Bug: 13847
Change-Id: I3a706db25204fe4c1fd1b7be3b17b8c55365dccf
Reviewed-on: https://code.wireshark.org/review/23169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some Android devices support 802.11 monitor mode and nlmon
interfaces. Add linktype defines to be able to capture frames
from such interfaces.
Change-Id: I8b8b444ac2821542fc946694b71c8d9fb7ba1238
Reviewed-on: https://code.wireshark.org/review/23080
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Recent changes had the bt snoop capturing function stop working for
Android API versions >= 21. One of the command strings used for
detecting btsnoop server socket interface got messed up when
refactoring code. Fix by using the correct command strings again.
Fixes: faf100ec ("androiddump: Introduce adb_connect_transport helper function")
Change-Id: Id645d24cfb0cb23f36484cfd6416768c89bce51b
Reviewed-on: https://code.wireshark.org/review/23106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Let androiddump's internal definition of encap types directly
use linktype values from libpcap/wiretap. This way back and forth
conversion between internal and public values can be avoided.
Change-Id: I67522283cc3eb15cbdb1bfdd829bb1ff0031bb82
Reviewed-on: https://code.wireshark.org/review/23079
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This function is helpful to debug the interaction between the
calling UI and the extcap itself.
All extcaps have been changed accordingly.
Change-Id: I358caf4c50797501672bf77fdd91f7276897078c
Reviewed-on: https://code.wireshark.org/review/22806
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Some more repeated code patterns identified. Reduce code duplication
by adding some helper functions.
Change-Id: I0fecd511fd56049e9eae111cdad08252dffff6cb
Reviewed-on: https://code.wireshark.org/review/22480
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a few cases where socket is not closed on failure path.
Change-Id: Id116a8e5f14979f962fdf725c62999758b79109e
Reviewed-on: https://code.wireshark.org/review/22481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If linktype cannot be determined from tcpdump output the
lookup function is handed a NULL which is then strcmp:ed.
Handle NULL parameter by explicit check.
Fixes Coverity CID 1413923
Change-Id: I290c116991d15cef0a1e954a9f8b76722a5f450c
Reviewed-on: https://code.wireshark.org/review/22483
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The regex matching for linktype might be performed multiple
times. Make sure string is freed before fetched again.
Change-Id: Ice7812ff4a3a8e6a1497ab2ef5aa94976502c16f
Reviewed-on: https://code.wireshark.org/review/22482
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
androiddump used to start tcpdump without specifying the interface
to capture packets on. This works when only one interface is up
but when multiple interfaces are up the output might be empty.
This change let tcpdump list all available network interfaces
and adds a unique extcap interface for each interface that is 'up'
on the device.
Change-Id: Icf0d7fa8f38320092579d4163dcdbcf2b687d8cc
Reviewed-on: https://code.wireshark.org/review/22402
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Instead of treating all output from Android tcpdump as Ethernet
data link type parse what tcpdump acually tells it to be.
This is needed as there are cases when the output is not Ethernet.
For example when starting packet capture on a device with multiple
interfaces up.
NOTE: As translation between tcpdump reported DLT and androiddump's
internal type was needed for now support is only added for types
used by network interfaces of tested devices (i.e. ETHERNET and
LINUX_SSL).
Change-Id: Ie3f9167176c336cb31f6e681f1daac6135a78883
Reviewed-on: https://code.wireshark.org/review/22401
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the variable used for it an int; that's large enough, and, on
Windows, not so large that it provokes warnings.
Change-Id: I00600d816f69d79f7a42eb09b1290ff7708b0bfc
Reviewed-on: https://code.wireshark.org/review/22420
Reviewed-by: Guy Harris <guy@alum.mit.edu>
All strings sent to adb are prefixed with the length as a 4 byte
hex string. The length info prefix was manually hard coded into
strings. To avoid mistakes when updating code and to simplify
reading the source code instead let the various adb_send functions
calculate string lengths and generate the 4 byte hex string
prefixes.
Change-Id: I4178e9df5930a1c7904053e5a7750c943efddc84
Reviewed-on: https://code.wireshark.org/review/22399
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Same code pattern is used over and over when connecting to an adb
server. Introduce a helper function that perform the function of
connecting to specified adb server and transport.
Change-Id: Id2f72f1eb976fa0d742a6db1ef6d592264990ba1
Reviewed-on: https://code.wireshark.org/review/22398
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Comments in code claim:
"The data we are getting from the tcpdump stdoutput stream as the
stdout is the text stream it is convertinng the 0A=0D0A; So we
need to remove these extra character."
This is not true on non-Windows systems at least so avoid the filter
when not built for Windows.
NOTE: A problem with the filter is that it operates on all bytes
received on the socket, including packet data(!). Capturing
data with CR/LFs (for example an HTTP request) will fail. Ideally
the filter should be replaced with some other mechanism but as I
don't have a Windows system to verify that the comment claims are
valid, this change will at least make androiddump work on
non-Windows systems.
Bug: 13510
Change-Id: Ic00f44fa7516c0db7fc015ed8685deb365a347db
Reviewed-on: https://code.wireshark.org/review/22397
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
androiddump reads data from tcpdump in chunks that not necessarily
match packet sizes. Whenever a partly read packet is found in buffers
more data is read and the number of used bytes in buffer is updated.
The calculation of used_buffer_length is wrong though leading to most
packets are read and thrown away.
Problem fixed by correcting an operator precedence mistake where
used_buffer_length would only be increaded with 0 or 1 insted of
actual number of read bytes.
Change-Id: Ib5c4e1d96e7ba499f26796ffa5d7ce6a116b9a6e
Reviewed-on: https://code.wireshark.org/review/20666
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Logcat Text interfaces have now two new options:
1. Ignore log-buffer - this means you start capturing immediately
and there will no logs from buffer
2. Custom-options - pass command line parameters to logcat, like tags
For example:
adb logcat -v threadtime -b main #now custom parameters starts# -T 20 -s Ads Wireshark
Please note that some custom options are banned to avoid unexpected
behaviour (like "not working")
Change-Id: I015d1aeae35cfed712de59138288d82d3a491c38
Reviewed-on: https://code.wireshark.org/review/20358
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Architecture of androiddump based on "blocking" sockets,
however for start-up it is better to use non-bloking connect()
to avoid long waiting time then fail.
Change-Id: I2bb8ea51e24db4dd1f5a6b97e1d2bc0156342d97
Reviewed-on: https://code.wireshark.org/review/20293
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13104
Change-Id: I05248dad8e72272cf0933c766ec0bf5160075e1e
Reviewed-on: https://code.wireshark.org/review/20275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Release as version 1.0.5:
All connects to ADB are now non-blocking.
Try to connect up to 10 times with 1ms delays,
so in worst-case it takes ~10ms (for example 14ms)
Bug: 13104
Change-Id: I791909c9c951b62195b48acd82490e1b9ebf2be0
Reviewed-on: https://code.wireshark.org/review/19968
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
That should squelch some warnings on Windows.
Change-Id: I55b394be12203e14af023fdcc5d46564d0fcfa34
Reviewed-on: https://code.wireshark.org/review/19797
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: If7c790c25ed24da1b1442ee86e3a2f75bd3f8856
Reviewed-on: https://code.wireshark.org/review/19658
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Commit v2.1.0rc0-2181-ga4e2263ac4 introduced a helppage parameter, but
all callers were NULL. In a later change, callers would use the
data_file_url() function, but this needs to be freed, so do that.
Fixes: v2.3.0rc0-1825-ge5596b74bd ("extcap: set help page for all extcaps.")
Change-Id: I967c0f8c6b50d9e78ac227575de24a81f97d376a
Reviewed-on: https://code.wireshark.org/review/19570
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
struct timeval requires sys/time.h. Fixes the following musl libc build error:
androiddump.c: In function 'useSndTimeout':
androiddump.c:262:18: error: variable 'socket_timeout' has initializer but incomplete type
const struct timeval socket_timeout = {
^
Change-Id: I52e204f32a012aabea2e54877e564576c072fe08
Reviewed-on: https://code.wireshark.org/review/19460
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
They've been set to the manpage of the local filesystem.
Ping-Bug: 13218
Change-Id: Iacd5d2ba7ae39ee1718b59747c245d1c07785e8f
Reviewed-on: https://code.wireshark.org/review/19179
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Now "ps" command does not support process name as parameter,
use grep instead.
Change-Id: I0c35bc7d560e237e4140000e67af097744cb2c1b
Reviewed-on: https://code.wireshark.org/review/19087
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have programs that use libwiretap call that routine rather than
separately calling some or all of init_open_routines(),
wtap_register_plugin_types(), and wtap_opttypes_initialize().
Also don't have routines internal to libwiretap call those. Yes, this
means doing some initialization work when it isn't necessary, but
scattering on-demand calls throughout the code is a great way to forget
to make those calls.
Change-Id: I5828e1c5591c9d94fbb3eb0a0e54591e8fc61710
Reviewed-on: https://code.wireshark.org/review/19069
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This should avoid neverending or long time to obtain timeout
in some cases like firewall's drop rules, etc.
Bump version to 1.0.4
Bug: 13104
Ping-Bug: 13114
Change-Id: I9bef714b6d92b3516a2a95ebdbe1ba594fa60e34
Reviewed-on: https://code.wireshark.org/review/18728
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fix help output that describes interfaces provided by tool
to reflect reality - add missed DEVICE_ID that is part of interface.
Change-Id: Ib6374db28d8d4696ce27c5358da49d3ebfcf31e1
Reviewed-on: https://code.wireshark.org/review/18267
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Michael Mann <mmann78@netscape.net>
"--debug" and "--extcap-version" are part of extcap-base helper,
do not hide them.
Change-Id: I287b68dbed5344c188fede69d112ab007a6ee18b
Reviewed-on: https://code.wireshark.org/review/18279
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Use size_t for sizes. Do checks to make sure we don't overflow ints.
Change-Id: Id0846cc5c6348d67a23064517ad1c432cf1cb61a
Reviewed-on: https://code.wireshark.org/review/17742
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make the reply length unsigned - there's no reason for it to be signed.
Change-Id: I5f4d1f027eeddee939547c052220efb89800f4b1
Reviewed-on: https://code.wireshark.org/review/17740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most of the actions (e.g. `androiddump --extcap-interfaces`) return
immediately without cleaning up. Fix this by adding a common exit path.
Change-Id: If02b18da49d866fb5525306e52fbf4590d98ecd2
Reviewed-on: https://code.wireshark.org/review/17634
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>