Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove "Export SSL Session Keys", "Import/Export Color Filters" and
"Export Raw Bytes" dialogs. These were only used by GTK+ as Qt has its
own implementation.
Change-Id: I0520a0f6e35d0f8a55c58e77f89c5229393c2b23
Reviewed-on: https://code.wireshark.org/review/30559
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Enable per-monitor v2 DPI awareness before displaying native file
dialogs so that they will render correctly on HiDPI displays.
Add some notes about DPI awareness in our manifest and in
wireshark-qt.cpp.
Remove win32_get_ofnsize while we're here.
Change-Id: Ic553fdeea0c05020c3a7ff06f648692cb814b3eb
Reviewed-on: https://code.wireshark.org/review/27435
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
One was missing an argument; supply the necessary string.
The other was assuming that an LPARAM was 32 bits when that's not the
case on 64-bit Windows - the underlying value is 32-bit, so we just cast
to int.
Change-Id: Ie2a38e27f2ea211628d2c751a7807bb9ed396c64
Reviewed-on: https://code.wireshark.org/review/26190
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A file might contain only metadata records, which exist only to provide
information needed to interpret data records; no point in showing them
in record counts.
Put the counts into the structure that we fill in, and rename the
structure and the routine to reflect that it determines statistics other
than just times.
Speak of data records rather than packets; the file might be full of
Sysdig event records but not have any packets in it, for example.
Change-Id: I8553181dca4129736bdae2c0cbba92becc28d6ef
Reviewed-on: https://code.wireshark.org/review/25722
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's only used with the Windows dialog, so no need to make it public.
Change-Id: I4976748d642399b57abc89bccc26f680e3938509
Reviewed-on: https://code.wireshark.org/review/25719
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't have all the file open dialogs have their own copies.
Change-Id: Icd6f2fd44b081575e6481a134027c90046938c64
Reviewed-on: https://code.wireshark.org/review/25717
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make Wireshark reflect that.
Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the routines that create them take a pointer to a struct
packet_provider_data, store that in the tvbuff data, and use it to get
the wtap from which packets are being read.
While we're at it, don't include globals.h in any header files, and
include it in source files iff the source file actually uses cfile. Add
whatever includes that requires.
Change-Id: I9f1ee391f951dc427ff62c80f67aa4877a37c229
Reviewed-on: https://code.wireshark.org/review/24733
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The split isn't necessary now that epan no longer uses the capture_file
structure.
Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f
Reviewed-on: https://code.wireshark.org/review/24693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Switch ui/win32/console_win32.[ch] to 4-space indentation to match the
other files in that directory. Remove ui/.editorconfig. SPDX-abbreviate
the license blurb in all files in that directory.
Change-Id: I68aa5a3ae7ae184ea8d27d9dba06b968ac3d2472
Reviewed-on: https://code.wireshark.org/review/24636
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
In preparation for possibly using AUTOUIC in CMake which treats "ui_*.h"
files specially, rename ui_util.h. No other changes.
Change-Id: Id026572c000b713ff0e9388dc7fff8d81d4df73e
Reviewed-on: https://code.wireshark.org/review/23916
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We support reading some types of files that aren't capture files, in
case we have a dissector for that file format (because, for example,
it's often transported over HTTP). Don't include them in the set of
files "All Capture Files" matches; you can still look for them as they
have individual entries in the drop-down menu of file type patterns.
Ultimately, there should be Fileshark/TFileshark programs to read those
files - and other file types, and even capture files if the goal is to
look at the file structure rather than at the packets - and *that's* the
program that should offer the ability to load JPEGs and so on.
(No, this does not reduce the "All Capture Files" list down to a level
that makes the problem in bug 12837 go away. The right way to fix
*that* is to arrange, somehow, that the "All Capture Files" entry not
actually list all the suffixes it matches.)
Change-Id: I705bff5fcd0694c6c6a11892621a195aa7cd0264
Reviewed-on: https://code.wireshark.org/review/17619
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A single name resolution checkbox was added to the file dialog way back
in 2000 in g0f7cf64. At that time it was needed because resolution was
synchronous and could drastically affect your load time. Since then
we've added asynchronous name resolution and more recently made it
mandatory (ge005bc8). We've also added more name resolution checkboxes
and other controls.
Remove the name resolution checkboxes. You can just as easily change
resolution options before or after opening a file and they take up
valuable real estate.
Combine the size and packets in the Qt and Win32 dialogs and
pretty-print the size. Combine the start and elapsed times in the Qt,
Win32, and GTK+ dialogs. This lets us shrink the custom areas of the
file dialogs even further. Make the default file type combo item more
descriptive.
Change-Id: Id770adc0f284a4c7f08ee5a7db84f8435f4bf907
Reviewed-on: https://code.wireshark.org/review/17597
Tested-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I5669e2442582f899643fae4a9f86ab6d505dde07
Reviewed-on: https://code.wireshark.org/review/16505
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
CreateProcess can modify its second (lpCommandLine) argument. Don't
pass it the output of utf_8to16.
Constify the return value of utf_8to16.
Change-Id: I0d4361396e90c88a4ab2a3f2f0e058230e897fdf
Reviewed-on: https://code.wireshark.org/review/15155
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
We don't do much work to do that - we don't print anything before the
first selected page, and once we're finished generating that page, we
terminate the printing process - so it shouldn't need a progress bar.
(If it needs a progress bar, We Have A Problem, as that slows down the
drawing of the dialog box.)
This should prevent the problem seen in bug 12040.
Bug: 12040
Change-Id: I129191e06fff3e1eb59a9631c7395b9e7f650809
Reviewed-on: https://code.wireshark.org/review/14255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's *.* on Windows, but just * on UN*X; add a header that provides the
definition, and use it instead of hardwiring *.*.
Call the entry "All Files", that being the conventional name, rather
than "Any File", whilst we're at it.
Change-Id: I7c29324fc5b41e93c150e1ec67f1529f171dc6a3
Reviewed-on: https://code.wireshark.org/review/14243
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We're not allocating colors ourselves in GTK+ (and haven't been doing so
since at least 1.12), and all color_t values are valid colors, so
we don't need any toolkit-specific processing to fill in a color_t.
While we're at it, catch read errors when reading color filter files.
Change-Id: Ieb520d141cf15e371a31a01459d466c95ba2209b
Reviewed-on: https://code.wireshark.org/review/12985
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This also moved color.h into color_filters.h
Change-Id: Ic19e27aa1b3ec67e764aa7ee8bbef7b1187bb12e
Reviewed-on: https://code.wireshark.org/review/12831
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Be more consistent about using the ws_ routines, as we suggest in
README.developer.
In C++ on UN*X, define ws_close as ::close rather than close, so that it
works even in classes with methods or members named "close".
Change-Id: Ide2652229e6b6b4624cbddae0e909a4ea1efa591
Reviewed-on: https://code.wireshark.org/review/11637
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix some (mostly spurious) checkapi warnings by renaming the
offending variables.
Change-Id: I7a43ac89f5ed35053a6526fa838fbad67669a49a
Reviewed-on: https://code.wireshark.org/review/10655
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Found by MSVC2013 Code Analysis
Change-Id: I58063946dd558e98308c87b36eeac0ddbe1a6e79
Reviewed-on: https://code.wireshark.org/review/7045
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Change-Id: I009c09f25d170e5c9aaaef713eaacb3252817856
Reviewed-on: https://code.wireshark.org/review/6460
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
4189: Local variable is initialized but not referenced
Fix some variables found by this
Change-Id: Icc13def5413f1fe885ec25e659462c8906a6cfa0
Reviewed-on: https://code.wireshark.org/review/3748
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
This reverts commit c0c480d08c.
A better way to do this is to have the record type be part of struct wtap_pkthdr; that keeps the metadata for the record together and requires fewer API changes. That is in-progress.
Change-Id: Ic558f163a48e2c6d0df7f55e81a35a5e24b53bc6
Reviewed-on: https://code.wireshark.org/review/1741
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is the first step towards implementing the mechanisms requestd in
bug 8590; currently, we don't return any records other than packet
records from libwiretap, and just ignore non-packet records in the rest
of Wireshark, but this at least gets the ball rolling.
Change-Id: I34a45b54dd361f69fdad1a758d8ca4f42d67d574
Reviewed-on: https://code.wireshark.org/review/1736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 1abeb277f5.
This isn't building, and looks as if it requires significant work to fix.
Change-Id: I622b1bb243e353e874883a302ab419532b7601f2
Reviewed-on: https://code.wireshark.org/review/1568
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality.
The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes.
bug:9607
Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae
Reviewed-on: https://code.wireshark.org/review/1485
Reviewed-by: Michael Mann <mmann78@netscape.net>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>