In wtap_get_savable_file_types_subtypes(), in the search for a default
file type to use, stop as soon as we've found a usable file type, don't
keep searching.
Bug: 14601
Change-Id: Iff4ffe14f5ad07271c49a761e0856059353c1634
Reviewed-on: https://code.wireshark.org/review/27193
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do all the per-record processing in a libpcap_try_record() routine. EOF
on the header is OK, but a short read on the header *might* be due to
the format being tested not being the format of the file rather than due
to the file having been cut short.
Change-Id: I5748ed550fa1079dc9c746fd93ee5c59187b80a1
Reviewed-on: https://code.wireshark.org/review/27135
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Try to read up to 3 pcap records, making the value a #define so that we
can crank it up if necessary.
Bug: 14595
Change-Id: Ie9d62a1763fe7d1d46fdd8781691ea975770f3d7
Reviewed-on: https://code.wireshark.org/review/27111
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This puts more distance between the caller and the underlying
library. At the moment we're using libjsmn, but other libraries
(like json-glib) could be used.
Change-Id: I1431424a998fc8188ad47b71d6d95afdc92a3f9e
Reviewed-on: https://code.wireshark.org/review/27055
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Get rid of CMake's TestBigEndian and Autotools' AC_C_BIGENDIAN checks in
favor of G_BYTE_ORDER. We use G_BYTE_ORDER elsewhere and TestBigEndian
is noticeably slow on Windows.
Change-Id: Idc1326294db9cbee8f6b6b11c2028fc4d19acbf0
Reviewed-on: https://code.wireshark.org/review/26462
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add support for Entropy Extension header, currently with one field. Uses
a conversion function to convert representation to bits.
Add various entropy and tap mode Provenance (ERF_TYPE_META) tags.
The only complex tag is ext_hdrs_added/removed. This tag consist of up
to 4 big endian uint32 bitfields, with each bit representing an
extension header number. ehdr_type_vals and a new ehdr_type_vals_short
are used to generate the tags. Custom printing is used for the header
line to display unknown values as integer and support the special case
of <All>: all supplied bits 1 meaning all extension headers removed.
Storage for the up to 4 subtree header_field id entries is in the first
4 extra hf_values[] for now, the ett value is reused.
Increase erfmeta_tag_info_ext_t ERF_HF_VALUES_PER_TAG to 32. A better
solution is needed sooner rather than later but the structure is only
allocated for tags that need it.
Change-Id: I9e359f044131bce2afc189bebc21239eed429b21
Reviewed-on: https://code.wireshark.org/review/26111
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The parser is what declares the local yylval, and that's generated below
all the user-specified code, so we have to turn diagnostics off at the
bottom.
Change-Id: I33d5f53c1fd67014ae7fe2b851d45d0c5e80becd
Reviewed-on: https://code.wireshark.org/review/26086
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Berkeley YACC generates a global declaration of yylval, or the
appropriately prefixed version of yylval, in the .h file, *even though
it's been told to generate a pure parser, meaning it doesn't have any
global variables*. Bison doesn't do this.
That causes a warning due to the local declaration in the parser
shadowing the global declaration.
So, if this is Berkeley YACC, and we have _Pragma, and have pragmas to
suppress diagnostics, we use it to turn off -Wshadow warnings.
Change-Id: Ia3fecd99fa18ca9b85f6b25f53ed36c60730fad9
Reviewed-on: https://code.wireshark.org/review/26080
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We no longer use different compiler flags for generated and
non-generated files, so we don't need to put them into separate
libraries and then add the files from the generated library into the
main library.
Change-Id: Idbd35510ccb8c9107b4de4199c8b1bcaa6f7a060
Reviewed-on: https://code.wireshark.org/review/25831
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use AM_CFLAGS for everything except for libdirtydissectors in
epan/dissectors. Rename GENERATED_CFLAGS/GENERATED_CXXFLAGS to
DIRTY_CFLAGS/DIRTY_CXXFLAGS, as it doesn't apply to all generated files.
Change-Id: I702b53e185d6972c08d68ef31c05df7b03669daa
Reviewed-on: https://code.wireshark.org/review/25829
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add warning C4267 (size_t to int conversion) with MSVC to DIAG_OFF_FLEX.
Addd -Wshorten-64-to-32 with Clang and GCC to DIAG_OFF_FLEX.
Don't explicitly use #pragma to turn off warnings; use DIAG_OFF_FLEX for
all of them.
If we use DIAG_OFF_FLEX, use DIAG_ON_FLEX, even if we have no section of
entirely included code at the end.
Change-Id: Ibfd44e8954704e9a8bcb1bd8e54f31d28357fffb
Reviewed-on: https://code.wireshark.org/review/25817
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Now that we're suppressing warnings that come from Flex generating
insufficiently fussy code, just treat many of the Lex-generated files as
clean; we don't seem to be getting warnings from Lemon-generated ones.
Change-Id: Ib53ced6d8cb80645234929afca343d047d30f7f7
Reviewed-on: https://code.wireshark.org/review/25813
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Do it before we even *try* to read the block, so that it's done in one
place rather than having to be done in every routine to handle
particular block types.
The check was missing in the routine to read sysdig event blocks, so if
we got a huge sysdig even block we'd try to allocate a huge amount of
memory.
Bug: 14403
Change-Id: Iff0fb0387e4499420598361be6d241f2832042d7
Reviewed-on: https://code.wireshark.org/review/25702
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only being used as a working buffer to hold the raw options data we
read in.
Change-Id: I17b812e447f575ad92394b9f957658fc655cdf8e
Reviewed-on: https://code.wireshark.org/review/25701
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need for len, and call caplen event_filelen and move it after
event_len.
Change-Id: I8b3825d4022ee083ee52f83f7a69f22829ed9fc4
Reviewed-on: https://code.wireshark.org/review/25698
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Go back to having pcapng_read_block() and
pcapng_read_section_header_block() treating SHB read errors that might
be due to the file not being a pcapng file separately from other errors.
This keeps us from treating pcapng files with malformed SHBs as not
being pcapng files, making us dissect them using the pcapng file
dissector rather than reporting the malformation.
Change-Id: I1d92cc4ac521668b88638b2b3ed5257340451798
Ping-Bug: 14402
Reviewed-on: https://code.wireshark.org/review/25675
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This avoids an illegal pointer to free() on error.
Bug: 14397
Change-Id: Id6e535141c7a3ee7b3d1822875b571e2199a5387
Reviewed-on: https://code.wireshark.org/review/25660
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Not all do, so test the preference bits for them.
Change-Id: I62976f5d17de3611c4d2f9eb64a0763c0b698c8d
Reviewed-on: https://code.wireshark.org/review/25618
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Not everything wtap_read() returns is a packet.
Change-Id: I3784bbfa308da52f4c55db2a90f9b55f8bfbb2ef
Reviewed-on: https://code.wireshark.org/review/25617
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some blocks should be returned by wtap_read(), others are just processed
internally. Add a Boolean flag to wtapng_block_t, have the routines
that read particular block types set it appropriately, and have the read
and seek-read routines check that flag rather than checking for the
block types that should be returned. Pass a pointer to the
wtapng_block_t to packet type plugin read routines, rather than passing
it some members of the wtapng_block_t.
This means that 1) for new block types, we don't have to update any
tests and 2) plugin handlers for block types can indicate whether they
processed the block internally and the caller shouldn't see it or 2) the
block should be provided to the caller.
Bug: 14388
Change-Id: Iccc2031a277f55c7fa8b4f692c776b482b792b4f
Reviewed-on: https://code.wireshark.org/review/25609
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It either returns "OK" or "fail", so we might as well make it a Boolean.
While we're at it, in pcapng_open(), handle EOF/short read and "invalid
file" errors when trying to read the first block differently; for the
first of those, we don't need to free *err_info, and this may be a bit
safer in case *err_info didn't happen to be set to NULL somewhere along
the line.
Change-Id: If8135624e3efb7838dceeb28e30e5c8c4b064786
Reviewed-on: https://code.wireshark.org/review/25608
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It either returns "OK" or "fail", so we might as well make it a Boolean,
just as is the case with read routines for other block types.
Update some comments while we're at it.
Change-Id: I40b378d4e3c3cfb96687298b22a6f8f9f78d9240
Reviewed-on: https://code.wireshark.org/review/25607
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If it's either going to be -1 or 1, and any value > 0 is "valid but
empty", that's just a Boolean, with -1 corresponding to false and 1
corresponding to true. Make it so.
Change-Id: Ib7418fe7573b5d2cd1e2ef5de601c0262c8d9de1
Reviewed-on: https://code.wireshark.org/review/25605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Check for "is an error" rather than "isn't OK".
Change-Id: Ib8f4ac44f70d71ff44658801e01807344032dd60
Reviewed-on: https://code.wireshark.org/review/25603
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A short read isn't a clear error when you don't have a magic number and
are doing "does this look somewhat like a file of this type" test, it's
probably an indication that it's *not* a file of that type.
Change-Id: Iab2f32e7d169a777c50a36958eeb4e82a3809227
Reviewed-on: https://code.wireshark.org/review/25602
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have pcapng_read_section_header_block(),
pcapng_read_section_header_block(), and pcapng_read_block() just return
errors when they get errors or get a non-SHB block; let pcap_open() turn
EOF, short read, and "bad file" into "not a pcapng file" rather than
"read error".
Change-Id: If018d21ffe3de3fe7eb1f8f2973f80f685c89274
Reviewed-on: https://code.wireshark.org/review/25601
Reviewed-by: Guy Harris <guy@alum.mit.edu>
There are events, there are reports, and there are "here's metadata that
doesn't correspond to something that happened at this point in the
capture"; IDBs and NRBs are the third type.
Change-Id: I89e4f9bf51dc1be5766e8df61c6337ed3e484577
Reviewed-on: https://code.wireshark.org/review/25587
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't allow overriding of the block types we support in libwiretap - it
won't work anyway, as we check for those types first, and only look for
plugins for types we don't support.
Don't allow registering for any of the reserved types; if you aren't
going to use a local type, you have to get your type registered.
We *do* allow registering plugins for types that are registered but that
we don't support natively.
Change-Id: I2046d297b0503d3a77c83166b07ca226c0b18e82
Reviewed-on: https://code.wireshark.org/review/25583
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If merge_open_in_files() is going to fail, free files array to avoid memleak.
Found by clang.
Change-Id: I156c5f1c041cd7779ff0a0095bc2810f50768ab6
Reviewed-on: https://code.wireshark.org/review/25421
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Should fix clang warning created by https://code.wireshark.org/review/#/c/25492.
Change-Id: Iafa31e24cd786a510f3a953d615df4cbc3930fa6
Reviewed-on: https://code.wireshark.org/review/25508
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5d8797b68c53168d4c00be8c3c3a3325b370e38c
Reviewed-on: https://code.wireshark.org/review/25492
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Free state.bb in error path.
Found by clang.
Change-Id: Ic9f2e1383a5219de465a6f22f7b382ac8b1f9cbf
Reviewed-on: https://code.wireshark.org/review/25443
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Instead, just:
assume a file with the regular pcap magic number is a regular pcap
file, not an unhelpfully-modified-without-changing-the-magic-number
format such as one of the (fortunately, short-lived) memory-mapped
capture formats or the Nokia format;
reject a file with the memory-mapped-capture-finally-changed-the-
magic-number magic number, as they then changed the *new* format
without changing its magic number;
and don't even leave a provision for multiple formats using the
"nanosecond pcap" magic number - not even when reading from a file -
so we can punish bad behavior (which is what changing the format
without changing the magic number is).
This should get rid of the last place where, when reading a pcap file
from a pipe, the first packet isn't displayed as soon as it arrives.
Bug: 14345
Change-Id: I2fcb3354dc84cdd2d8ec749a0db883e56971c4b4
Reviewed-on: https://code.wireshark.org/review/25383
Reviewed-by: Guy Harris <guy@alum.mit.edu>
out.next is initialized to point to the beginning of the buffer when a
FILE_T is created, so it won't be null.
Change-Id: Ib29f713ab3c524c9c7d83e8d9f3bef89fde1d5b5
Reviewed-on: https://code.wireshark.org/review/25380
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't loop trying to read a full buffer from the input file.
If you're reading from a file, on UN*X or Windows, you should get the
entire read count unless you're fewer than buffer-size bytes from the
end of the file, in which case you should get what remains in the file.
If you're reading from a pipe, however, that could cause you to block
longer than necessary waiting for a full buffer rather than just for the
next chunk of data from the pipe - which might not be a bufferful, if
the program writing to the file is itself writing less-than-bufferful
chunks, as may be the case in, for example, a pipeline coming from a
live capture and with the intent that TShark display the packets as they
arrive.
While we're at it, if we're trying to do a seek and the seek takes place
within the buffer of uncompressed data, just adjust the position within
that buffer for forward seeks as well as backward seeks; this
substantially reduces the number of ws_lseek64() calls when making a
sequential pass through the file in Wireshark (e.g., running a tap or
filtering the display) and, as we purge the buffer after the
ws_lseek64(), substantically reduces the number of ws_read() calls in
that situation as well.
Have a data structure for a file data buffer, and use it for both the
"input" (compressed data) and "output" (uncompressed data) buffers.
Rename raw_read() to buf_read(), as it reads into a buffer.
Change-Id: I7982b3499a7613a993913a6db887054730764160
Ping-Bug: 14345
Reviewed-on: https://code.wireshark.org/review/25358
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Found via CID 1427615.
Change-Id: I519b3905d33b0b2aa3ce164810b9e6358f6df1bd
Reviewed-on: https://code.wireshark.org/review/25347
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
That makes it clearer what's being tested, and makes the tests more
consistent, so we're always, not just sometimes, testing that way.
Change-Id: Ifac4a86d16d0652d04db3dec572c11e1335c945d
Reviewed-on: https://code.wireshark.org/review/25318
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we aren't built with libz, report a new "decompression not supported"
error if the file is gzipped; the problem isn't that it's a new capture
file format we don't support, it's that a *compressed* capture file, in
some format, but we don't support the *compression* format used.
This can be extended if we add support for other compression formats.
Change-Id: I19239525d4e02357e3ca7189996556839af8fce2
Reviewed-on: https://code.wireshark.org/review/25315
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make plugins.c the source of truth for plugin names. Where plugins
reside and what they do are two different things, so split the plugin
directory and description into two separate elements.
CMake creates portable[1] builds on Windows and macOS. That is, the
build-time directory layout is the same as the installation directory
layout. Adjust various plugin paths macOS accordingly.
[1] You have to run osx-app.sh on macOS to prepare the application
bundle, but the goal is to create a directory/bundle that can be moved
or copied to a different system and run in the new location.
Change-Id: Icf9d02e61918fdf1404468baf52542910edf2743
Reviewed-on: https://code.wireshark.org/review/25166
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Move the signature timestamp bounds checks inside get_signature_ts. Fix
what appears to be an off-by-one error.
Bug: 14297
Change-Id: I9ca1762a8418e47153f270a1a62b2d0d3a800130
Reviewed-on: https://code.wireshark.org/review/25229
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
g995812c5f1 moved wiretap plugins registration from applications to
wiretap library init function.
As we do not want to load plugins for all users of libwiretap, let's
make it configurable.
Bug: 14314
Change-Id: Id8fdcc484e2d0d31d3ab0bd357d3a6678570f700
Reviewed-on: https://code.wireshark.org/review/25194
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make Wireshark reflect that.
Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This check has been alreay done in line 433: since then packet_size
is only decreased, then the check is redudant.
Change-Id: I8ede5c733867ccc98ab2d470181d1e4a29ae5b49
Reviewed-on: https://code.wireshark.org/review/25023
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The check that the pcapng code does is "do we have a non-null
addrinfo_lists_t * and, if so, does it have a non-null ipv4_addr_list or
ipv6_addr_list"?
The check that the file-save code was using was just "do we have a
non-null addrinfo_lists_t *", so sometimes it'd think we couldn't do a
"quick save" even though we had no name resolution information to write
out to the capture file.
Make a routine that does that check, and use it in *both* places.
Change-Id: Id4720f4fe4940354320b2b7621ca5e37e45ec1f3
Reviewed-on: https://code.wireshark.org/review/25055
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We can just call file_tell() before reading the line when doing
sequential reads.
Change-Id: Ide36d0b7d99ef3e76dbe1ddfad6c99972c04739a
Reviewed-on: https://code.wireshark.org/review/25027
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Existence of in_file has been checked in line 908.
Change-Id: Ida6c06362a1f88caec40701be7f3e42133ce404a
Reviewed-on: https://code.wireshark.org/review/24994
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Put different types of plugins (libwiretap, libwireshark) in different
subdirectories, give libwiretap and libwireshark init routines that
load the plugins, and have them scan the appropriate subdirectories
so that we don't even *try* to, for example, load libwireshark plugins
in programs that only use libwiretap.
Compiled plugins are stored in subfolders of the plugin folders, with
the subfolder name being the Wireshark minor version number (X.Y). There is
another hierarchical level for each Wireshark library (libwireshark, libwscodecs
and libwiretap).
The folder names are respectively plugins/X.Y/{epan,codecs,wiretap}.
Currently we only distribute "epan" (libwireshark) plugins.
Change-Id: I3438787a6f45820d64ba4ca91cbe3c8864708acb
Reviewed-on: https://code.wireshark.org/review/23983
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reads pcapng blocks from a pipe. Section header blocks are parsed for
endianess. All other blocks only have the general block header parsed
for type and length, and then endianess converted if necessary.
Outputs all blocks using the original endianess format so none of the
other block types or options require parsing.
Change-Id: I2f4f0175013d8fc2cda42a63e7deacad537951e3
Bug: 11370
Reviewed-on: https://code.wireshark.org/review/24536
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This sets the scope of the static build option to Wireshark support
libraries only.
Before the patch:
Static plugins don't work with CMake and autotools.
autotools static build is broken, and most likely will always be, as
building Wireshark all-static is difficult and time-consuming.
After the patch:
For CMake Wireshark will be built with static or shared libraries and
dynamic plugins. Everything just works. CMake apparently doesn't want
you building static and shared libraries at the same time.
For autotools Wireshark will be built with shared libraries by default.
--disable-shared and --enable-static options work as usual. Dlopened
plugins are not built if --disable-shared is given to configure (to
disable shared libraries). This is a limitations imposed by libtool.
Tested on Linux. This removes broken support for building plugins
statically.
Change-Id: Ib8e8176976f136eea93a2ce8f9857b6cf9bec64c
Reviewed-on: https://code.wireshark.org/review/24241
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Bug: 14195
Change-Id: Ic6be8e1f8169968c48376984c0d1a1a69c67f32a
Reviewed-on: https://code.wireshark.org/review/24415
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "internal" port type has been serialized by export PDU functionality
and nettrace_3gpp_32_423 wiretap. To better support "endpoint" functionality
the port types will be removed/updated and that changes the implicit values
from the port_type enum.
Take a snapshot of the current port_type values and use those specific values
when reading/writing export PDU data and provide conversion functions that can
be modified when port_types are removed. Do the same for nettrace_3gpp_32_423
wiretap.
Change-Id: I770bd0cab22e84f3cf49032fc86c5927bf85263f
Reviewed-on: https://code.wireshark.org/review/24169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If we're building on Windows we're going to have windows.h and
winsock2.h. Don't bother checking for them.
Change-Id: I0004c44d7364ab3f41682f34b8c84cd8617c9603
Reviewed-on: https://code.wireshark.org/review/24068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's been broken for over a year, needs to be modernized and as
implemented it's a maintenance nightmare. Get rid of it.
Ping-Bug: 13036
Change-Id: I34a6e4c28b6d3b96dd6550dd21e9cbeaf050d58f
Reviewed-on: https://code.wireshark.org/review/23967
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Autotools has the very useful feature by design of allowing the user
to override the default build flags (you break it you keep it).
Apparently CMake applies COMPILE_OPTIONS target property after
CMAKE_{C,CXX}_FLAGS so that doesn't work here. Prepend our flags to those
variables instead to make it work then.
Specific target flag overrides can still be added with COMPILER_OPTIONS
(e.g: generated files with -Wno-warning) but this is less effective and
then we're back at the point where this overrides user flags. It's less
of a concern though.
Change-Id: I44761a79be4289238e02d4e781fef0099628817b
Reviewed-on: https://code.wireshark.org/review/23675
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It's not installed so like most other files it doesn't need or benefit
from the prefix.
Change-Id: I01517e06f12b3101fee21b68cba3bc6842bbef5c
Reviewed-on: https://code.wireshark.org/review/23751
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Add a CMake target that dumps the help output for our command line tools
to individual files. Include those files in the tools appendix instead
of pasting them in manually.
Fixup the output of some tools so that they pass the pre-commit checks.
Change-Id: I925f24818422a190927a96531c21f4d16d3fe5b5
Reviewed-on: https://code.wireshark.org/review/23737
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
NetMon apparently didn't zero out the file header, so those fields have
random values in pre-2.2.
Change-Id: I3aeede6ab273d57ca937a5e18e67223fb4ed18da
Reviewed-on: https://code.wireshark.org/review/23666
Reviewed-by: Guy Harris <guy@alum.mit.edu>
IXIA^WKeysight Technologies's vitual IxNetwork version 8.30 will
create capture files in a modified format: It uses a different magic
and adds the total size of all records, i.e. the filesize minus the
headersize. Add support for this.
v2: Different file types use different magic numbers.
Not yet tested/supported: The default fileending is .lcap
Bug: 14073
Change-Id: Ida90b188ca66a78ff22dca237e4fd6b22e02dc14
Reviewed-on: https://code.wireshark.org/review/23614
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If we're not going to subtract 4 from actual_octets, there's no reason
to treat actual_octets < 4 as an error.
This makes the "subtract 4 octets of crap" code similar in all cases,
hopefully further reducing the opacity of the code.
Change-Id: I41cda101b321422ce5fd4474fb6903bfe471cb63
Reviewed-on: https://code.wireshark.org/review/23534
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Guy Harris