commit c2dfcf9bc6
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 25 12:23:23 2022 -0700

    GitLab CI: Build RPMs in parallel.

    Our RPM spec runs `cmake --build ... -j1` on Fedora and Rocky. Set
    RPM_BUILD_NCPUS, which increases the `-j` value so that ninja can make
    full use of the system.

    [skip ci]

    (cherry picked from commit 23f206c8b8887bd11b121b28d54e749b69febbe9)

    Conflicts:
            .gitlab-ci.yml

commit 1dc7cef383
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 25 12:17:25 2022 -0700

    Prep for 4.0.1.

    [skip ci]

commit b71bbbed20
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 25 09:06:33 2022 -0700

    IEEE 802.11: Fix a length check.

    Fix a length check issue introduced in 85a9e05c52.

    (cherry picked from commit 708da485267804865278e43960495446a2c06329)

commit 9374e8b130
Author: John Thacker <johnthacker@gmail.com>
Date:   Mon Oct 24 08:30:54 2022 -0400

    SCTP: Fix host name address parameter

    The deprecated Host Name Address Parameter, RFC 9260 3.3.2.1.4:
    "At least one null terminator is included in the Host Name string
    and MUST be included in the length."

    That makes it a string which is both counted and null-terminated,
    which is a FT_STRINGZ. Return the string as obtained rather than
    formatting it a second time. Don't pass in a width as a format specifier,
    because the length of the UTF-8 string is not necessarily the length
    in octets, if replacement characters or escaping was used.

    Fix #18534.

    (cherry picked from commit 0647fc5f238f642212a0a058b45a315242cb5a45)

commit b8f6e713aa
Author: Michael Tuexen <tuexen@wireshark.org>
Date:   Thu Oct 13 01:16:27 2022 +0200

    SCTP: Improve handling of Host Name parameters

    (cherry picked from commit 41fdfcdbfbcf02f903a7a3e1b118c02ff77958d5)

commit aa6583095c
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Mon Oct 24 09:26:14 2022 +0200

    Add dot in Protocol column for H.xxx dissectors

    Closes #18524

    (cherry picked from commit 3353a158a9ec8b86b00ca3e14a649e73c55f1443)

commit dfb7fcc753
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Thu Oct 20 08:13:09 2022 +0200

    h248: Add missing dot in H.248 protocol name

    Add the missing dot in H.248 protocol name and dissector table.

    Closes #18513

    (cherry picked from commit cac6a8452b63c96c30e705ad850136d2448a0890)

commit d18638dc7b
Author: Anders Broman <anders.broman@ericsson.com>
Date:   Mon Oct 24 19:49:04 2022 +0200

    PER: Fix call_per_oid_callback() open type length is in bytes.

    tvb_new_octet_aligned() expects the length in bits.

    (cherry picked from commit 92d58f297dfcbb4e9dabb771e2002dbd3b326d38)

commit 8556212cac
Author: Chuck Craft <bubbasnmp@gmail.com>
Date:   Sun Oct 23 17:33:06 2022 -0500

    github: use latest winflexbison3 in workflow build

    Use current version (2.5.24.20210105) which is hosted on github.
    Should reduce timeouts previous version had which is hosted on
    sourceforge.

    (cherry picked from commit 72234923c4d41a783b28883525045a32d1bcc253)

commit 6f5a0f78c7
Author: Alexander Funke <alexander.funke@fh-muenster.de>
Date:   Thu Oct 20 14:49:58 2022 +0200

    IP: Fix fragment offset value calculation

    The bitmask was applied twice, through the header_field_info
     and before calling proto_tree_add_uint.
    Now using _format_value for correct calculation.

    (cherry picked from commit 1ab15061b56ac549a1eae9002f4965990a87c9a4)

commit 2d5da44ad1
Author: Michael Tuexen <tuexen@wireshark.org>
Date:   Sat Oct 15 15:59:35 2022 +0200

    TCP: Update TCP TARR support to version 06 of the ID

    The dissector now supports draft-gomez-tcpm-ack-rate-request-06.
    The rate is now encoded in one byte instead of two.

    (cherry picked from commit 510c22a6a724747bd54f6f9e4294c9723cd3ca31)

commit 062976537c
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Oct 24 10:04:27 2022 -0700

    IEEE 802.11: Fix DSCP string handling

    Replace looped snprintfs with wmem_strbuf_append_printfs.

    (cherry picked from commit 85a9e05c52b1d011eb128d94d4c9c6893fe32472)

commit 118f49876c
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Sep 6 11:25:15 2022 +0000

    diameter: Fix Clang Warning

    line 2198 Although the value stored to 'vnd' is used in the enclosing expression, the value is never actually read from 'vnd'

    (cherry picked from commit 7b2f0222400e9494f7d6ab16dbfa1f467f94f68d)

commit b551a14f19
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Sep 6 11:41:30 2022 +0000

    pfcp: Fix deadcode found by Clang Analyzer

    packet-pfcp.c:8650:9: warning: Value stored to 'offset' is never read [deadcode.DeadStores]

    (cherry picked from commit 7e45b72c3968a2ddd02b72d2201406b2425c4fd8)

commit 5c4c061ae1
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Sep 6 11:38:28 2022 +0000

    oran: Fix deadcode found by Clang Analyzer

    packet-oran.c:517:5: warning: Value stored to 'bit_offset' is never read [deadcode.DeadStores]

    (cherry picked from commit 9503dd457669402647a2ee1becaaff08925806ce)

commit 340d1fdecb
Author: Alexis La Goutte <alexis.lagoutte@gmail.com>
Date:   Tue Sep 6 11:31:53 2022 +0000

    mbim: Fix deadcode found by Clang Analyzer

    packet-mbim.c:5651:5: warning: Value stored to 'offset' is never read [deadcode.DeadStores]
    packet-mbim.c:5703:5: warning: Value stored to 'offset' is never read [deadcode.DeadStores]

    (cherry picked from commit 4bcc8d86f8ebe849f404e86ae4229342c570ff1f)

commit 8bd1c0996f
Author: Dr. Lars Völker <lars.voelker@technica-engineering.de>
Date:   Wed Oct 12 19:59:27 2022 +0200

    BLF: Fixing the interpretation of SRR and RTR

    This fixes a bug in the canfdmessage64 encoding in BLF that leads to
    CAN-FD frames being interpreted as Remote Frames instead of correctly
    ignoring the SRR flag. Makes canfdmessage encoding more robust as well.

commit d9a8a6f313
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Oct 23 16:36:59 2022 +0000

    [Automatic update for 2022-10-23]

    Update manuf, services enterprise numbers, translations, and other items.

commit 66634eef60
Author: Gerald Combs <gerald@wireshark.org>
Date:   Fri Oct 21 14:48:14 2022 -0700

    GitLab CI: Fix the Win64 Package job.

    Set CMAKE_PREFIX_PATH.

commit 11caac147e
Author: Guy Harris <gharris@sonic.net>
Date:   Fri Oct 21 00:42:42 2022 -0700

    packet bytes: do a simpler test for "is this ASCII?"

    Just test whether the octet has the 0x80 bit set.

    (cherry picked from commit 10703285972f0e992e25409667464d302c949304)

commit a58d017c99
Author: Guy Harris <gharris@sonic.net>
Date:   Thu Oct 20 23:07:23 2022 -0700

    packet bytes: don't assume the unadorned "char" type is signed.

    The C language does not guarantee that "char" is signed or unsigned; it
    just states that it's "implementation-dependent".

    At least some C compilers for some architectures make it unsigned, so
    you need "signed char" to get a signed value.  In particular, it's
    unsigned for most ARM compilers (compilers for Darwin-based OSes such as
    macOS make it signed on all platforms, including ARM), which causes a
    warning about "ba[i] < '\0'" always being false.

    The purpose of that test is to check for octets that correspond neither
    to ASCII printable characters nor ASCII control characters; just test
    with !g_ascii_isprint(ba[i]) && !g_ascii_iscntrl(ba[i]).  (Those are
    macros, so it's not as if that adds any subroutine call overhead.)

    Add some comments to explain what's being done in
    ShowPacketBytesDialog::symbolizeBuffer() while we're at it.  (Not one of
    the better uses of C++ polymorphism, giving "replace the octet at this
    location with this sequence of octets" and "replace all octets equal to
    this value with this sequence of octets" the same name, even though what
    they do differs significantly.  I would have called one replace_at and
    the other replace_all or something such as that, but the Qt developers
    didn't ask me....)

    (cherry picked from commit de50666ec077a0b09f3d61ccd20870a03db52c92)

commit ec26e75c2f
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Oct 19 07:23:50 2022 -0400

    rtcp: Use setup_frame_number to look for conversations

    Use the setup_frame_number to look for and create conversations
    with srtcp_add_address, the same way as done in srtp_add_address.
    This ensures that RTP and RTCP find the same conversation when
    called back to back (as when handling them multiplexed on the
    same conversation.

    Related to #18460.

    (cherry picked from commit 2d831519c3f58979b4caa434fef7a3e8cd6a10cf)

commit cb44e927dc
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Oct 17 12:45:04 2022 -0700

    GitLab CI: Switch the Windows packages back to Qt 5.

    There are a couple of Qt6-related issues causing problems for users.
    Switch back to Qt5 until they're resolved.

    Ping #18476.

commit 9fe9df3065
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Tue Oct 18 21:28:14 2022 +0200

    CFDP: Fix empty source filename

    Fixes: #18495

    (cherry picked from commit b42628389ec23de92b37972ff8c65dd4b25a243d)

commit 01c69da05b
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 18 13:59:49 2022 -0700

    Qt: Add geolocation columns back to the Endpoints dialog.

    Add geolocation columns back to the Endpoints dialog. Fix our
    geolocation column alignments as well.

    Fixes #18320.

    (cherry picked from commit b2b76c2baefc9a483de83cbcb810d9a609e948f0)

commit a0e48787fd
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 18 12:38:36 2022 -0700

    Qt: Fix the ByteViewText line height.

    QFontMetrics::leading() was zero for Consolas on Windows in Qt5, but is
    nonzero in Qt6. This revealed that we were inconsistently using height()
    and leading() to calculate our line height. Just use lineSpacing()
    instead.

    Fixes #18438.

    (cherry picked from commit 0d59da3156f834986444bb0cec22ae810b19d36b)

commit 14aae4feb5
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Sep 27 11:34:51 2022 -0700

    Qt: Use new-style syntax for signal & slots connected by name.

    Change anything that matches

        grep -Eir '(signal|slot) *\( *on_action' ui

    to new-style connections so that we can catch any future direct
    connection conversion issues at compile time.

    Change a connection from on_actionCaptureOptions_triggered to
    showCaptureOptionsDialog and make showCaptureOptionsDialog public. Fixes
    an issue introduced in fcdb77dc.

    (cherry picked from commit f011e750258b7d36c7074661efd227de400090e3)

    Fixes #18506

commit 6c5a76e6d1
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Oct 16 16:40:53 2022 +0000

    [Automatic update for 2022-10-16]

    Update manuf, services enterprise numbers, translations, and other items.

commit 41bf376f1e
Author: Jaap Keuter <jaap.keuter@xs4all.nl>
Date:   Sat Oct 15 22:19:12 2022 +0200

    PER, asn2wrs: Fix permitted-alphabet constrained character strings

    Effective permitted-alphabet constraints are only PER-visible for
    the known-multiplier character string types (X.691 27.1). When
    PER-visible, the upper bound of any code point used in the
    alphabet needs to be calculated, in particular for the ALIGNED
    variant, because that determines whether or not canonical order
    is used (X.691 27.5.2, 27.5.4).

    Note that even with the change to asn2wrs.py none of the generated
    dissectors change, because we don't have any example of ASN.1
    with non-PER visible permitted alphabet constraints because of
    using them on non known-multiplier character string types
    (like UTF8String).

    There's some various edge cases that we still don't handle, but
    nothing that any of the ASN.1 modules in the repository use.
    (Permitted-alphabet constraints using characters outside the
    ASCII range, possibly with "CharacterStringList", "Quadruple",
    or "Tuple" notation, permitted-alphabet constraints that are
    extensible and thus not PER-visible, etc.)

    Also fix a fencepost error with the length of the octets to highlight.

    Fix #18468

    (cherry picked from commit cb23c5e8d74223ab8c2fb7fcb081d7128ffaf2fd)

    # Conflicts:
    #       epan/dissectors/packet-per.c

commit 33aa938ff3
Author: Chuck Craft <bubbasnmp@gmail.com>
Date:   Wed Oct 12 14:43:05 2022 -0500

    Github actions: newer verions with node12 -> node16

    Ping #18462

    (cherry picked from commit 3c0936d83e5e1ddda369533b072d5c0a62bf38d3)

commit d5a184e88f
Author: John Thacker <johnthacker@gmail.com>
Date:   Wed Oct 12 23:43:41 2022 -0400

    smb: Fix display_unicode_string

    In SMB, display_unicode_string is used to handle null terminated
    UTF-16LE strings. Do that with the normal API, instead of just
    taking every other byte (which works for ASCII and nothing else.)

    Do the same fix for the DirectPlay dissector, which borrowed the
    code from SMB

    Fix #18467.

    (cherry picked from commit 900984b3b7e9e49c9186bcd799882cf7f6cdd8e3)

commit 6fce089ba6
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Oct 12 01:25:04 2022 -0700

    Match declaration style of other functions.

    All other functions are declared with two lines:

        WS_DLL_PUBLIC <type>
        <function_name(<args>);

    Declare wtap_block_foreach_option() that  way, too, for consistency.

    (cherry picked from commit 670bacedc9e0c455b9104166791a48ce338c26d2)

commit f6196a0617
Author: Guy Harris <gharris@sonic.net>
Date:   Tue Oct 11 23:53:03 2022 -0700

    Use "a" before consonant sounds, use "an" before vowel sounds.

    (cherry picked from commit f7422a5cc85a3b58b371fa7ec22c55dc0662215c)

commit eb1dad4ef9
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Aug 30 13:20:11 2022 -0700

    GitLab CI: Reenable the ABI Check job.

    Update our ABI dump files using ones built with our current ubuntu-dev
    image. Reenable the "ABI Check" job.

commit a9e0fbac40
Author: Gerald Combs <gerald@wireshark.org>
Date:   Mon Oct 10 09:18:22 2022 -0700

    Qt: Properly truncate our FieldInformation strings.

    As the Qt6 QString::QString(const QByteArray &ba) documenation says:

    "Note: any null ('\0') bytes in the byte array will be included in this
    string, converted to Unicode null characters (U+0000). This behavior is
    different from Qt 5.x."

    Make sure FieldInformation::toString() truncates its display label byte
    array before converting it to a QString.

    Fixes #18428

    (cherry picked from commit f3f1556d456a7a3d3a70c7c4f05cdd02f01463e6)

commit 8ca341774e
Author: Guy Harris <gharris@sonic.net>
Date:   Mon Oct 10 16:00:53 2022 -0700

    transum: expert infos are not Boolean fields.

    They're of type FT_NONE, meaning that they do not have values, they're
    just present or not.

    Handle the TCP analysis fields "tcp.analysis.retransmission" and
    "tcp.analysis.keep_alive", both of which are expert infos, by just
    seeing if they're present or not.

    Fixes a problem mentioned in a comment in merge request !8412.

    (cherry picked from commit 3db17dab82d41d97c6426d8767971dd3d40bc8f2)

commit e9c398ca75
Author: Gerald Combs <gerald@wireshark.org>
Date:   Sun Oct 9 16:37:12 2022 +0000

    [Automatic update for 2022-10-09]

    Update manuf, services enterprise numbers, translations, and other items.

commit 626db94cc3
Author: Angelo Spampinato <aspampinato@protonmail.com>
Date:   Thu Aug 25 16:43:56 2022 +0000

    Adding some SharkFest info to the welcome screen

    (cherry picked from commit 52e34b25319beac6c5a3f2eab306cf93b9c5ae37)

commit b9712ee3c0
Author: João Valverde <j@v6e.pt>
Date:   Sat Oct 8 16:47:51 2022 +0100

    dfilter: Fix integer comparison on big-endian

    Fix copy-paste mistake to use the correct struct field.

    Fixes #12236.

    (cherry picked from commit 7b4abf83417beeaf6cc178303d1f118017a48167)

commit 3b84ee876e
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Thu Oct 6 12:15:04 2022 +0200

    f5ethtrailer: Default disable preference to perform analysis

    The f5ethtrailer.perform_analysis preference is documented to
    "slow down Wireshark", so make it default disabled.

    (cherry picked from commit 245df5da6207c82084681affcd9269bca9d020e3)

commit 77666bdb4e
Author: João Valverde <j@v6e.pt>
Date:   Fri Oct 7 12:18:51 2022 +0100

    dfilter: Amend a numeric pattern in the scanner

    We amend the :<numeric> pattern to not eat the leading
    colon. Because the colon can be part of the value (with IPv6 addresses
    for example) we want to avoid doing that.

    IPv6 addresses are covered by their own rules but this removes the
    requirement in the future to handle any special cases and avoids
    surprises.

    For this reason the colon-prefix syntax is already explicitly defined to
    work only for byte arrays and there is currently no universal
    syntax for all literal values or even all numbers.

    Other numbers can keep using the lexical type "unparsed".

    ```
    run/dftest "_ws.ftypes.uint8 == :fd"
    Filter: _ws.ftypes.uint8 == :fd
    dftest: ":fd" is not a valid number.
            _ws.ftypes.uint8 == :fd
                                ^~~

    run/dftest "_ws.ftypes.uint8 == fd"
    Filter: _ws.ftypes.uint8 == fd
    dftest: "fd" is not a valid number.
            _ws.ftypes.uint8 == fd
                                ^~

    run/dftest "_ws.ftypes.uint8 == 0xfd"
    Filter: _ws.ftypes.uint8 == 0xfd

    Syntax tree:
     0 TEST_ANY_EQ:
       1 FIELD(_ws.ftypes.uint8 <FT_UINT8>)
       1 FVALUE(253 <FT_UINT8>)

    Instructions:
    00000 READ_TREE         _ws.ftypes.uint8 <FT_UINT8> -> reg#0
    00001 IF_FALSE_GOTO     3
    00002 ANY_EQ            reg#0 == 253 <FT_UINT8>
    00003 RETURN

    run/dftest "_ws.ftypes.bytes == fd"
    Filter: _ws.ftypes.bytes == fd

    Syntax tree:
     0 TEST_ANY_EQ:
       1 FIELD(_ws.ftypes.bytes <FT_BYTES>)
       1 FVALUE(fd <FT_BYTES>)

    Instructions:
    00000 READ_TREE         _ws.ftypes.bytes <FT_BYTES> -> reg#0
    00001 IF_FALSE_GOTO     3
    00002 ANY_EQ            reg#0 == fd <FT_BYTES>
    00003 RETURN

    run/dftest "_ws.ftypes.bytes == :fd"
    Filter: _ws.ftypes.bytes == :fd

    Syntax tree:
     0 TEST_ANY_EQ:
       1 FIELD(_ws.ftypes.bytes <FT_BYTES>)
       1 FVALUE(fd <FT_BYTES>)

    Instructions:
    00000 READ_TREE         _ws.ftypes.bytes <FT_BYTES> -> reg#0
    00001 IF_FALSE_GOTO     3
    00002 ANY_EQ            reg#0 == fd <FT_BYTES>
    00003 RETURN
    ```

commit aae7795005
Author: João Valverde <j@v6e.pt>
Date:   Fri Oct 7 11:28:22 2022 +0100

    dfilter: Remove problematic <...> literal syntax

    The <...> syntax for literals, intended to be as generic as
    possible, unintentionally introduced an ambiguity with the
    relational expression "a < b or a > c".

    Literals are values like numbers, bytes, IPv6 addresses or, one
    could imagine, UNC paths for example, if an FT_UNC type were to
    be added in the future.

    We could use a new unique symbol like @...@ but the <...>
    syntax is very recent and may not be necessary with ":xxx" so
    just remove it.

    A byte array can be explicitly declared by prefixing with a colon. It
    is not as generic but the main ambiguity that this new syntax attempted
    to solve is bytes vs protocol names. We don't want to introduce a new
    reserved symbol for now, until other requirements if any are more clear.

    Fixes #18418.

commit 69626fec88
Author: j.novak@netsystem.cz <j.novak@netsystem.cz>
Date:   Sat Oct 8 15:10:35 2022 +0000

    RTP Player: Fix: Only silence played on Windows with Qt 6.x

commit dd5c7d0aa7
Author: Uli Heilmeier <uh@heilmeier.eu>
Date:   Fri Oct 7 13:16:32 2022 +0200

    sshdump: Add '-f ' for capture filter

    Fixes #18420

    (cherry picked from commit a471aa76286b59da87dc361b3f29c2749616ef80)

commit c03a118673
Author: Eugene Adell <eugene.adell@gmail.com>
Date:   Sat Oct 8 09:13:44 2022 +0200

    Conversation dialog : rename the B to A packets column

    The A to B packets column appeared twice, probably due to a
    copy/paste.

    (cherry picked from commit 24fadd8938698fd2cd214647b0264d40dce93ebc)

commit 15d84369ae
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Fri Oct 7 14:16:04 2022 +0200

    f5ethtrailer: Only remove registered taps

    Add checks to only remove registered taps.

    (cherry picked from commit da4277971fe0a9df0097b39e26a702768b25da7b)

commit c902e0d370
Author: Balint Reczey <balint@balintreczey.hu>
Date:   Thu Oct 6 10:20:40 2022 +0200

    debian/control: Make libwsutil-dev break/replace libwireshark-dev (<< 3.7.0)

    Libwsutil now ships header files previously present in libwireshark-dev.

    Follow-up to d391d86c337ec1389095b55a2ee2f7ac56e65d80.

    (cherry picked from commit 3c933a6dba1f8ec05e0f41fbb7736e98fe969d4d)

commit a1a5d60638
Author: Guy Harris <gharris@sonic.net>
Date:   Wed Oct 5 14:57:08 2022 -0700

    TRANSUM: fix fetching of Boolean values.

    As of a change many years ago, Boolean values are stored as 64-bit (the
    change was made to handle Boolean bitfields in 64-bit fields).  Fix the
    extractor for Boolean values to fetch from the 64-bit unsigned integer
    field, and, while we're at it, add a change that the field in question
    really *is* a Boolean field (the functions used to fetch the value in
    the other extractors do such a check).

    (cherry picked from commit b2cbc6f034d6ef5e0813f59a45387cc79b9311e4)

commit 687b15737a
Author: John Thacker <johnthacker@gmail.com>
Date:   Mon Oct 3 21:10:33 2022 -0400

    gtp: Use ENC_APN_STR for decode_apn

    Using ENC_APN_STR is simpler and guarantees that we produce
    valid UTF-8. Fix #18402

    (cherry picked from commit 333fe08bb3ae72426522d86ede66b4e2abdf43b8)

commit 7af3fb612b
Author: Gerald Combs <gerald@wireshark.org>
Date:   Tue Oct 4 17:23:23 2022 -0700

    Version: 4.0.0 → 4.0.1.

    [skip ci]
