When reading a packet capture with capinfos on a system with
FIPS 140-2 enabled, libgcrypt will abort for any non approved
algorithm. In this case the RIPEMD 160.
Rename init_progfile_dir to configuration_init. Add an argument which
specifies our configuration namespace, which can be "Wireshark"
(default) or "Logwolf".
The verbiage for first/last packets and start/end times seem
to not be consistent. Changing will also require a change to
Capture File Statistics in the Wireshark Gui. Future MR.
Calculate the hashes for a file after the wtap_open_offline, to avoid
spending time calculating them for files that aren't known capture
formats. We wouldn't print the checksums in those cases anyway,
and the time savings can be considerable on large non-capture files.
Besides the obvious limitation of being unavailable on Windows,
the standard is vague about getopt() and getopt_long() has many
non-portable pitfalls and buggy implementations, that increase
the maintainance cost a lot. Also the GNU libc code currently
in the tree is not suited for embedding and is unmaintainable.
Own maintainership for getopt_long() and use the musl implementation
everywhere. This way we don't need to worry if optreset is available,
or if the $OPERATING_SYSTEM version behaves in subtly different ways.
The API is under the Wireshark namespace to avoid conflicts with
system headers.
Side-note, the Mingw-w64 9.0 getopt_long() implementation is buggy
with opterr and known to crash. In my experience it's a headache to
use the embedded getopt implementation if the system provides one.
Remove "Section N:" headers from capinfos table (`-T`) output when
outputting "additional capture file information" with `-F` and/or
comments with `-k`. These headers broke the formatting of table output.
The downside to this fix is that pcapng files with multiple SHBs and/or
comments will have extra table columns that don't line up with the
header, as in:
...,hardware1,os1,application1,comment1,comment1,hardware2,os2,
application2,comment2,comment2,...
There's no real good way around this though.
Bug 17478 was caused by `wtap_rec.block` being allocated for each
packet, but not freed when it was done being used -- typically at the
end of a loop.
Rather than requiring each caller of `wtap_read()` to know to free a
member of `rec`, I added a new function `wtap_rec_reset()` for a
slightly cleaner API. Added calls to it everywhere that seemed to make
sense.
Fixes#17478
Version info is an aspect of UI implementation so move it to
a more appropriate place, such as ui/. This also helps declutter
the top-level.
A static library is appropriate to encapsulate the dependencies
as private and it is better supported by CMake than object libraries.
Also version_info.h should not be installed as a public header.
Instead of receiving the program name from GLib, pass it explicitly
to ws_log_init() instead and use that to initialize the GLib program
name.
ws_log_parse_args() will now exit the program when it encounters an
argument error if exit_failure >= 0.
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
"Commonly-used" meaning "used by more than one source file".
Clean up the exit codes, combining some duplicates with different names,
and using some instead of raw numbers in some places.
Have routines to report capture-file errors, using libwireshark error
codes and strings, that call through a pointer, so they can pop up
dialogs in GUI apps, print a message to the standard error on
command-line apps, and possibly do something different on server
programs.
Have init_report_message() take a pointer to structure containing those
function pointers, rather than the function pointers themselves, as
arguments.
Make other API changes to make that work.
The "short name" is really just the name, used to look it up. The
"name" is really a description intended solely for human consumption.
Rename the fields, and the functions that access them, to match.
The "description" maintained by Lua for file type handlers is used
*only* for one debugging message; we should probably just eliminate it.
Call it an "internal description" for now.
In each of our executables we were calling "setlocale(LC_ALL, "")" at
startup. This told Windows that output was encoded using the current
system code page. Unless the code page was 65001 (UTF-8), this was a lie.
We write UTF-8 to stdout and stderr, so call "setlocale(LC_ALL, ".UTF-8)"
at startup on Windows. This lets the CRT translate our output correctly
in more cases.
Clarify and expand the OUTPUT section in the tshark man page.
Bug: 16649
Change-Id: If93231fe5b332c292946c7f8e5e813e2f543e799
Reviewed-on: https://code.wireshark.org/review/37560
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Make wtap_file_get_shb() take a section number argument, and update code
that called it. In most cases, we convert the code to iterate over
sections; in cases where a big code change would be required, we
temporarily pass it 0 and mark the code as "needs to be updated for
multiple sections".
Eliminate cf_read_section_comment(); in calls outside file.c, other code
directly calls the libwiretap routines it calls and, inside file.c, we
just transplant the code and then fix it not to assume a single SHB.
Change-Id: I85e94d0a4fc878e9d937088759be04cb004e019b
Reviewed-on: https://code.wireshark.org/review/37000
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Make the buffers big enough to handle the largest possible time values
you can get with a 64-bit time_t.
Don't cast the seconds value to unsigned long; it's probably signed, and
may not fit in an unsigned long (64-bit on an ILP32 or LLP64 platform),
so cast it to gint64 and print using G_GINT64_MODIFIER followed by "d".
Bug: 16519
Change-Id: I3ab79dfa086d2c4dfb6b93eba8cef3bdce731731
Reviewed-on: https://code.wireshark.org/review/36971
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Open and close the file there, as well as reading it.
Small code cleanup, add comments.
Change-Id: I895dd61c92160649fc9ee1cdcf3df45db3eabe57
Reviewed-on: https://code.wireshark.org/review/32017
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For close to 10 years, we have defaulted not to stop processing on an
open error; default not to stop processing on a read error, either. -C
causes us to stop for both.
Bug: 15433
Change-Id: I5cd239c160d0ff85eb0425ca4b172532a4659fd3
Reviewed-on: https://code.wireshark.org/review/31710
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it slightly clearer, from code inspection, what the -C flag
does. The default behavior is to continue; -C cause capinfos to stop,
rather than continue, after an open failure.
Change-Id: I8bc67ce61c5d828c7f0ed87ee397ef994ff99aa4
Reviewed-on: https://code.wireshark.org/review/31621
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit b32c8432c7.
Reason for revert: the variable name was confusing - it describes
the behavior if the -C flag is *absent*, and -C sets it to *false*.
Change-Id: Ia4d2fb954466b710db3fd1b9897feb9f3818c3a9
Reviewed-on: https://code.wireshark.org/review/31618
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When the -C flag was added, it meant (and still means) "[C]ontinue after
open errors", which was new behavior; the default "exit on open errors"
behavior was not changed.
Change-Id: I066c1aaef544e57efb39404e2dd61acbd9a91754
Reviewed-on: https://code.wireshark.org/review/31614
Reviewed-by: Guy Harris <guy@alum.mit.edu>
What we were calling the "name" is actually a description to show to
users; what were calling the "short name" is just the name to use on the
command line.
Rename some routines and structure members, and put the name first and
description second in the table.
Expand some descriptions to give more details (e.g., to be more than
just a capitalized version of the name).
Fix the CamelCase capitalization of InfiniBand.
Change-Id: I060b8bd86573880efd0fab044401b449469563eb
Reviewed-on: https://code.wireshark.org/review/31472
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Restore the "main" name since that is used everywhere else except for
Windows. On Windows, "main" is renamed via a macro to avoid a conflict
with "wmain" and to allow it to be called in cli_main.c.
For those wondering, GUI applications (such as Qt) have a different
entry point, namely WinMain. In Qt5, src/winmain/qtmain_win.cpp defines
WinMain, but seems to convert its arguments from Unicode to CP_ACP
(ASCII). It might not support UTF-8, but I did not verify this.
Change-Id: I93fa59324eb2ef95a305b08fc5ba34d49cc73bf0
Reviewed-on: https://code.wireshark.org/review/31208
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a ws_init_version_info() routine that, given an application name
string:
constructs the app-name-and-version-information string, and
saves it;
adds the initial crash information on platforms that support it,
and saves it.
Have show_version() use the saved information and take no arguments.
Add a show_help_header() routine to print the header for --help
command-line options, given a description of the application; it prints
the application name and version information, the description, and the
"See {wireshark.org URL}" line.
Use those routines in various places, including providing the
"application name" string in pcapng SHBs.
Change-Id: I0042a8fcc91aa919ad5c381a8b8674a007ce66df
Reviewed-on: https://code.wireshark.org/review/31029
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That means that code is only in one place, rather than having copies of
it in each of those programs.
CLI programs that, on Windows, should get UTF-8 arguments rather than
arguments in the local code page should:
include the top-level cli_main.h header;
define the main function as real_main();
be built with the top-level cli_main.c file.
On UN*X, cli_main.c has a main() program, and just passes the arguments
on to real_main().
On Windows, cli_main.c has a wmain() function that converts the UTF-16
arguments it's handed to UTF-8 arguments, using WideCharToMultiByte() so
that it doesn't use any functions other than those provided by the
system, and then calls real_main() with the argument count and UTF-8
arguments.
Change-Id: I8b11f01dbc5c63fce599d1bef9ad96cd92c3c01e
Reviewed-on: https://code.wireshark.org/review/31017
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add wtap_compression_type_description(), which returns NULL for
WTAP_UNCOMPRESSED and a descriptive string for other compression types.
Instead of checking for WTAP_GZIP_COMPRESSED and appending "(gzip
compressed)", just pass the compression type to
wtap_compression_type_description() and, if the result is non-null,
append its result, wrapped in parentheses, with a space before the left
parenthesis.
Change-Id: I79a999c7838a883953795d5cbab009966e14b65e
Reviewed-on: https://code.wireshark.org/review/30666
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
João Valverde