commit 09a855846d
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Sep 30 08:51:49 2021 -0400

    wiretap: camins, vwr: Stop heuristics after 1GiB
    
    Very large 64 bit files are supported, so the CAM Inspector and
    Ixia Veriwave heuristics, which are fairly weak and either always
    (CAM Inspector) or possibly (Veriwave) try to read the entire file
    should stop their heuristics and make a decision after some reasonable
    length.
    
    Without this, the GUI freezes for seconds, minutes, or even hours
    by merely clicking on a large file in the file chooser, as
    wtap_open_offline attempts to determine the file type. The same issue
    occurs in capinfos, captype, tshark, editcap, etc.
    
    In addition, previously the CAM Inspector heuristics could give the wrong
    result on very large files, because 10 * invalid_pairs could overflow
    its guint32 and then end up comparing as less than valid_pairs.
    
    Fix #17620
    
    
    (cherry picked from commit e05f704606c5787a9f7899eebb29686f8a8e8a02)

commit 4a933d4843
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Sat Oct 2 16:39:58 2021 +0200

    Show error for -X lua_script if no Lua support
    
    Wireshark/tshark may be built without Lua support. This patch adds an
    error message if the user specifies the `-X lua_script` command-line
    argument to a program built without Lua support, so the user is not left
    wondering why their script isn't working.
    
    (Cherry picked from commit d3d4e4b1)
    
    
    (cherry picked from commit dc02565d4a6d27f8cc920fd01bc78ba5e800fd05)

commit 54401baafc
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Sat Oct 2 12:22:53 2021 +0200

    gtp: alternative GSN address decoders
    
    All fields with GSN address were decodes as common hf_gsn_addr. But if
    ETSI order is used, it's possible to specify alternative decoder
    depending on message type and field position.
    Alternative decoder for GSN address was added for mandatary fields and
    optional/conditional field in the case there is single GSN address in
    message.
    
    Added new function as common dissector for all addr types.
    
    (cherry picked from commit 88657fd5, with additional corrections)
    
    
    (cherry picked from commit e744f1ffb31dda168588c1d5a2b70e1b441b82d1)

commit 87f73f6362
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Wed Sep 29 16:21:42 2021 +0200

    IS-IS LSP: extended IP reachability prefix SID dissection change
    
    The flags were used to identify the SID format, without regard for the
    available size. Also in case of error in the flags the SID would not be
    shown. Convert, like elsewhere, SID format identification based on size
    and add flag validity checks, based on RFC 8667 section 2.1.1.
    
    Closes #17610
    
    
    (cherry picked from commit e1543bda0c15f5d9a32d975ed235344426e81385)

commit 11afc54731
Author: Anders Broman <anders.broman@ericsson.com>
Date:   Mon Sep 6 15:59:46 2021 +0200

    Diameter: Update Verizon and Cisco AVPs from MR !3731
    
    
    (cherry picked from commit 1095faf9d80934f53bda3c8f04cbdcc3e415850d)

commit aebeaaf764
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Wed Oct 6 01:42:58 2021 +0000

    ftype-time: Absolute times for DFILTER are always local time

commit e3addc25cb
Author: Роман Донченко <dpb@corrigendum.ru>
Date:   Fri Sep 24 20:30:01 2021 +0300

    jpeg: correct the IFD tag for the Copyright field
    
    It is supposed to be 0x8298 according to both the TIFF and Exif specs.
    
    
    (cherry picked from commit 05512b0428438b216b7ae558c660140c7d0867b2)

commit 8957ea1d80
Author: João Valverde <j@v6e.pt>
Date:   Thu Sep 23 12:51:03 2021 +0100

    CMake: The minizip URL is ancient
    
    Use something a bit more modern instead.
    
    
    (cherry picked from commit b6e80d9a2f1701acd789062181d8990d5c2f40b3)

commit f23b43a89f
Author: João Valverde <j@v6e.pt>
Date:   Thu Sep 23 12:16:33 2021 +0100

    Add compatibility fix for Minizip dependency
    
    
    (cherry picked from commit f4c283298febb37631a755d10b89def515f2bd50)

commit 4f2c8ede8a
Author: João Valverde <j@v6e.pt>
Date:   Mon Sep 20 14:14:03 2021 +0100

    CMake: Add guards for PLATFORM sanity check
    
    The sanity check is specific for Visual Studio so add those
    guards. The PLATFORM variable is not standard for other toolchains.
    
    Add a default "windows target platform" of Win64.
    
    Add error output for win-setup.ps1.
    
    
    (cherry picked from commit bb12a187df01c3789fae3c1a1d07e3bf9837e5e1)

commit be1d8e6833
Author: Jan Romann <jan.romann@gmail.com>
Date:   Tue Sep 21 01:14:33 2021 +0000

    coap:  add missing content-format mappings
    
    (cherry picked from commit f3dbfa3bdfb24c2c3cadfb3c6f957df07fe2b11b)

commit 73e5257cf6
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Thu Sep 16 17:38:47 2021 +0200

    InfiniBand: create proper preference change handler out of handoff function
    
    
    (cherry picked from commit 6e174c17eba85a3e343f849b4a53330d38b81853)

commit 8e060fe8cd
Author: João Valverde <j@v6e.pt>
Date:   Sun Sep 19 22:34:00 2021 +0100

    Windows: Don't search for a SpeexDSP package
    
    
    (cherry picked from commit a193aff05244f53c668f725588e18bf6b1e496e1)

commit 7cf727ad88
Author: Vivek Mangala <vivekmangala@gmail.com>
Date:   Thu Sep 16 20:56:54 2021 +0530

    twamp: fixed decoding of control-message sequence
    
    Added check on Command-Number on control message following
    Accept-Session to detect the correct state.  There are
    various states possible after Accept-Session.
    
    
    (cherry picked from commit f341e045c9faac39c94105ee0fb2302e28d23b8f)

commit eca19b2c0a
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Sep 8 19:43:44 2021 -0400

    VSS Monitoring: Tighten heuristic, reduce false positives by default
    
    Add a preference to VSS Monitoring for dissecting packets that
    lack a timestamp and only have port stamping, and set it to false
    by default. There's no heuristic for port stamping, so it defaults
    to accepting all trailers with 1, 2, 5, or 6 bytes (1 or 2 byte
    port stamp plus optional 4 bytes for Ethernet FCS.) That's too
    indiscriminate, especially if there are other possible trailers
    (e.g., if the PRP-1 dissector is eventually changed to a eth.trailer
    dissector, see #17066 which this helps with).
    
    Also, VSS Monitoring has never actually supported two byte port stamps,
    and recent product releases have dropped port stamping in favor of
    VLAN tagging for port tagging, so only support 1 byte port stamps by
    default and add a preference for 2 byte port stamps.
    
    With these changes by default the VSS Monitoring heuristic dissector
    only dissects trailers that pass the timestamp heuristic, greatly
    reducing the number of false positives. This does much of #8997,
    though the timestamp heuristic could be tightened as well.
    
    
    (cherry picked from commit 21e7bb10731169ea796e97c3d3c4d47286dfc8d1)

commit 132a3fad27
Author: Developer Alexander <dev@alex-mails.de>
Date:   Thu Sep 9 10:18:16 2021 +0200

    Qt: JSON Export - Statusbar info corrected
    
    During a JSON Export "Writing JSON" will displayed in the statusbar.
    
    
    (cherry picked from commit 02285e53b8a8f478a0e14c7f57b5d59a3a0140e8)

commit 767db371ce
Author: John Thacker <johnthacker@gmail.com>
Date:   Mon Sep 6 01:33:16 2021 -0400

    MP2T: Expert info, counter drop is PI_SEQUENCE, not MALFORMED
    
    
    (cherry picked from commit f6e0589f89e6f59e957584b02b978d3c4484b42d)

commit 24e17da052
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Sun Sep 5 12:40:28 2021 +0000

    dcerpc_spoolss: fix display filter name
    
    found by conflict check
     'spoolss.driverversion' exists multiple times with incompatible types: FT_UINT64 and FT_UINT32
    
    
    (cherry picked from commit 95b63d04d925fad738eaa1c1a90fb0b8b0393ded)

commit 9ea15839dc
Author: Chuck Craft <bubbasnmp@gmail.com>
Date:   Fri Sep 3 15:59:34 2021 -0500

    NSIS: expand title area for long program names that wrap
    
    Release candidates (rc blah blah hash) or if WIRESHARK_VERSION_EXTRA
    is set for the build, are wrapped/clipped to be unreadable.
    
    
    (cherry picked from commit eb83421c96c486aab492a97315f8b56f6a7614ec)

commit e8468b6d5e
Author: Taisuke Sasaki <taisasak@cisco.com>
Date:   Fri Sep 3 11:35:52 2021 +0900

    BGP: Fix BGP-LS TLV offset of IGP TE Metric (RFC8571)
    
    
    (cherry picked from commit b4ef378e5e67ca558b166f01d265580933ff72e4)

commit 094cd4a64d
Author: Natale Patriciello <natale.patriciello@gmail.com>
Date:   Wed Sep 1 15:20:48 2021 +0200

    RTCP: Fix padding dissection in transport feedback
    
    The transport feedback definition, from
    (https://datatracker.ietf.org/doc/html/draft-holmer-rmcat-transport-wide-cc-extensions-01#section-3.1)
    has the third bit as the padding bit (as any RTCP feedback message). However,
    the transport feedback dissector was consuming the padding (if present),
    leaving the outer RTCP dissector with a padding bit set, but no padding to
    analyze/show. That resulted in a "Malformed packet" error.
    
    With this patch, any padding that is consumed in the transport feedback
    dissection clears the outer padding bit set, leaving the RTCP dissector happy.
    
    
    (cherry picked from commit 57376bdf3ed8e4e9da85c44d81343679f4970d78)

commit 9ca6e39c7e
Author: Adrian Ratiu <adrian.ratiu@collabora.com>
Date:   Wed Aug 25 20:13:03 2021 +0300

    cmake: lemon: fix path to internal lemon tool
    
    Wireshark fails to build when cross-compiling on Gentoo/ChromeOS
    systems because the lemon command is not properly specified or
    included in PATH, failing with:
    
    /bin/sh: lemon: command not found
    
    The relevant excerpt from build.ninja is:
    
    COMMAND = cd ..._build/plugins/epan/mate && lemon -T.../tools/lemon/lempar.c
    -d. .../plugins/epan/mate/mate_grammar.lemon
    
    By specifying the full path to "lemon" we ensure it is
    always searched and found in the correct location.
    
    
    (cherry picked from commit 49240e23b4cf890df67d81d1900f313d1193db8c)

commit b814bebaef
Author: Adrian Ratiu <adrian.ratiu@collabora.com>
Date:   Thu Aug 26 17:44:11 2021 +0300

    cmake: lemon: allow overriding lemon CC setting
    
    When cross-compiling wireshark the lemon tool should be built
    using the host machine compiler to be run on the host. Before
    cmake this was done via autotools CC_FOR_BUILD but cmake only
    supports one compiler toolchain per build and requires some
    workarounds like running cmake twice using separately defined
    toolchains.
    
    This gets ugly and complicated fast when considering multiple
    toolchains, especially for a simple tool like lemon, so just
    allow builds to override the C compiler and wipe the cflags.
    
    This way systems like Gentoo/ChromeOS/Yocto with a properly
    setup cross-compile environment can just point to the native
    BUILD_CC or similar while minimizing complexity.
    
    
    (cherry picked from commit 61e66c37abb1b7f59726e4407ac8dd53e6b75cac)

commit dc97e25fb4
Author: Joakim Andersson <joakim.andersson@nordicsemi.no>
Date:   Mon Aug 9 08:53:59 2021 +0200

    nordic_ble: Mark failure to decrypt reason as CRC error over MIC error
    
    A packet that has been received by the sniffer with CRC errors will not
    decrypted properly by the sniffer. Mark the decrypt failure reason as
    CRC error instead of MIC error.
    
    Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
    
    
    (cherry picked from commit 1f0251a82dafacd8c1d4a9074961c7ccc85d46f7)

commit 9ac10769d6
Author: Denis Pronin <dannftk@yandex.ru>
Date:   Thu Jul 29 11:50:39 2021 +0300

    Fixed incorrect calculating hash from quic_cid_t
    
    
    (cherry picked from commit 5cd9646e7235460eb443b778c246794eb6efef17)

commit 0efdec6f23
Author: Jeroen Sack <jeroen.sack@agcocorp.com>
Date:   Thu Aug 26 19:49:18 2021 -0500

    Isobus-VT: Fix description of auxiliary input status enable message
    
    Show if message indicates that auxiliary input was enabled or disabled
    
    
    (cherry picked from commit 0ceaaad76338e5c3f74d2e495c14e6703f306c07)

commit fcb8f74fd3
Author: Gerald Combs <gerald@wireshark.org>
Date:   Wed Sep 1 10:24:58 2021 -0700

    Packaging: Update the macOS notarization failure error message.
    
    Apple provides a status page for various developer services at
    https://developer.apple.com/system-status/, including the status of the
    Developer ID Notary Service. Show the URL notarization fails so that
    troubleshooting is easier.
    
    
    (cherry picked from commit 348d35659424e1f9bd3c7f0ea72dc8c312fc497b)

commit a2729880b9
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Oct 4 14:11:50 2021 -0700

    Prep for 3.2.17.

commit 81c79bd34a
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Oct 3 10:18:27 2021 +0000

    [Automatic update for 2021-10-03]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit 7e9f2bb8a2
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Tue Sep 28 13:45:38 2021 +0200

    proto: Delay deleting heur_dtbl_entry_t in heur_dissector_delete
    
    Add the heur_dtbl_entry_t entry as deregistered when deleting a
    heuristics dissector. The UDP dissector is storing a pointer to
    this in proto_data and may access the entry during reload Lua
    plugins until all packets are redissected.
    
    
    (cherry picked from commit e9ac4d390086a6994cac0b2b500326f13a35c8bb)

commit 9e90e389db
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Oct 1 10:31:30 2021 +0200

    capture: Check for valid wtap when capture.show_info
    
    Changing profile during capture may change the capture_opts->show_info
    setting. Always init cap_session->wtap and check if valid before doing
    capture_info_new_packets(). Always close dialog and cap_session->wtap
    in capture_input_closed().
    
    This will not bring up the Capture Information dialog when switching
    to a profile having this enabled.
    
    Fixes #17622
    
    
    (cherry picked from commit ec2746c910059169fa528466e8187643105ba56d)

commit 3c9bc899e7
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Sep 26 10:18:41 2021 +0000

    [Automatic update for 2021-09-26]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit be25d86cda
Author: Roland Knall <rknall@gmail.com>
Date:   Fri Sep 24 08:54:40 2021 +0200

    USBDump: Fix Memleak with error info
    
    The memory block the error was written to was uninitialized
    
    
    (cherry picked from commit 0c7d82d8b7c4ae2932ba25b092be814cf5e4eb46)

commit 5292e9fce2
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Sep 19 10:18:14 2021 +0000

    [Automatic update for 2021-09-19]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit e7fcd9ce91
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Sep 12 10:14:55 2021 +0000

    [Automatic update for 2021-09-12]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit d9dc61cee5
Author: Graham Bloice <graham.bloice@trihedral.com>
Date:   Sat Sep 11 15:02:18 2021 +0100

    Windows: Update displayed OS version info
    
    MS has changed the registry key that holds the version for display
    from 20H2 onwards.
    
    
    (cherry picked from commit 58207d2f8dcbabe05f392d7145eb12fd80f7c4ea)

commit 241045c248
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Wed Sep 8 16:55:54 2021 +0200

    Credentials Tap: Fix wmem scope for init call
    
    When calling credentials_init() for a tshark live capture we're in the
    epan wmem scope.
    
    Fixes: wireshark/wireshark#17576
    
    
    (cherry picked from commit 4e7d10eea14a015f5c034a3e4fa38f1e8718d1a0)
    
    (cherry picked from commit 5b32a530babbcf8cd3a0973c751a38282365ec67)

commit ddc883f6a7
Author: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Date:   Wed Sep 8 13:36:24 2021 +0200

    dot11decrypt: Fix AAD calculation for legacy ccmp implementation
    
    Re-implement below change but for the legacy ccmp decryption used on
    3.2 release track but also on later releases when Wireshark is built
    with older versions of libgcrypt:
    
    e5e37add9a 802.11 Decrypt: Fix AAD Calculation when HT-Control present in a QoS Data Frame
    
    Ping #17577.
    
    (backported from commit c58c106b304fbcc8333d470e93a7c0962c7d6b1d)

commit e18d0e510b
Author: kor <drkor@bk.ru>
Date:   Sat Sep 4 12:04:25 2021 +0300

    diameter: add 3GPP 29.234 V11.2.0 (2013-06)
    
    Added new AVP from 3GPP 29.234
    
    
    (cherry picked from commit 61e1e69218ad0c9c0c3f2d097d9bf8f8a4515251)

commit d756c13dcd
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Sep 5 19:42:25 2021 +0000

    [Automatic update for 2021-09-05]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit 4627c728a2
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Aug 29 10:17:57 2021 +0000

    [Automatic update for 2021-08-29]
    
    Update manuf, services enterprise numbers, translations, and other items.

commit e079cfbf17
Author: Guy Harris <gharris@sonic.net>
Date:   Sat Aug 28 16:00:41 2021 -0700

    pcapng: fix handling of byte-swapped sysdig event blocks.
    
    We weren't setting wblock->rec->rec_header.syscall_header.nparams for
    byte-swapped event blocks.
    
    
    (cherry picked from commit 10be4d1611da4911cbdd12f119a74aa965fdb537)

commit dcec8787d5
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Aug 25 17:24:31 2021 -0400

    AMQP: Fix dissection of PDUs split across TCP segments
    
    AMQP calls a subdissector table before tcp_dissect_pdus() is used to
    desegment PDUs (see commit 27c10ed72ea2451bfbb6c0eb50af4280e65a3fcf),
    so pinfo->can_desegment needs to be restored before it is decremented
    a second time.  Fixes #14217.
    
    (cherry picked from commit f997f2889828474bd20eaff4265eade918b85f52)

commit e14913e0e7
Author: Guy Harris <gharris@sonic.net>
Date:   Fri Aug 27 12:54:02 2021 -0700

    wtap_opttypes: fix a typo.
    
    
    (cherry picked from commit 5536ca319a8e7cc7ebf7bf387ad2b7efe070c532)

commit 63a8fa50bf
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Aug 26 22:01:39 2021 -0400

    SMB: Don't canonize filenames to ASCII for Export Objects
    
    Windows can allow Unicode in filenames now, and export_object.c
    has its own eo_massage_str function that the GUI and CLI already
    call to create safe filenames when they are saved. There's no need
    for an individual dissector like SMB to have its own (worse)
    implementation of the same functionality, and to call it before
    filenames are displayed. Fix #17530
    
    (cherry picked from commit 0e3782831ab14b721c7b1dc26959eecbc85ad6ec)

commit 7d6b766ef6
Author: Gerald Combs <gerald@wireshark.org>
Date:   Wed Aug 25 14:39:37 2021 -0700

    Version: 3.2.16 → 3.2.17
    
    [skip ci]
