae17b..429cef7d92 100755
--- a/packaging/macosx/osx-app.sh
+++ b/packaging/macosx/osx-app.sh
@@ -354,11 +354,6 @@ echo -e "\nFixing up $bundle...\n"
 a=1
 nfiles=0
 endl=true
-lib_dep_search_list="
-	$pkglib/*
-	$pkgexec/*
-	$pkgexec/extcap/*
-	"
 
 while $endl; do
 	echo -e "Looking for dependencies. Round" $a
@@ -369,7 +364,8 @@ while $endl; do
 	# what the sed command does.
 	#
 	libs="`\
-		otool -L $lib_dep_search_list 2>/dev/null \
+		find "$pkglib" "$pkgexec" -type f -print0 \
+		| xargs -0 otool -L 2>/dev/null \
 		| fgrep compatibility \
 		| cut -d\( -f1 \
 		| sed '1,$s;^	libssh;	/usr/local/lib/libssh;' \
 		exit 1
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe