commit e36772fa10
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Sep 6 14:57:59 2022 -0700

    Prep for 3.6.8.

commit 9e99b539f3
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Sep 5 10:26:54 2022 -0700

    Tools: Switch make-manuf.py URLs to HTTPS.

    standards-oui.ieee.org is now served over HTTPS.

    (cherry picked from commit 4819716f1442b20b63f9804c39d7d1fc36d80f27)

commit 68c3d706c7
Author: Jason Cohen <7011141-kryojenik@users.noreply.gitlab.com>
Date:   Mon Sep 5 17:31:42 2022 +0000

    f5ethtrailer: Fix possible infinite loop in legacy trailer heuristic

    (cherry picked from commit 67326401a595fffbc67eeed48eb6c55d66a55f67)

commit d9135ec2cf
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Sep 4 17:52:41 2022 +0000

    [Automatic update for 2022-09-04]

    Update manuf, services enterprise numbers, translations, and other items.

commit f4296c6344
Author: Guy Harris <gharris@sonic.net>
Date:   Sat Sep 3 23:10:36 2022 -0700

    frame: always add the "length < caplen" expert info.

    Add the "length < caplen" expert info regardless of whether the "frame"
    protocol is referenced by a packet-matching expression, just as we do
    with the "fractional time component of the absolute frame time is >=
    1000000000" expert info.

    Fixes #18312.

    (cherry picked from commit 09785f072930deb2f9b86ab100360233f24fbaa8)

commit 24821abb79
Author: Guy Harris <gharris@sonic.net>
Date:   Sat Sep 3 03:24:33 2022 -0700

    Fix bogus tvbuffs to make sure reported length >= captured length.

    A reported length less than a captured length is bogus, as you cannot
    capture more data than there is in a packet.

    Fixes #18313.

    (cherry picked from commit 022dfd56f3ff0d3d99b3e1aa0680d2b0440e5332)

commit 7f468dc5dd
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Aug 30 13:15:59 2022 -0700

    GitLab CI: Reenable the ABI Check job.

    Update our ABI dump files using ones built with our current ubuntu-dev
    image. Reenable the "ABI Check" job. Remove old dump files.

commit 8dafb114b3
Author: João Valverde <j@v6e.pt>
Date:   Tue Aug 23 21:34:14 2022 +0100

    Gitlab CI: Try to fix ABI Checker job

    Moving to Ubuntu 22.04 generated spurious ABI compliance failures.
    Try to fix that. Works for me locally.

    [skip ci]

    (cherry picked from commit 00fb5a04c1297d4f47766d95166d439b5351f49f)

commit fbb6fc05d4
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Aug 28 16:38:56 2022 +0000

    [Automatic update for 2022-08-28]

    Update manuf, services enterprise numbers, translations, and other items.

commit 590a487815
Author: João Valverde <j@v6e.pt>
Date:   Thu Aug 25 09:13:17 2022 +0100

    Gitlab CI: Clean up formatting

commit 9aa93472a6
Author: João Valverde <j@v6e.pt>
Date:   Tue Aug 23 14:05:27 2022 +0100

    Gitlab CI: Use DWARF-4 with Valgrind Fuzz job

    Valgrind does not support Clang 14 + DWARF-5.

    Ping #18191.

    (cherry picked from commit a27ecac02a65aaea57db29be37e7a5d2a5967f72)

commit a1f5796a3f
Author: Guy Harris <gharris@sonic.net>
Date:   Tue Aug 23 13:43:16 2022 -0700

    Turn off the ABI checker for now.

    It seems to be doing something weird, and blocking a commit that doesn't
    do anything that would make those changes.  Disable it until we can make
    it work.

    (cherry picked from commit 665a4d2baa40616d18f5ed1e8a667d75c8256ca0)

commit db2f48222d
Author: João Valverde <j@v6e.pt>
Date:   Tue Aug 23 14:21:37 2022 +0100

    Gitlab CI: Use DWARF-4 with ABI Check job

commit 15da6c253c
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Aug 21 16:39:42 2022 +0000

    [Automatic update for 2022-08-21]

    Update manuf, services enterprise numbers, translations, and other items.

commit 8cfca8c3aa
Author: huangqiangxiong <qiangxiong.huang@qq.com>
Date:   Tue Aug 2 21:24:56 2022 +0800

    Protobuf: correct the starting offsets of the field name and type tree items

    (cherry picked from commit bb6fc5bb9a2386980a5a91e3d24ae5d322afc704)

commit 0c5b8fa5ef
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Wed Aug 17 14:33:39 2022 +0200

    BTATT: Fix bitmask for btatt.battery_power_state

    Fixes: #18267

    (cherry picked from commit 117788f6941a4c1a777d1f163da9d4fd31fb73aa)

commit a9c6ef1cad
Author: Guy Harris <gharris@sonic.net>
Date:   Sun Aug 14 22:50:51 2022 -0700

    Linux USB: fix incorrect values for the packet length.

    When reading memory-mapped Linux capture files, fix up the "real" length
    field, in case the file was written by a program doing a capture done
    with a version of libpcap with a bug that causes it to incorrectly set
    the "real" length for isochronous transfers.

    (cherry picked from commit 09c5183878b2a05e56ba5b5ac849785f5aafb122)

commit 845c0e2a27
Author: Guy Harris <gharris@sonic.net>
Date:   Sun Aug 14 16:12:07 2022 -0700

    frame: warn if the real length is less than the captured length.

    That should never be the case; if you slice off part of a sausage, the
    remainder of the sausage cannot be longer than the original sausage.

    Warn about that.

    (cherry picked from commit 8674eea7b0f3d5ac83460542e49f1cd64a6707ec)

commit 20a90e5eab
Author: Tomasz Moń <desowin@gmail.com>
Date:   Wed Jun 1 22:32:20 2022 +0200

    wiretap: Do not silently limit capture length

    Libpcap assumes that packet length is greater or equal to captured data
    length. However, due to a bug in libpcap, it was possible for libpcap to
    generate isochronous URB packets (WTAP_ENCAP_USB_LINUX_MMAPPED) with
    captured data length greater than packet length. The discrepancy comes
    from slightly different semantics in Linux kernel.

    Linux kernel usbmon packet documentation mentions:
        unsigned int length;  /* 32: Length of data (submitted or actual) */
        unsigned int len_cap; /* 36: Delivered length */

    Wireshark shows usbmon packet length as URB length (usb.urb_len) and
    len_cap as Data length (usb.data_len). For usbmon isochronous IN packets
    containing data (URB complete), usbmon length is "actual". Actual length
    is the sum of payload packets length received from device. Delivered
    length refers to the amount of data associated with usbmon packet, that
    is the isochronous descriptors and actual isochronous data. There can be
    multiple isochronous descriptors in single URB and the actual payload in
    special cases can be noncontiguous (there can be gaps).

    Libpcap when reading usbmon capture calculates packet length based on
    usbmon packet structure size (64), "actual length" and number of
    isochronous descriptors. This gives expected packet length as long as
    there are no gaps between isochronous data. If there are gaps, the
    calculated packet length will be smaller than delivered length.

    Wireshark should show the frame length and captured length as provided
    by the capture engine, even if the capture length is greater than frame
    length. Silently limiting captured length essentially hides the issue
    from the user and allows misbehaving capture engine to go unnoticed.

    Passing unmodified Frame Length and Capture Length to dissectors (and
    thus complete tvb) allows USB dissector to show all ISO Data fields
    captured on Linux usbmon interface using bugged libpcap.

    Fixes #18021

    (cherry picked from commit bf26f538c65ee37f321bc63ca9a27114914224dc)

commit 346b7e2c2d
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Aug 14 16:38:25 2022 +0000

    [Automatic update for 2022-08-14]

    Update manuf, services enterprise numbers, translations, and other items.

commit dc3b3bf1fa
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Aug 10 07:30:32 2022 -0400

    L2TP: Fix UDP conversation handling.

    RFCs 2661 and 3931 say that L2TPv2 and L2TPv3 use a TFTP-like method
    of selecting ports. The initiator picks a source port (which may or
    may not be 1701, the IANA assigned L2TP port), and sends a message to
    1701; the recipient picks a free port (which may or may not be 1701)
    and replies to the initiator's chosen port and address, and the
    conversation from then on uses the chosen ports.

    In practice, due to NAT, firewalls, etc., most implementations just
    use a symmetric predetermined L2TP port. To support both methods
    we use one-sided conversations with one port omitted. Fix the lookup
    of the reverse conversation. Part of #16565.

    (cherry picked from commit e51916b54cbd2c26c5349c514563caa08972d5b2)

commit b29e83df3c
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Aug 9 21:15:17 2022 -0400

    L2TP: Store cookie length, session IDs, and PW type from Cisco AVPs

    Store the cookie length, session IDs, and pseudowire type when
    they are carried in Cisco vendor-specific AVPs in the same way
    as done with the IETF AVPs. More of #16565.

    (cherry picked from commit 5e0446328209b7cc4932aa1401bcaf8cafa60322)

commit 1e7394fa98
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Aug 9 20:09:52 2022 -0400

    L2TP: Don't report Malformed Packet on ZLB messages

    Don't have things that substantively affect dissection depend
    on whether the tree is present or not. (It's not really necessary
    to do all these checks anyway since items are faked.)

    Prevents adding "[Malformed Packet]" to the Info column for all
    Zero Length Body messages. One of the things mentioned in
    issue #16565 (that patch was lost with Gerrit.)

    (cherry picked from commit 86c6509cf32ce9350ed20dea4c741052ec65f3dc)

commit 1fa713426a
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Thu Aug 11 10:22:16 2022 +0200

    TLS: put DIG_NA macro in last position

    (cherry picked from commit 32bce6c8d62221d49eab3a0d252a31d1efd3836a)

commit a52388450f
Author: zhangzhilei <zhangzhilei@360.cn>
Date:   Thu Aug 11 15:23:55 2022 +0800

    TLS: sync ciphers with ENC_ macro

    we should add SM1 and SM4 to ciphers because there are
    ENC_SM1 and ENC_SM4 defined in packet-tls-utils.h

    (cherry picked from commit 9da3c833a4b15a1be6441f80e93506e160cf6c01)

commit 42cc3b45be
Author: zhangzhilei <zhangzhilei@360.cn>
Date:   Thu Aug 11 12:19:43 2022 +0800

    TLS: sync digests with DIG macro

    since we define DIG_MD5(0x40) to DIG_SM3(0x45) in
    epan/dissectors/packet-tls-utils.h
    and in ssl_cipher_suite_dig,
    we use cs->dig - DIG_MD5 to retrive from digests,
    so we should add SM3 to digests

    (cherry picked from commit 6cd2258c559589aff7d9f10551016d78344cb7e8)

commit 784349f47c
Author: zhangzhilei <zhangzhilei@360.cn>
Date:   Thu Aug 11 10:39:24 2022 +0800

    TLS: fix wrong debug text

    fix wrong debug text

    (cherry picked from commit 1bdf7427b6c561d83e1bb6b89b46c0a0c745ba23)

commit 2bd9b865cf
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Wed Aug 10 09:46:31 2022 +0200

    NAS 5GS:  fix decoding of T3324 IE

    T3324 IE is GPRS timer 3 type.

    (cherry picked from commit 100fe4e94eea7cf7f6823c37b1746013e1bfa2d3)

commit a55fda3114
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Jul 28 19:14:00 2022 -0400

    sccp: Allow processing externally reassembled data

    SCCP places a limit of 255 bytes on DATA parameters, and
    segments data beyond that. Some tracing tools will externally
    reassemble data, writing a single message with an indicated
    length of 255 octets but with a longer payload. Allow the pref
    setting introduced in 086feb2f098903229a14fd25754cac06c625b647
    to work for all message containing DATA, such as XUDT messages.
    (Note that some tools leave the optional SEGMENTED parameter
    in when externally reassembling, and some do not.) Add an
    expert info to hint to the user when the setting might be
    worth changing. (Perhaps it should be default to TRUE?)

    Fix #10515

    (cherry picked from commit 5e715340bf5173d64af03adc0afdb7d46cdad51f)

commit bcdf1def80
Author: Pascal Quantin <pascal@wireshark.org>
Date:   Mon Aug 8 10:33:22 2022 +0200

    GSM CBSP: fix dissection of Repetition Period IE

    Closes #18254

    (cherry picked from commit 4e85e0bfbe1a267650c37bce25e8260a895ca425)

commit 13c4837aee
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Aug 7 16:35:38 2022 +0000

    [Automatic update for 2022-08-07]

    Update manuf, services enterprise numbers, translations, and other items.

commit ecf2d7610c
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Sat Aug 6 22:14:32 2022 +0200

    BGP: Check nhlen

    Only call tvb_bytes_to_str() when nhlen > 0

    Fixes: #18248

    (cherry picked from commit f9cf0a0ae7ebd8c4dd1da15c1ca4296313242a9a)

commit 1dd0b66e28
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Aug 4 19:24:03 2022 -0400

    ipsec: Don't include ICV in decrypted data with ESP NULL

    ESP NULL can be used with a non NULL AUTH, when wishing to
    provide authentication without encryption.

    Part of #13730

    (cherry picked from commit 5f05a705a6181b826c4f30da1b602d9ba003bc53)

commit 3244349085
Author: Chuck Craft <bubbasnmp@gmail.com>
Date:   Tue Nov 16 15:38:05 2021 -0600

    Qt (ByteView): update preference on hover state change; WSUG typo

    (cherry picked from commit f748c91bb2ad08b746216842f171c33245424394)

commit b4ef8162d1
Author: Gerald Combs <gerald@wireshark.org>
Date:   Fri Jun 3 13:47:41 2022 -0700

    Git+CMake: Add support for CMake presets.

    CMake 3.19 added support for CMakePresets.json and
    CMakeUserPresets.json, which let you prepopulate various configure,
    build, and test options. Add CMakeUserPresets.json to .gitignore as
    recommended by the documentation and add an example to the Developer's
    Guide. CMake uses 2-space indentation; specify that for CMake*.json in
    .editorconfig.

    (cherry picked from commit 2ac2b0670a4ae0d0ea0d481f42f23885aa8c10ce)

    Conflicts:
            .gitignore
            docbook/wsdg_src/WSDG_chapter_tools.adoc

commit 4cf7e3f0c7
Author: Chuck Craft <bubbasnmp@gmail.com>
Date:   Wed Aug 3 10:28:42 2022 -0500

    ipx: ipxnet_hash_table clear after init causes ipx_crash

    Closes #18234

    (cherry picked from commit 566ea8ceb4296f1d1cf246174cab9be5f170e1c6)

commit 6f23ef096e
Author: Guy Harris <gharris@sonic.net>
Date:   Tue Aug 2 23:31:44 2022 -0700

    Qt: fix speling.

    (cherry picked from commit 20a013a8afee9bdaa49998d43641f325ac7ffeaf)

commit bbd9fb6e47
Author: Guy Harris <gharris@sonic.net>
Date:   Tue Aug 2 16:38:49 2022 -0700

    Make sure we don't create comment options longer than 65535 bytes.

    Check in both editcap and Wireshark to make sure that comments have
    fewer than 65536 bytes before accepting them.

    This shoudl fix #18235, although there should also be checks in
    libwiretap to catch cases where the user interface code doesn't do the
    check (it should be done in the UI so that the user gets notified
    appropriately).

    (cherry picked from commit 71f32ef2a8bc18c65e856609a68778db2b32930d)

commit d06e9a6753
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Aug 2 15:30:46 2022 -0400

    GTP: Fix the version check in decode_qos_umts()

    Releases 98 and 99 are older than version 8. Also fix the
    extra length added for RADIUS so that it properly accounts
    for the lack of allocation-retention priority in RADIUS.
    Previously it was off by one, which caused errors in Release
    98. Fix #10688 again.

    (cherry picked from commit 4d9167908c4da68861ff4d68852b1b7a42b9d172)

commit 9f71024354
Author: Nardi Ivan <nardi.ivan@gmail.com>
Date:   Mon May 16 20:57:35 2022 +0200

    ISUP: avoid parameter summary text duplication

    Parameter name should be appended only once to the tree, when handling
    national extensions.

    Close #18094

    (cherry picked from commit fc89ddcdcf61628f36ffa43288c1959bfdc52925)

commit 54b0ecd9d8
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Jan 18 19:35:15 2022 +0000

    couchbase: fix Illegal call of proto_item_add_bitmask_tree without fields

    extra_flags can't be empty

    Fix #17890

    (cherry picked from commit ccdcc91e81c5428b6978ee9ecece2db2a36fcc6d)

commit 346a547eb8
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Jul 31 16:38:26 2022 +0000

    [Automatic update for 2022-07-31]

    Update manuf, services enterprise numbers, translations, and other items.

commit 18c9c2c20d
Author: Gerald Combs <gerald@wireshark.org>
Date:   Fri Jul 29 11:35:56 2022 -0700

    Docs: Fix our man page dependencies.

    Dependencies need to be set via add_custom_command.

    (cherry picked from commit 958242f9f7362788347bed141287c9ec19d5f516)

commit b6b21d0103
Author: Gerald Combs <gerald@wireshark.org>
Date:   Fri Jul 29 10:42:48 2022 -0700

    Docs: Remove the "Last updated" footer from our HTML man pages.

    The "Last updated" footer time is the last modified time of the source
    file. We could make it reproducible using something like
    git-restore-mtime, but it's easier (and IMHO less ugly) to just remove
    the footer.

    (cherry picked from commit 8015762319b2ef97063a5fb74a79a1b2035f780e)

commit e465f5c871
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Jul 28 07:51:47 2022 -0400

    packaging: EPEL 8 has asciidoctor now

    rubygems-asciidoctor was released 2022-05-18 for EPEL 8
    ( https://bugzilla.redhat.com/show_bug.cgi?id=1820896 )
    so we don't need to special case it for RHEL/Centos 8.

    (cherry picked from commit 32326b3a0731fa0a6eebcff280249d764fc41800)

commit 822712e4da
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Wed Jul 20 18:48:47 2022 +0200

    rpm-setup.sh: Improve messages

    Give more detailed information to the user which package
    is missing.

    Fixes: #18166
    (backported from commit 73ecb86f4cb3b1737765885d028f2083e06eef1e)

commit d27e6668df
Author: Gerald Combs <gerald@wireshark.org>
Date:   Thu Jan 6 10:36:16 2022 -0800

    Tools: Add openSUSE 15.3 requirements to rpm-setup.

    (cherry picked from commit 11d8520f6913ea9e4151c185aca9f631a52d1cef)

commit 947bdff942
Author: John Thacker <johnthacker@gmail.com>
Date:   Thu Mar 17 07:37:20 2022 -0400

    tls: Use TCP reassembly functions for desegmentation

    Since TLS uses the TCP multisegment pdus for desegmentation,
    use the TCP reassembly functions so that both the first frame
    and sequence number are used. Fix #11173 somewhat better than
    the previous fix, because it avoids the (unlikely) case of two
    different fragments comparing equal when just bit twiddling a
    single key.

    (cherry picked from commit b82ef4ad04ce3057c6859cfac620034f6ec71430)

commit a04fe37ae3
Author: naesten <naesten@gmail.com>
Date:   Sun Apr 17 22:25:57 2022 +0000

    Fix tools/*-setup.sh to work with no arguments

    They were checking for --help in an unusual manner that failed when
    run with no arguments.

    I've checked that --help works for each script, and that debian-setup.sh
    actually works.

    NOTE: bsd-setup.sh and rpm-setup.sh seem to have sometimes-broken
    formatting, because they try to pass escape sequences to echo, which
    POSIX says is implementation-defined (except on XSI-conformant systems).

    These changes were mostly made using the following script, with a
    manual fix in bsd-setup.sh because it isn't using "switch case".

    ```python

    import sys
    import re

    usage_p = re.compile(r'^if \[ "\$1" = "--help" \]\nthen\n((?:\t(?:printf|echo) .*\n)*)\texit 1\nfi$',
                         re.MULTILINE)

    case_p = re.compile(r'(^\tcase \$arg in$)',
                        re.MULTILINE)

    root_check_p = re.compile(r'(\n# Check if the user is root(?:\n|.)*?fi\n)',
                              re.MULTILINE)

    done_p = re.compile(r'(^done\n)',
                        re.MULTILINE)

    def fix_setup(name: str):
        assert name.endswith('-setup.sh')

        with open(name, 'r') as fin:
            s = fin.read()

        s = usage_p.sub(r'function print_usage() {\n\1}', s)
        s = case_p.sub(r'''\1
    \t\t--help)
    \t\t\tprint_usage
    \t\t\texit 0
    \t\t\t;;''', s)

        m1 = root_check_p.search(s)
        if m1:
            root_check = m1[0]
            s = root_check_p.sub('', s)
            pos = done_p.search(s).end()  # type: ignore[union-attr]
            s = s[:pos] + root_check + s[pos:]

        with open(name, 'w') as fout:
            fout.write(s)

    if __name__ == '__main__':
        for name in sys.argv[1:]:
            fix_setup(name)
    ```

    (cherry picked from commit c8d9c6fc6a92d83c34160b8c4490f6495d57f605)

     Conflicts:
            tools/alpine-setup.sh
            tools/arch-setup.sh
            tools/msys2-setup.sh

commit 429806526a
Author: John Thacker <johnthacker@gmail.com>
Date:   Tue Mar 15 20:11:40 2022 -0400

    tcp: Use first frame and sequence number for reassembly

    It's possible to have more than one TCP segment for the same
    stream that begins in the same frame when there is encapsulation
    (e.g. DVB BaseBand Frames carrying GSE or MPE with IP.)

    We always have the tcp_multisegment_pdu when looking up fragments
    in TCP, so declare reassembly functions for TCP that accept the
    MSP as data, so we can use the starting sequence number of the MSP
    to distinguish segments with identical first frames. (Using the
    sequence number alone would fail with re-used sequence numbers in
    long connections or reused ports, and also have more hash collisions
    with relative sequence numbers.) This is analogous to #11173 for
    TLS.

    (cherry picked from commit 9ca501ae13ab53d7a30ef4d55fca0321dfefe764)

commit eca07c1181
Author: Gerald Combs <gerald@wireshark.org>
Date:   Wed Jul 27 14:35:24 2022 -0700

    Version: 3.6.7 → 3.6.8.

    [skip ci]
