Our 802.11 decryption code isn't tied to any specific product. Change
the file and API names to dot11decrypt.
Change-Id: I14fd951be3ae9b656a4e1959067fc0bdcc681ee2
Reviewed-on: https://code.wireshark.org/review/26058
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
That routine is not used outside this file.
Change-Id: I50bd1aee564df1b4bb38602a1a40377b5dd86d5f
Reviewed-on: https://code.wireshark.org/review/25856
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Except for the one directory that (currently) has "not yet clean" files,
epan/dissectors, we don't need a separate variable to keep track of the
"clean" source files.
In the cases where not all files were in CLEAN_FILES, put them into the
variable used to enable -Werror or its equivalent.
Change-Id: Ic4119861c1d9e381adfe31e9977e1ac71d623f5b
Reviewed-on: https://code.wireshark.org/review/25830
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The added comment only explains what the cause of the problem is,
and the subsequent workaround, without going into how this could be
properly addressed. Add some lines to add that information.
Change-Id: I74e4df0e0c4b41fe8d52d9abf2d15335d2b327d6
Reviewed-on: https://code.wireshark.org/review/25614
Reviewed-by: Guy Harris <guy@alum.mit.edu>
And also indicate that perhaps the right solution was just to close the
CID as a false positive, as Coverity doesn't have a deep enough
understanding of libnl to know that the loop isn't guaranteed to be
infinite.
Change-Id: Ieb0651c803a5939fb54f2bc68bdf8c5485dafaf2
Reviewed-on: https://code.wireshark.org/review/25582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make Wireshark reflect that.
Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Winsock2.h will do that for us via packet32.h.
Change-Id: Ie834d49b052c3db6784481bb85d94d4eecff8287
Reviewed-on: https://code.wireshark.org/review/24082
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If we're building on Windows we're going to have windows.h and
winsock2.h. Don't bother checking for them.
Change-Id: I0004c44d7364ab3f41682f34b8c84cd8617c9603
Reviewed-on: https://code.wireshark.org/review/24068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This treats macOS/OSX like any other Unix-like build target (Darwin),
thus removing autotools support for macOS-specific build options.
Anyone needing that is advised to use the fully-supported-on-macOS CMake
build.
Change-Id: I88e2fa7a8eea42241efcf84223ac2362d38b1e12
Reviewed-on: https://code.wireshark.org/review/23951
Petri-Dish: João Valverde <j@v6e.pt>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I074d027cd2528b0438015ddd098c9f4f6542090a
Reviewed-on: https://code.wireshark.org/review/23415
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
For a sane plugin build environment. Include config.h as the first
header in the .c file instead.
Fix by moving required compiler attribute macros to a new
"ws_attributes.h" API header.
Change-Id: I34f58a927f68c1a0e59686c14d214825149749e1
Reviewed-on: https://code.wireshark.org/review/23400
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Valgrind reports leaked timestamp records.
A comment stated that the timestamp info members only contain
static data. That claim was only true for some cases, not all so
make all cases allocate memory and have them properly freed when
removed.
Fixes: aca55a2 ("Add hardware timestamping support")
Change-Id: I31e4689070019ad1f531008394e7d6e48318c70c
Reviewed-on: https://code.wireshark.org/review/23206
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
pcap provides a pcap_set_tstamp_type function, which can be used to request
hardware timestamps from a supporting kernel.
This patch adds support for aforementioned function as well as two new
command line options to dumpcap, wireshark and tshark:
--list-time-stamp-types
List time stamp types supported for the interface
--time-stamp-type <type>
Change the interface's timestamp method
Name choice mimics those used by tcpdump(1), which already supports this
feature. However, unlike tcpdump, we provide both options unconditionally.
If Wireshark was configured without pcap_set_tstamp_type being available,
--list-time-stamp-types reports an empty list.
Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Reviewed-on: https://code.wireshark.org/review/23113
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use WTAP_MAX_PACKET_SIZE_STANDARD, set to 256KB, for everything except
for D-Bus captures. Use WTAP_MAX_PACKET_SIZE_DBUS, set to 128MB, for
them, because that's the largest possible D-Bus message size. See
https://bugs.freedesktop.org/show_bug.cgi?id=100220
for an example of the problems caused by limiting the snapshot length to
256KB for D-Bus.
Have a snapshot length of 0 in a capture_file structure mean "there is
no snapshot length for the file"; we don't need the has_snap field in
that case, a value of 0 mean "no, we don't have a snapshot length".
In dumpcap, start out with a pipe buffer size of 2KB, and grow it as
necessary. When checking for a too-big packet from a pipe, check
against the appropriate maximum - 128MB for DLT_DBUS, 256KB for
everything else.
Change-Id: Ib2ce7a0cf37b971fbc0318024fd011e18add8b20
Reviewed-on: https://code.wireshark.org/review/21952
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Just let libpcap pick the snapshot length; that way, for link-layer
types that need a really large snapshot length, such as D-Bus (which
requires 128MB for the largest messages), it can pick that, but can
otherwise pick something that doesn't require as much memory, e.g.
256KB.
For pcap_open_live() and pcap_open(), which don't have a way of saying
"give me what's appropriate", pick 256KB.
Change-Id: Idef5694f7dfa85eaf3a61d6ca7a17d263c417431
Reviewed-on: https://code.wireshark.org/review/21917
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It declares what's defined here, so always include it.
Change-Id: I1d7d5ed071e6f2d53af9ff147ede18b05b98ecd1
Reviewed-on: https://code.wireshark.org/review/21616
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Avoid anachronisms, however; there was no "macOS 10.0" or even "OS X
10.0", for example. It was "Mac OS X" until 10.8 (although 10.7 was
sometimes called "OS X" and sometimes called "Mac OS X"), and it was "OS
X" from 10.8 to 10.11.
Change-Id: Ie4a848997dcc6c45c2245c1fb84ec526032375c3
Reviewed-on: https://code.wireshark.org/review/20933
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) Its caller closes it, and closing a closed pcap_t can cause Bad
Things to happen.
2) We're trying to get an error string from it after we're closing it,
which won't work well, either.
While we're at it, don't use pcap_statustostr() if we don't have it (we
have it iff we have pcap_create()).
Change-Id: Ieded1e3ae78aea4e0970cf582e780c2846fe9dd5
Reviewed-on: https://code.wireshark.org/review/20443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Allocate the interface capabilities structure only if we succeed in
getting a pcap_t handle for it.
For remote devices, explicitly set caps->can_set_rfmon and
caps->data_link_types, to be a little bit more like what we do for local
devices.
Change-Id: I985c05f85f165fce4dfe0392569ec51ed1eeb91e
Reviewed-on: https://code.wireshark.org/review/20242
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Our user-facing messages should have a helpful (or at the very least
neutral) tone. In English, exclamation points are neither. Replace a
bunch of them with periods.
Change-Id: I29c3b2f84c25e06aae5b559860224559053a0378
Reviewed-on: https://code.wireshark.org/review/20189
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The introduction of pcap_list_datalinks() predates the introduction of
PCAP_ERROR, so the presence of pcap_list_datalinks() doesn't guarantee
that PCAP_ERROR is defined. Change the use of PCAP_ERROR when checking
the result of pcap_list_datalinks() to just check for -1.
Change-Id: Id8229b7aebd02eaf3701983f9343503397af4fb3
Reviewed-on: https://code.wireshark.org/review/19351
Reviewed-by: Guy Harris <guy@alum.mit.edu>
AC_CHECK_MEMBER() and AC_CHECK_MEMBERS() use a standard name for the
{structurename} being the name of the structure type, complete with
"struct" if a typedef wasn't used, and with all letters mapped to upper
case, and with {membername} being the name of the structure member, with
all letters mapped to upper case.
check_struct_has_member() lets you choose the name; choose the same name
that the autoconf macros use, and fix the code to check for them.
Change-Id: Ifb3cf65e7e94907ad0a2f8aacca0c21a531f0c5b
Reviewed-on: https://code.wireshark.org/review/18382
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of checking for the boolean "FALSE", just set an empty string.
This avoids the need to check for WERROR_COMMON_FLAGS before using it.
The transformation is the same for all files, remove
"if (WERROR_COMMON_FLAGS)" and "endif()", reindent and add quotes (since
we have a string here and not a list).
Modelines have been added where missing.
Change-Id: I0ab05ae507c51fa77336d49a99a226399cc81b92
Reviewed-on: https://code.wireshark.org/review/17997
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Flexible array members are supported by gcc, clang and even MSVC2013.
Note, so far it was only used in the Windows-specific airpcap.h.
Trailing commas in enum declaration are already in use since for
these dissectors (commit ID is the first occurrence):
epan/dissectors/packet-gluster.h v2.1.0rc0-1070-g3b706ba
epan/dissectors/packet-ipv6.c v2.1.2rc0-81-ge07b4aa
epan/dissectors/packet-netlink.h v2.3.0rc0-389-gc0ab12b
epan/dissectors/packet-netlink-netfilter.c v2.3.0rc0-239-g1767e08
epan/dissectors/packet-netlink-route.c v2.3.0rc0-233-g2a80b40
epan/dissectors/packet-quic.c v2.3.0rc0-457-gfa320f8
Inline functions using the "inline" keyword are supported via all glib
versions we support (if it is missing, glib will define a suitable
inline macro).
Other c99 functions listed in the README.developer document were found
to be compatible with GCC 4.4.7, Clang 3.4.2 and MSVC 2013.
Change-Id: If5bab03bfd8577b15a24bedf08c03bdfbf34317a
Reviewed-on: https://code.wireshark.org/review/17421
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Setting our compiler warning flags in CMAKE_C_FLAGS does not allow
using different flags per target.
Allow for that possibility by setting the internal WS_WARNINGS_{C,CXX}_FLAGS
and using the COMPILE_OPTIONS property to set them.
This change is just setting mechanism and there should be no difference
in generated warnings.
The check_X_compiler_flag cmake test is changed to test each flag individually.
We need a list, not a space separated string, and the aggregate test is not
significant.
Change-Id: I59fc5cd7e130c7a5e001c598e3df3e13f83a6a25
Reviewed-on: https://code.wireshark.org/review/17150
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Done for performance improvements.
This could probably be done in checkAPIs.pl, but this was just
a quick manual check with grepping.
Change-Id: I91ff102cb528bb00fa2f65489de53890e7e46f2d
Reviewed-on: https://code.wireshark.org/review/15751
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
It has nothing to do with controlling privileges; it only tests whether
the NPF or Npcap service (driver) is running, so it belongs in caputils.
While we're at it, fix its signature (in C, a function with no arguments
must have "void" as the argument list, for backwards compatibility with
pre-function-prototype C), and close the handles it opens, so we don't
have open handles leaked.
Change-Id: Ia99e99d81617ed2e8cda2c44e53061b4502a2b58
Reviewed-on: https://code.wireshark.org/review/15714
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Disable shorten-64-to-32 in ws80211_create_on_demand_interface,
which calls NLA_PUT_STRING, which passes the output of strlen to an
int parameter. NLA_PUT_STRING is defined in netlink/attr.h so there's
not much we can do to fix it directly.
By Gerald in b8f90de70e.
Change-Id: Ifb92244423fcb2cc267f8fcefb7a2700a7b7c0ea
Reviewed-on: https://code.wireshark.org/review/15522
Reviewed-by: João Valverde <j@v6e.pt>
This generates a top level target, checkAPI, that is
excluded from the ALL build target, so must be run separately.
On Windows using a Visual Studio generator, call
msbuild /p:Configuration=RelWithDebInfo checkAPI.vcxproj
Change-Id: I44a57c564dcfc75499463b942436f4b920a82478
Reviewed-on: https://code.wireshark.org/review/14873
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Add dumpcap support for configuring 80MHz, 80+80MHz, 160MHz monitor
modes via nl80211.
Change-Id: I2ae8955670c2a9b5051e2223d45ce522459f2c5f
Reviewed-on: https://code.wireshark.org/review/13964
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a test on err_str buffer presence before trying to use it,
like what is done in other code paths.
Bug: 12143
Change-Id: I30ae49a33224dc190c202637767df9d7de2c0f2b
Reviewed-on: https://code.wireshark.org/review/14074
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I3de7c2a6292a2f3fc57fdb849c23c3b31f6e4a13
Reviewed-on: https://code.wireshark.org/review/14052
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Remove mostly obsolete aclocal macros. Make GTK build flags a strict superset
of GLib flags. Use GTK build variables for GTK GUI and GLib elsewhere. Add
dependency flags explicitly instead of using WS_CPPFLAGS.
Some minor improvements and fixes for missing/unnecessary variables (no impact
on our test builds).
Change-Id: I3e1f067a875f79d6516c1fa7af986f17a7a6b671
Reviewed-on: https://code.wireshark.org/review/14005
Reviewed-by: João Valverde <j@v6e.pt>
They should not be necessary.
Change-Id: I9246d86862392c65839c18d13d8634bcf510d55e
Reviewed-on: https://code.wireshark.org/review/13992
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If you include something from the wiretap directory, always precede it
with wiretap/.
Fix some includes of files in the top-level directory to use a path
relative to the current directory, not relative to the wiretap
directory.
This makes it a bit clearer what's being included.
Change-Id: Ib99655a13c6006cf6c3112e9d4db6f47df9aff54
Reviewed-on: https://code.wireshark.org/review/13990
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
File had both whitespaces and tabs for indentation. Replace
whitespace indentation with tabs. This is the same indentation
mode as ws80211.c file uses.
Change-Id: I46bbd675f5089eb502b489fdfd70f30510bc95ef
Reviewed-on: https://code.wireshark.org/review/13963
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GNU coding standards recommend against it and automake is designed
around it.
This allows overriding the global build flags using AM_CFLAGS, etc.,
or per object flags, something that is difficult or impossible currently
because of automake precedence rules.
Change-Id: I3f1ea12e560af5a46b2f04b342b1882bbf123f12
Reviewed-on: https://code.wireshark.org/review/13455
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Valgrind report memleaks like these when using the wireless
toolbar to create a monitor interface and/or changing channel:
4,168 (72 direct, 4,096 indirect) bytes in 1 blocks are definitely lost in loss record 31 of 32
at 0x4C2CC70: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x5BD0742: ??? (in /lib/x86_64-linux-gnu/libnl-3.so.200.16.1)
by 0x116308: ws80211_create_on_demand_interface (ws80211_utils.c:699)
by 0x116308: ws80211_set_freq (ws80211_utils.c:729)
by 0x10D70E: set_80211_channel (dumpcap.c:4262)
by 0x10D70E: main (dumpcap.c:4935)
4,168 (72 direct, 4,096 indirect) bytes in 1 blocks are definitely lost in loss record 32 of 32
at 0x4C2CC70: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x5BD0742: ??? (in /lib/x86_64-linux-gnu/libnl-3.so.200.16.1)
by 0x116400: ws80211_set_freq (ws80211_utils.c:733)
by 0x10D70E: set_80211_channel (dumpcap.c:4262)
by 0x10D70E: main (dumpcap.c:4935)
Change-Id: Ia1de630859d96653310fbb3efebdc439ebf107b8
Reviewed-on: https://code.wireshark.org/review/13237
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Return an error string if that happens.
If it doesn't fail, it will return a value >= 1; it will never return 0,
so don't check for that.
Change-Id: I6d7ee2683c1ceae73e9d9d61c0a6e6d30b2c4400
Reviewed-on: https://code.wireshark.org/review/13100
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We only need is_linux_bonding_device() if we have pcap_create(). We
need get_data_link_types() regardless of whether we have pcap_create()
or not.
Change-Id: I035f8ddcd57c0424662a2029f928bffa969a3f6c
Reviewed-on: https://code.wireshark.org/review/13099
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Few of these functions exist if we're not building with libpcap.
Change-Id: Icead80bc1993a229341fb4fcba6f1e5901c610ee
Reviewed-on: https://code.wireshark.org/review/13097
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move the code to open capture devices and get properties of capture
devices there, joining the code to get a list of capture devices.
This lets us do a better job of handling pcap_create() in WinPcap,
including handling both WinPcap with pcap_create() and WinPcap without
pcap_create() at run time, just in case somebody tries using WinPcap 3.x
with a Wireshark built with WinPcap 4.x.
It also could make it easier to use libpcap/WinPcap directly in
Wireshark and TShark, if we have versions of libpcap/WinPcap that run
small helper utilities to do privileged functions, allowing programs
using them never to need elevated privileges themselves. That might
make it easier to fix some issues with running TShark when not saving to
a file (we could avoid the file entirely) and with delays when stopping
a capture in Wireshark (Wireshark could stop writing to the file as soon
as you click the stop button, rather than letting dumpcap do so when the
signal gets to it).
It might also make it easier to handle future versions of
libpcap/WinPcap that support using pcap_create()/pcap_activate() for
remote captures, and other future extensions to libpcap/WinPcap.
Rename some XXX_linktype routines to XXX_datalink to indicate that they
work with DLT_ values rather than LINKTYPE_ values; future versions of
libpcap might use LINKTYPE_ values in newer APIs.
Check for pcap_create() on all platforms in CMake.
Change-Id: Ia12e1692c96ec945c07a135d246958771a29c817
Reviewed-on: https://code.wireshark.org/review/13062
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't check HAVE_LIBPCAP elsewhere, and we do use GLib functions, but
don't use the GLib dynamic-loading APIs ourselves, and don't appear to
use anything from libpcap or libwiretap, so include only <glib.h> and
include it unconditionally.
Change-Id: I97f06f56b7d87c671c0aaea1a0e60f2df7adfbd1
Reviewed-on: https://code.wireshark.org/review/13067
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer that they're libwiretap headers.
Change-Id: Ia78a3496913b901073ee59e62bfb72c1677450fa
Reviewed-on: https://code.wireshark.org/review/13064
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Disable shorten-64-to-32 in ws80211_create_on_demand_interface,
which calls NLA_PUT_STRING, which passes the output of strlen to an
int parameter. NLA_PUT_STRING is defined in netlink/attr.h so there's
not much we can do to fix it directly.
Suppress -Wpragmas before suppressing warnings in gcc so that we can
use DIAG_OFF with clang-only warnings.
Change-Id: I1180950edd93c056b8fbfbed164e482024aee90a
Reviewed-on: https://code.wireshark.org/review/12314
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Autotools only warning.
Change-Id: I30f33d2f8611d662dbc62326862707bf05ad3f60
Reviewed-on: https://code.wireshark.org/review/12150
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
It's an ancient obsolete option with a confusing name.
Change-Id: Ib10330cf859cdea18fed2077c6539e56350ef380
Reviewed-on: https://code.wireshark.org/review/11967
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add "/WX" to the Visual C++ compiler flags if DISABLE_WERROR is off,
similar to config.nmake.
We haven't compiled C++ code with -Wshorten-64-to-32 for quite
some time so there's no need to add -Wno-shorten-64-to-32 in
ui/qt/CMakeLists.txt.
Additionally, squelch
----
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3050) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3065) : see reference to function template instantiation 'void std::_Median<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3127) : see reference to function template instantiation 'std::pair<_RanIt,_RanIt> std::_Unguarded_partition<_RanIt,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3157) : see reference to function template instantiation 'void std::_Sort<_Iter,int,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Diff,_Pr)' being compiled
with
[
_Iter=QList<QString>::iterator
, _RanIt=QList<QString>::iterator
, _Diff=int
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
.\rpc_service_response_time_dialog.cpp(130) : see reference to function template instantiation 'void std::sort<QList<QString>::iterator,bool(__cdecl *)(const QString &,const QString &)>(_RanIt,_RanIt,_Pr)' being compiled
with
[
_RanIt=QList<QString>::iterator
, _Pr=bool (__cdecl *)(const QString &,const QString &)
]
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3051) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3052) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\INCLUDE\algorithm(3053) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data (.\rpc_service_response_time_dialog.cpp)
----
in both rpc_service_response_time_dialog.cpp and wireshark_application.cpp
so that we'll compile successfully.
Change-Id: I457bcede99dcb1f3c1001f1f559c4901bb000357
Reviewed-on: https://code.wireshark.org/review/10533
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Found by starting Wireshark within an empty profile, opening
Preferences, search for Protocol "IEEE 802.11" (because it has radio
buttons), then close everything again.
Many fixes are trivial, but the various recent_read_* functions in
recent.c were changed to return a boolean such that the result can
always be checked even if errno==0.
QButtonGroup leak was hinted by Clang Static Analyzer, all other
memleaks were found using ASAN/LSan.
Change-Id: Ia73f5d4c09d92f22e72377be59e23342f8ad7211
Reviewed-on: https://code.wireshark.org/review/10776
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Make use of -A parameter when querying data link types supported by a given interface with dumpcap.
Ensure to pass the authentication parameters configured for a remote interface when calling capture_get_if_capabilities()
Bug: 11366
Change-Id: I4efea615084a82108e4a12a64e8c46817f30a5c6
Reviewed-on: https://code.wireshark.org/review/9690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Valgrind picked this up as a very large memory leak on systems with libnl,
since the GUI polls this code regularly and was leaking several nl messages
each time.
Change-Id: Ie6b32e094d90183a16fb187adea430c4b43c208c
Reviewed-on: https://code.wireshark.org/review/9502
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
size is '520' bytes, but '1042' bytes might be written.
Change-Id: Ic88bc977011eff9ae3c2a4a5ba717e78dbb1171c
Reviewed-on: https://code.wireshark.org/review/9452
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the wireless toolbar to the Qt UI.
Start adding AirPcap support to ui/80211_utils. Add FCS validation
routines to ws80211_utils.
Move a bunch of AirPcap routines that require epan from caputils to
ui/gtk. They were required for driver key management, which we'll
leave to the AirPcap Control Panel in the Qt UI.
Move frequency-utils to wsutil.
Change-Id: I44446758046621d183f5c2ba9f6526bf01e084f1
Reviewed-on: https://code.wireshark.org/review/8910
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.
Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).
For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)
Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.
Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.
It was tested primary with WPA-CCMP, but TKIP is also working.
One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.
Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
/usr/include/libnl3/netlink/types.h:25:15: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:65:9: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:81:18: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:113:18: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/utils.h:43:13: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/attr.h:47:16: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/route/link.h:95:23: warning: comma at end of enumerator list [-Wpedantic]
...
Change-Id: I3f14e9d4887569e5d7befe1adb77561c8793437e
Reviewed-on: https://code.wireshark.org/review/7201
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
g_string_free(str, FALSE) frees the GString container but not the
underlying g_malloc()ed string; instead, it returns a pointer to the
g_malloc()ed string.
Fix those places that didn't already get the string pointer from
g_string_free() to do so rather than manually extracting the string
themselves.
And fix one place that didn't even need to use a string - it was just
scanning a C string without even modifying it.
Change-Id: Ibbf4872bf5b9935b9907f539b6edb1013f3053a5
Reviewed-on: https://code.wireshark.org/review/6532
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of always ignoring the return value, always check it, and only
report an error if it returns FALSE.
(Alternative: have it return NULL on success and a pointer to a
g_malloc()ed string on failure.)
Fix a comment while we're at it.
Change-Id: Icb72c9f47775b6552e3eb4fe5ddcc85482bfb5fb
Reviewed-on: https://code.wireshark.org/review/6528
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I009c09f25d170e5c9aaaef713eaacb3252817856
Reviewed-on: https://code.wireshark.org/review/6460
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move capchild, caputils, codecs and wsutil into a Libs group
Move gtkui into UI group
Move update-sminmpec into tools group
Change-Id: Iaf2bfe4697265af2c3ed9c9d7de2d5d1ef3cafee
Reviewed-on: https://code.wireshark.org/review/6332
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
Gerald Combs