Exporting the model for the packetlist via a function prohibits implementing
further models (sorting) inside the packetlist
Change-Id: Ica159fc8f242ae1a5b657507a26e33827c366bee
Reviewed-on: https://code.wireshark.org/review/33834
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
General code cleanup
Change-Id: Ic99fc24b8f8c6142a7ec46f535f8d5b896236390
Reviewed-on: https://code.wireshark.org/review/33769
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Unify column_prefs_add_custom() and column_prefs_add_custom_with_position()
because the former is unused in the current implementation.
Remove the unused custom_occurrence parameter.
Change-Id: Ib018b9dc614674fc175810827ef789ef469059eb
Reviewed-on: https://code.wireshark.org/review/33760
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove the hidden global parameter settings
Change-Id: I186dfb22d972abf8de2e37ccd0a4d76340b188dc
Reviewed-on: https://code.wireshark.org/review/33762
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Roland Knall <rknall@gmail.com>
The default position for a column when "Apply as Column" is before
the Info column if this is last, else add last.
This bug was introduced in g5ae259c4.
Change-Id: I68adaec5092e0ed1c65e771f171c42000fdc83fc
Reviewed-on: https://code.wireshark.org/review/33759
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This new tap collects credentials (username and paassword)
from the dissectors.
So far, few dissectors have been instrumented:
- http (basic auth)
- http (header auth)
- ftp
Others can be instrumented as well using the same technique.
Tshark has a new option (-z credentials) and Wireshark a new
"tools" menu: the documentation has been updated accordingly.
Change-Id: I2d0d96598c85bb3ea4fb5ec090dd8dc28b481fc9
Reviewed-on: https://code.wireshark.org/review/33453
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
The context menu got removed, adding it back
Change-Id: Ia44a6ed576a88be5a07d76c184740a2fd9bfa844
Reviewed-on: https://code.wireshark.org/review/33602
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
This is a cleanup patch to remove unused or unnecessary code from
packet list and put it in its respective header class for better
code maintenance
Change-Id: Ib7d7f34ab9cdd802199b3f279499855c80f8f0c5
Reviewed-on: https://code.wireshark.org/review/33587
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Allows for dropping fields on the columns to add them as well as indicate
width while dragging the columns
Change-Id: Ic98ae431886e5eb2ebd9ba50390742995bf22d5a
Reviewed-on: https://code.wireshark.org/review/33573
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Prior to this change the extcap option dialog destructor was called only
when the main Wireshark window closed.
Besides that, fix the NULL pointer dereference that would happen if
device name was not a valid extcap device.
Change-Id: I84334e3a83c66557d961771f74c39447d30a6875
Reviewed-on: https://code.wireshark.org/review/33197
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Deadlock happened if extcap was writing to control pipe before it sent
the pcap data and the pipe buffer was not able to hold all the data.
The solution is to start reading data from extcap control pipe in
capture prepare.
This bug was introduced in 018f6bff18
which was reviewed on https://code.wireshark.org/review/23211
Unfortunately neither the commit message nor the review contains any
explaination why it delays the extcap control pipe opening.
Bug: 15261
Change-Id: I10d006128f6eb7d63f751d230edbd905eb46416b
Reviewed-on: https://code.wireshark.org/review/32898
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tcp.stream and udp.stream are already unsigned identifiers. An upcoming
http2.hashed_stream identifier can exercise the full unsigned 32-bit
number space, so be sure not to treat the stream identifier as signed
integer.
Change-Id: Ic5d398b2bda7eba7555e385ef3fcd44b490f78c9
Reviewed-on: https://code.wireshark.org/review/32287
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Set capture_opts->restart before restart current capture.
Update the restart handling in capture_input_closed() to not remove
the current save file; this is either the last file in a ring buffer
or a temporary file which will be reused later. Also remove the code
which starts the capture again because this is now done in
MainWindow::on_actionCaptureRestart_triggered().
Keep the code to restore the original save file when having a ring
buffer. This will avoid the error message "Ring buffer requested,
but capture isn't being saved to a permanent file" and a following
unwanted capture stop.
This fix will also avoid the "No packets captured" warning when
restart capture without having any packets captured.
Remove the unused capture_restart() function which was used in GTK.
Change-Id: I80802217b71810eaa36b78a2eb4c32697ddc92ce
Reviewed-on: https://code.wireshark.org/review/32110
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When TimeShiftDialog is used, it should trigger the need to save the packet capture.
Ping-Bug: 14306
Change-Id: Ia0dfbefdabcb9d759b5ed2ce897637f9727d0768
Reviewed-on: https://code.wireshark.org/review/31057
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
To mimic the behaviour we have with remote controls, we
hide the wireless toolbar if it cannot be used, instead
of displaying an empty toolbar with the information that
it is not supported
Change-Id: Iccb0bf78a29a2547adf2290198df8a1bf3450d82
Reviewed-on: https://code.wireshark.org/review/30455
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Store the association id instead of a pointer to the volatile
"sctp_assoc_info_t" structure because it gets freed after a rescan.
Bug: 14970
Change-Id: Id8fe2dfe3549bd711fc8ddef0770b217e83c2088
Fixes: v1.11.3-rc1-604-g796bf409b0 ("Add dialogs and graphs to analyse SCTP behavior similar to the GTK version.")
Reviewed-on: https://code.wireshark.org/review/28711
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It strips off all suffixes, which is not useful behavior; it assumes
that nobody uses "." for any purpose other than separating a file name
from an extension - 1994 called, they want their version of Windows
back (and UN*X called, too...).
For the "Saving XXX" status bar message, just use the entire last
component of the file name.
Change-Id: Ib34fde3e49cd791c7baf333eebb71a8dbd672c19
Reviewed-on: https://code.wireshark.org/review/28638
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Closing a capture file while it is being loaded will result in a crash.
As a workaround, disallow closing the capture file. The requested action
(e.g. MainWindow::openCaptureFile) will be silently ignored.
While at it, protect process_specified_records (called when saving
files) similarly to cf_read and fix a crash that occurs when a capture
from the Capture Dialog is started while a file is being loaded:
file.c:360:cf_close: assertion failed: (cf->state != FILE_READ_IN_PROGRESS)
Bug: 10870 # moving rapidly between large files in a file set
Bug: 13594 # start capture while loading/saving file
Bug: 14351 # open another file while loading file
Change-Id: I6ce8f3163c3fa4869f0299e49909a32594326ce4
Reviewed-on: https://code.wireshark.org/review/28541
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove all filter toolbar related stuff into a separate class
and away from MainWindow
Change-Id: I36d937be6c2686b16a8d494213dc740d8d28efcb
Reviewed-on: https://code.wireshark.org/review/28432
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
- Trivial by just doing it the C++ way
- Non-Trivial where the whole function can be put into the #ifdef instead of the variable use case
Change-Id: I034751b8a3c70211173f0c06c954def94450db46
Reviewed-on: https://code.wireshark.org/review/28311
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Currently exist two main pages within Wireshark. The first being
the main welcome page and the second the packet capture page. The
first is called "main_welcome.?" and the second is actually the
master_split_ object defined in main_window.h. The first being a
QFrame, the second not.
In preparation for future developments (dockable windows, multiple capture
files), this is being corrected, with the main welcome being renamed
as welcome_page as a first step
Change-Id: I40703e6ed15ff6f6b62b2a3cf31f5636ac6da9ec
Reviewed-on: https://code.wireshark.org/review/27949
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
master_split_ must be moved to a more prominent widget, as it is in actuality
the main widget of the application.
Change-Id: Id45b60f5f57c982c1890318eec9fa87ab61a9e19
Reviewed-on: https://code.wireshark.org/review/27942
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
When an error occurs while saving packets using the Export Specified
Packets dialog (e.g. try to overwrite the opened capture file), the
dialog is displayed again. As PacketRangeGroupBox freed the packet
selection range, a crash (use-after-free) occurs.
Removes some unnecessary code in MainWindow::exportDissections as well.
Change-Id: I63898427eff7e71799d89c8a22246db8f93a9ff6
Fixes: v2.5.0rc0-968-g38b40acb2d ("Qt: fix a memory leak when exporting packets")
Reviewed-on: https://code.wireshark.org/review/27695
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Support doing Find Packet, search for next/previous marked packet and
search for next/previous time reference without having a packet selected
in the packet list.
Change-Id: I648b26365385d98155e905cda270e9e785b9f1da
Reviewed-on: https://code.wireshark.org/review/27752
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update menus when changing mark, ignore or time reference on a packet
to enable/disable entries accordingly.
Change-Id: Icb95b3371fe8183cdeea1b6b2c71d1d33f998dc0
Reviewed-on: https://code.wireshark.org/review/27737
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add back the capture info dialog. Draw sparklines for each protocol.
Update the User's Guide.
Bug: 12004
Change-Id: I45be8a0df4752255831a8b139ee84bb34d675ba9
Reviewed-on: https://code.wireshark.org/review/27565
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a WiresharkFileDialog class, which is a thin wrapper around a few
QFileDialog functions that sets per-monitor v2 DPI awareness before
showing native dialogs and resets the awareness context afterward.
Use it where we call QFileDialog::getXXX.
Change-Id: Ib711a70aa94b693a2515804a729f666ea7fbd673
Reviewed-on: https://code.wireshark.org/review/27568
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the argument to the events a non-memory object
Change-Id: I46d8c24415aa2bc48b2a2d3b1fccffa6956d08b5
Reviewed-on: https://code.wireshark.org/review/26671
Reviewed-by: Roland Knall <rknall@gmail.com>
Rename packet_list_enable_color() to packet_list_recolor_packets()
to reflect what it does.
Remove the call from where it's not needed.
Change-Id: I55dd1a9af8f5b1dbd83b06136a5bbcfddea06cdb
Reviewed-on: https://code.wireshark.org/review/26959
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This stops the main source from being buildable by Qt 4.x
Change-Id: I61edbae04ac2b3bf0ae8ee8e09d335083945c176
Reviewed-on: https://code.wireshark.org/review/26756
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This patch adds support for sequencing HTTP Redirects. This enables
tracking of HTTP-based redirects, which may not have a Referer header.
As such, this patch also renames 'HTTP Referer statistics' to
'HTTP Request Sequences' to better reflect the more generic
functionality.
Note that this does not fully support RFC 3986. An external library like
uriparser.github.io may be a better option for efficient, full relative
HTTP URL resolution.
A Sample PCAP to test functionality is available here:
https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=http_redirects.pcapng
A sample PCAP to demonstrate usefulness is available here:
https://www.malware-traffic-analysis.net/2015/08/31/page2.html
(examine request to hxxp://lk2gaflsgh.jgy658snfyfnvh.com/service.php)
Change-Id: I9edd1a1de86228b0dcb1df9f6f30e24379684321
Reviewed-on: https://code.wireshark.org/review/26679
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If no stream is given to FollowStreamDialog::follow(), then it
overwrites the display filter with a conversation filter for the first
packet in the capture file.
Pass an explicit stream number and the "Follow stream" button will set a
correct display filter.
Test: open pcap with three TCP streams. Statistics -> Conversations.
Select last TCP conversation (expect "tcp.stream eq 2"). Select the
second conversation (expect "tcp.stream eq 1") and activate "Filter Out"
button (expect "!(tcp.stream eq 1)" and not "!(tcp.stream eq 2) and
!(tcp.stream eq 1)").
Bug: 14254
Change-Id: I28744d7f76f5034b07ea5660b45399566e3a7d2c
Reviewed-on: https://code.wireshark.org/review/26520
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Otherwise dialogs could be opened multiple times
Change-Id: I19f9c11395b5f5ba41c00ff78ab9794064562d29
Reviewed-on: https://code.wireshark.org/review/26221
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Use QFrames instead of QActions as separators in the filter expression
toolbar. This keeps them from showing up in the overflow menu.
Change-Id: I60f6f0434fe5ba88fe1b4221e9e70640eed840bb
Reviewed-on: https://code.wireshark.org/review/25860
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Try hiding and showing the filter expression toolbar in order to update
its layout. This is a bit ham-fisted but seems to be the only way to get
it to work properly after clearing and inserting buttons.
Bug: 14121
Change-Id: Iea851c029c1586abfdb01c639914f6fe97ea29b3
Reviewed-on: https://code.wireshark.org/review/25840
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
I've noticed at SharkFest and other places that people sometimes put
square brackets around their filter expression names so that it's easier
to distinguish one button from another.
Add separators between buttons so that this shouldn't be necessary.
Change-Id: I3b1ca42f6417d2045781fc14d594faba4fd00fd5
Reviewed-on: https://code.wireshark.org/review/25820
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Take a hint from the QToolButton sources and update the filter
expression toolbar using updateGeometry instead of adjustSize. This
appears to do the layout updates and other changes required to draw the
dropdown in the correct place.
Bug: 14121
Change-Id: I45d5a1173703f9c16d89841a57f651935da43d92
Reviewed-on: https://code.wireshark.org/review/25784
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The main benefit of this feature is that it enables users to see the
succession of HTTP requests that led to a specific request.
A sample PCAP is available here:
https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16085
Change-Id: I7c521315b848fbce659fdc01e43f261d804a3a48
Reviewed-on: https://code.wireshark.org/review/25319
Reviewed-by: Moshe Kaplan <me@moshekaplan.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert Advanced view and Modules view to use a single base model,
loading the preferences once and then filter and display what they
need with QSortFilterProxyModel derived classes.
Convert the PreferencePane "types" to just strings. This allows
a more straightforward relationship between the "special" modules
that need custom widgets for preference manipulation and it also
removes dependency on preferences_dialog.h for many files.
Change-Id: I091deb3061564aa4d1564e9ca1c792715961b083
Reviewed-on: https://code.wireshark.org/review/25134
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix an error introduced in signal/slot redesign in gd5d81518.
This error disabled all capture file menu items after doing a rescan,
like when adding a display filter.
Change-Id: Ib468051c15b9f1a15faa2ed07b958340b82a662b
Reviewed-on: https://code.wireshark.org/review/25116
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Roland Knall