This reverts commit 13c5960a2c.
Based on the features that needs integration of "multi-selection" (which this change introduced), it seems that there will be fair amount time and code changes required in packet_list.cpp and possibly other files.
I am reverting this change from the master branch so that people can still continue to use features with single-selection.
Meanwhile, Stig B and others ready to test can import this change to verify which features are missing integration and/or integrated correctly. Once the feature set integration is complete and there is fair amount of approval from all of you, the core committers can decide on it.
Change-Id: I106fd3c54350dd0fd85fc44743e7f5321cb04110
Reviewed-on: https://code.wireshark.org/review/33454
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
For all platforms that is supported by Qt framework...
- Select copy/<options> from context menu and it will copy selected lines.
Note: This change implements part 1 of another change, # 33007.
And has been tested on Windows 10 only.
Change-Id: Iba2668d7c411aa33de77003fe116e63e6f650b3d
Reviewed-on: https://code.wireshark.org/review/33074
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Dynamic cast may yield NULL pointer, hence must be checked before
dereferencing it. Easy enough in a conditional.
CID 1435488
Change-Id: I8359ab5865795f1b1bea6980b023ff636d6719a6
Reviewed-on: https://code.wireshark.org/review/33316
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The _open_osfhandle() does take ownership of the handle and thus the
underlying handle gets closed at the same time as the file-descriptor.
As we want to preserve the underlying pipe handle, create a duplicate
handle and use the duplicate handle with _open_osfhandle().
Change-Id: Iaa52fbae8e72b1ba74ab8ea9a44def8dc2ab4570
Reviewed-on: https://code.wireshark.org/review/33251
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Found by clang with -Wextra-semi
Change-Id: I259f168759caab239c0e67526afbfa62c032b8b6
Reviewed-on: https://code.wireshark.org/review/33283
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Tested-by: Petri Dish Buildbot
Filter repeated messages. Once a message box is closed, if there were
any duplicates, log warning message with the number of duplicates that
were supressed.
Ping-Bug: 4811
Change-Id: I0ce09d39a640a425f3288e0ab9d3f4ba7bf44bfa
Reviewed-on: https://code.wireshark.org/review/33241
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When extcap fails before connecting to pipes, ws_write() in
InterfaceToolbar::controlSend() fails and error message is displayed to
the user.
Before this change, the message box would block until the user closes
the message. As the controlSend() was called inside "capture prepared"
context the remaining capture preparation code would wait for the user
action. However, the pipeTimeout() would get called before user confirms
the message as Qt would be processing all events in the main event
queue. This led to "capture failed" executing before "capture prepared"
finished. Such interruption caused multiple issues including freeing
buffer that was not yet allocated.
Bug: 15743
Change-Id: I6bc2734126292cdc5b560418069caf98747be68e
Reviewed-on: https://code.wireshark.org/review/33208
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In handling the capture preferences frame, the preference to not load
interfaces on startup is handled incorrectly. Instead of using the
preference value itself, the validity of the pointer to the preference is
used. This leads to some confusing logic.
Replacing this code with proper preference retrieval.
This was introduced with commit 7a07832712
CID 1439697
Change-Id: I9bf3df413d89f8df55553a7218f34d425eb103de
Reviewed-on: https://code.wireshark.org/review/33187
Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Prior to this change the extcap option dialog destructor was called only
when the main Wireshark window closed.
Besides that, fix the NULL pointer dereference that would happen if
device name was not a valid extcap device.
Change-Id: I84334e3a83c66557d961771f74c39447d30a6875
Reviewed-on: https://code.wireshark.org/review/33197
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The default chk callbacks for individual fields only catches basic
errors such as invalid, too large numbers. Many dissectors perform
additional validation in the update_cb which is invoked for a record as
a whole. If this check fails, then the UAT must not be marked as valid
or else invalid records (like NULL pointers) could be exposed.
Thanks to Uli Heilmeier for noticing this.
Bug: 15709
Change-Id: I1cc4c6925322011a561ad6df840fbac67796e5b2
Fixes: v2.3.0rc0-1002-g1cd22559a8 ("Qt: convert UatDialog to model/view pattern, improve UX")
Reviewed-on: https://code.wireshark.org/review/33157
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Uli Heilmeier <openid@heilmeier.eu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ManageInterfacesDialog local view model hierarchy is as follows:
* InterfaceSortFilterModel
* InterfaceTreeCacheModel
* InterfaceTreeModel
Each model should return model indexes associated with itself.
The InterfaceTreeCacheModel::index() broke the data flow by returning
model index associated with InterfaceTreeModel. This lead to
InterfaceSortFilterModel to pass model index associated with
InterfaceTreeModel to a InterfaceTreeCacheModel instance.
This resulted in asserts in debug builds.
Fix the problem by returning model index associated with the
InterfaceTreeCacheModel.
Bug: 13744
Change-Id: I03a08dbda0bf7cce8f6832e1f34c1a75b8d3cfab
Reviewed-on: https://code.wireshark.org/review/33014
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ic5a3653cb8bcc33e0be108c8b201567e7090f9f5
Reviewed-on: https://code.wireshark.org/review/33043
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I5326b87784817fb353329e2d686fe0515c32f6cb
Reviewed-on: https://code.wireshark.org/review/33038
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I8443379d23a2946dd21c12e5e0bd5464ab73ca25
Reviewed-on: https://code.wireshark.org/review/31857
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Those routines exist on both Windows and UN*X, but they don't do
anything on UN*X (they could if it were ever necessary).
That eliminates some #ifdefs, and also means that the gory details of
initializing Winsock, including the Winsock version being requested,
are buried in one routine.
The initialization routine returns NULL on success and a pointer to a
g_malloc()ated error message on failure; report the error to the user,
along with a "report this to the Wireshark developers" suggestion.
That means including wsutil/socket.h, which obviates the need to include
some headers for socket APIs, as it includes them for you.
Change-Id: I9327bbf25effbb441e4217edc5354a4d5ab07186
Reviewed-on: https://code.wireshark.org/review/33045
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It was a bad idea to bring back the border around inactive+selected packet
list items in g009283a6 because it will move the text some pixels down.
Revert this part because we now have support for customize the colors.
Remove the old "style_inactive_selected" handling because it has no effect.
Change-Id: I7599591a957a11d42964f7dc0981411cf3b28b4f
Reviewed-on: https://code.wireshark.org/review/32964
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Make sure we link each application that calls WSAStartup with ws2_32.lib.
Pass version 2.2 to WSAStartup. Wikipedia says it was introduced in 1996,
so we should be OK.
Ping-Bug: 15711
Change-Id: I431839e930e7c646669af7373789640b5180ec28
Reviewed-on: https://code.wireshark.org/review/33033
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
When a stream index is explicitly given (as is done for items from the
Conversations statistics dialog), it does not have to query the stream
index from the packet list. Skip checking the packet list then.
Bug: 15672
Change-Id: I3f79e6a0997726535c38f9766b894b042ffbf916
Reviewed-on: https://code.wireshark.org/review/32972
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When extcap is started for capture, the argument call is appended to extcap
commandline if the associated value is not empty or the argument is boolflag.
Unfortunately such rule did not apply when constructing the arguments list
for selector reload action. This could lead to extcap being called with
the argument calls without required values (eg. multicheck, selector, string).
This change makes the --extcap-reload-option selector to not contain argument
calls for which the value is not available.
Bug: 15725
Change-Id: Ic2456c03b3eb7c7525d19e64ea02afd99ed5f6cb
Reviewed-on: https://code.wireshark.org/review/32967
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This makes it possible to set the console.log.level from the Advanced
preferences window.
Change-Id: I5c5551f089a935eef77f54fdcad0ba060f14edfd
Reviewed-on: https://code.wireshark.org/review/32930
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Deadlock happened if extcap was writing to control pipe before it sent
the pcap data and the pipe buffer was not able to hold all the data.
The solution is to start reading data from extcap control pipe in
capture prepare.
This bug was introduced in 018f6bff18
which was reviewed on https://code.wireshark.org/review/23211
Unfortunately neither the commit message nor the review contains any
explaination why it delays the extcap control pipe opening.
Bug: 15261
Change-Id: I10d006128f6eb7d63f751d230edbd905eb46416b
Reviewed-on: https://code.wireshark.org/review/32898
Reviewed-by: Anders Broman <a.broman58@gmail.com>
During introduction of proper direction support this line was left over,
causing TCP dest port to remain independant of direction. This change
simply drops the line.
See CID 1444115
Change-Id: I4ff362925e422bc57cfa3842127ddaf8695cf303
Reviewed-on: https://code.wireshark.org/review/32902
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before this change extcap parameters without value would be silently
changed into a single space on parameters load.
This could lead to not only passing unexpected values to extcap call
arguments but also "auto-fill" text values without user consent.
Example scenario to observe this problem using extcap_example.py was:
1. Open "Example interface 1 for extcap" configuration
2. Click Restore Defaults
3. Enter message, so the capture can be started
4. Make sure "Save parameter on capture start" is enabled
5. Start capture
6. Notice that capture starts normally and extcap arguments are ok
7. Stop capture
8. Start capture again
9. Notice that parameters were reloaded and the extcap was called with
following unwanted arguments:
--logfile " " --radio " " --multi " "
Bug: 15065
Change-Id: I9cd87d9cc8c7e4f8893a066e9f10aa760b52bb97
Reviewed-on: https://code.wireshark.org/review/32887
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The deprecated-gtk and deprecated-gtk-todo API groups were removed last
year in g7853d0e354.
Change-Id: I9b299d54da043bbda91d639ec7c94a58f459149f
Reviewed-on: https://code.wireshark.org/review/32865
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have cf_read_current_record() take a capture_file as an argument and
read, into its wtap_rec and Buffer for the currently-selected frame,
information for the currently-selected frame.
Rename cf_read_record_r() to cf_read_record().
That gives us 1) a routine that reads the currently-selected frame into
the wtap_rec and Buffer for the currently-selected frame and 2) a
routine that reads an arbitrary frame into the wtap_rec and Buffer
supplied to it. If you *want* the currently-selected record, use the
former, otherwise use the latter.
Change-Id: If6bd5915dd5bc18334d7b89859822a19234153a4
Reviewed-on: https://code.wireshark.org/review/32858
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For extcap boolean flags inserted into arguments hash table, the key should
be the "call" option and value should be NULL.
extcap_add_arg_and_remove_cb() takes care of NULL values by simply
omitting them from generated argument list.
ws_pipe_spawn_async() appends arguments until either:
* argument string is NULL
* argument string points directly to NULL terminator (empty string)
This bug resulted in extcap arguments being "cut off" after the first
"boolflag" present in the commandline arugments. Because arugments hash
table is unordered the actual commandline passed to extcap depended on
the order in which options were changed in extcap configuration dialog.
Bug: 15586
Change-Id: I00f136d3b627064cbfb539b3429aa5e4aef319e1
Reviewed-on: https://code.wireshark.org/review/32848
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We may or may not be working on the currently-selected packet, so
there's no reason to use read into the capture_file's wtap_rec and
Buffer for the currently-selected packet. We already have a wtap_rec of
our own, and we currently have a pointer to a raw packet data array that
we can replace with a Buffer of our own; just read into them.
Use wtap_rec_init() on the wtap_rec, rather than using its implicit
constructor - there's no guarantee that the initial values of the
structure members, as defined by C (and C++), are what we want.
Use wtap_rec_cleanup() in the destructor; it might do more than the
implied destructor (which does nothing). wtap_rec and Buffer are C
structures, so they don't get C++ constructors and destructors - we have
to use the C ones, which are explicit functions. I think there are
memory leaks that this fixes (packet comments and Buffer for the options
data, leaked when a PacketDialog window is closed).
Change-Id: Ica1d937fd00e4d2f5e4e2275bcd8edddb7a7921b
Reviewed-on: https://code.wireshark.org/review/32832
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Multicheck was introduced to make it easy to configure USBPcap to
capture only from selected devices instead of the whole Root Hub.
In GTK+ interface the multicheck enabled options featured a checkbox
next to the item entry. Displaying the checkboxes made it intuitive to
the user that the items can be checked/unchecked.
During the GTK+ to Qt transition, the checkbox idea got lost. The GTK+
interface up to its very last days did show the checkboxes.
While it is possible to select the individual devices in Qt UI and
actually have USBPcap to capture only on selected devices, it is really
unintuitive and the user simply has to know how the multicheck is
implemented to take advantage of it.
This change brings the multicheck checkboxes to Qt UI.
Ping-Bug: 13355
Change-Id: Ia677ff2222c46b9816b8dca4c47e93c72cee834f
Reviewed-on: https://code.wireshark.org/review/32813
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
path() incorrectly gives paths as /C:/Program Files/Wireshark/udpdump.html
under windows. The leading slash gives a wrong test on the file. Instead
toLocalFile() handles it correctly. isLocalFile() has been used to get if
we have a local file or a network URL. The reported bug occurred under Windows
only, but the change is compatible with Linux paths as well.
Accidentally when the test on the file was successful, nothing got called.
The routine has been reworked to open an existing local file.
Bug: 15592
Change-Id: Id6e3a91dfb4c9d20ae8cb0735eabab64caeff47f
Reviewed-on: https://code.wireshark.org/review/32772
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
That way we aren't allocating memory, reading packets from a batch, and
freeing the memory for each batch of packets delivered by dumpcap; we do
the allocation when the capture starts and the freeing when it finishes.
Change-Id: If012ab865f3a99d869535ad10827ad8680c1b10c
Reviewed-on: https://code.wireshark.org/review/32766
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
That way we don't do initialization, possible expansion of the buffer
from its initial size, and cleanup for every packet.
Change-Id: If967bd8f0cc65631b8b128b2c048d32ba54c8033
Reviewed-on: https://code.wireshark.org/review/32774
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move it to the capture_session structure from the info_data_t structure,
and pass it as an argument to capture_info_new_packets().
Change-Id: I822392bbf48eeb27ba9e17b73775d2fc4349bc17
Reviewed-on: https://code.wireshark.org/review/32765
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit 9445403f95.
cf_select_packet frees the buffer backing the dissection result
(cf->edt) which results in use-after-frees when callers try to access
the contents. See for example this call trace:
* PacketList::selectionChanged
* cf_select_packet(cap_file_, row)
* frameSelected(row) -> ByteViewTab::selectedFrameChanged
* addTab(source_name, get_data_source_tvb(source))
get_data_source_tvb returns the buffer that backs the dissection and
must remain valid even after dissection has completed. If this is not
done, then a possibly expensive redissection must be done in order to
populate the byte view. The temporary memory savings are not worth it.
Bug: 15683
Change-Id: Ia5ec2c7736cdebbac3c5bf46a4e2470c9236262d
Reviewed-on: https://code.wireshark.org/review/32758
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most code that reads from a capture_file already has its own wtap_rec
and Buffer; change the remaining ones to do so as well.
Change-Id: I9b7c136642bbb375848c37ebe23c9cdeffe830c3
Reviewed-on: https://code.wireshark.org/review/32732
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Highlight the row in packet list and proto tree when mouse hovers
above the row. This mimics the behaviour on Windows.
Change-Id: I28461f9d7740269bad39893597232fe775f77a86
Reviewed-on: https://code.wireshark.org/review/32619
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The border around inactive+selected packet list items from aaba30a3
was removed in 00776f83 and 53dfec9b. Add this back again.
Use solid color in flat_style_format, no need for a gradient between
the same color.
Remove the empty default_style_format, it does not add anything.
Ping-Bug: 12010
Change-Id: I97df7147b196c73e9f6ec4b9c370ddb6bd54488a
Reviewed-on: https://code.wireshark.org/review/32676
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Giving the pathname of a temporary file that will be deleted once TShark
exits isn't useful; just refer to "the temporary capture file".
Change-Id: I7333ac3cef4e4ae1076a5b0e3c46a04e0328d505
Reviewed-on: https://code.wireshark.org/review/32645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes it match the "Plugins" tab of the "About" dialog.
While we're at it, use the same code to enumerate extcap plugins in that
dialog.
Change-Id: I50f402a7ab5d83d46baab070d145558ed8f688f4
Reviewed-on: https://code.wireshark.org/review/32589
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Set the foreground color of an expert info item only when we set its
background color, otherwise we show black text on a dark background.
Remove an unneeded include while we're here.
Change-Id: Ibb835d26d7aa18bfb406b7820b321dc372aed599
Ping-Bug: 15511
Reviewed-on: https://code.wireshark.org/review/32534
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Inspired by looking into
https://ask.wireshark.org/question/8009/wireshark-ring-buffer-settings-from-command-line/
... in which the user was confused because a duration set on the command
line was not reflected in the GUI. That's because
I0180c43843f5d2f0c2f50153c9ce42ac7fa5aeae added the `interval` ring-buffer
option and made the GUI use this rather than `duration`. This was not at all
clear in the GUI, though.
Since `duration` and `interval` have quite different use cases, expose both in
the GUI.
Try to clean up and unify the tooltips at the same time. I'm not entirely
convinced the tooltips need to be on the checkbox, the spinbox, and the
combobox but leave it that way for now.
Add some to the man page description of the interval option to hopefully make
it clearer what the option does.
Change-Id: I3b45fe71c33af64d980dffb5e5ba93e2a15a6b96
Reviewed-on: https://code.wireshark.org/review/32526
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a collection of routines, not a program.
Change-Id: I76296576443602b7ea016c5311e66a52a73ee941
Reviewed-on: https://code.wireshark.org/review/32491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead, add a new T_EOF token type, call parse_token() with it when we
get an EOF, and, in parse_token(), write the current packet if we get a
T_EOF token.
That's a bit simpler, and would let us treat EOFs in different places
differently, if, for example, we want to report warnings for
half-finished packets.
Change-Id: Ie41a8a1dedf91c34300468e073f18bf806e01892
Reviewed-on: https://code.wireshark.org/review/32489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Write out the last packet after text_import_scan() returns, if it
returned successfully, the same way that it's done in text2pcap. This
means we can get rid of the EOF rule in the lexer - the lexer just
finishes and returns 0 to text_import_scan(), which then returns a
success indication to text_import() - and make write_current_packet()
static.
Change-Id: Ibafdbe01da6bb33a213a32847f1981bc943290a1
Reviewed-on: https://code.wireshark.org/review/32486
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_input_drops() doesn't, and shouldn't, modify or free or... the
interface name, so make the pointer to it a const pointer.
Change-Id: Iafc5c5dd9939225b3aeb8a8e36c5bdeecc394e12
Reviewed-on: https://code.wireshark.org/review/32465
Reviewed-by: Guy Harris <guy@alum.mit.edu>
capture_input_cfilter_error_message() doesn't, and shouldn't, modify or
free or... the error message, so make the pointer to it a const pointer.
Change-Id: Ic14ac306add328df369af4b6e149c856f4283912
Reviewed-on: https://code.wireshark.org/review/32464
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The result of sctp_stat_get_info() is only used in fillTable, so there's
no need to save it.
Make it a const pointer, to squelch warnings.
Change-Id: Icb6fd7e2f5c3c5c53f7d33509d100a0947e69369
Reviewed-on: https://code.wireshark.org/review/32460
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We don't modify expert_info_t's used when constructing an
ExpertPacketItem or when they're passed to the tap routine.
Change-Id: I9e6a1545ce2340091eb7c5f6a8ef5a1da675b3ab
Reviewed-on: https://code.wireshark.org/review/32456
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure that we always print log messages on Windows. External programs
or scripts (including our test suite) might need to see log messages
independent of our console settings.
Make sure that we always use our log handler and that its stdout /
stderr routing matches GLib's. Flush our log output, which is something
that GLib's default handler sometimes doesn't do:
https://bugzilla.gnome.org/show_bug.cgi?id=792432
Bug: 15605
Change-Id: I4b17f2cb9269b2c87c21835d82770dae93bbfa20
Reviewed-on: https://code.wireshark.org/review/32412
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If we have direction indications, flip the source and destination for
outgoing packets.
Also, generate sequence numbers for TCP.
Code lifted from text2pcap.
Bug: 15561
Change-Id: I869c45e88bf635f3277dbeeb08aff88dbfc8edef
Reviewed-on: https://code.wireshark.org/review/32383
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
1) They're both required, for both strftime() and strptime(), by the
Single UNIX Specification.
2) They're both supported by MSVC's strftime(), at least as of VS 2015.
3) With MSVC, we use our own strptime(), which is based on the GNU libc
one and which supports both of them.
So we don't have to worry about them not working and either giving a
bogus value or throwing an exception or anything such as that.
Bug: 15565
Change-Id: I72b7798f35c4461855298cfcfa84732c1297d5fe
Reviewed-on: https://code.wireshark.org/review/32370
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The wireless toolbar retrieves the full list of network interfaces
every 1.5 seconds to keep its list of interfaces updated. This
not only adds unnecessary load on the system it also generates
plenty of netlink traffic. When capturing packets on nlmon
interfaces they are flooded with packets generated by Wireshark
itself making it hard to understand the traffic that's really present
on the system.
Remove the periodic interface update and instead listen to network
interface change events and update only when something has changed.
The wireless toolbar need to know all when wireless interfaces are
added/removed, not only whether an interface is 'up' or not so
iface_monitor changes were also necessary.
Bug: 15576
Change-Id: I8fb19fd919dfef1b6b35bf48790b105ecd2b60a8
Reviewed-on: https://code.wireshark.org/review/32350
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tcp.stream and udp.stream are already unsigned identifiers. An upcoming
http2.hashed_stream identifier can exercise the full unsigned 32-bit
number space, so be sure not to treat the stream identifier as signed
integer.
Change-Id: Ic5d398b2bda7eba7555e385ef3fcd44b490f78c9
Reviewed-on: https://code.wireshark.org/review/32287
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
When copying from another profile which has been renamed:
show the new profile name in the info label "Created from".
When copying from another profile which is later deleted:
append "(deleted)" to the info label to indicate that the origin
profile is not in the list.
Do not show "Renamed from" when a profile name if renamed back to
it's original name.
Change-Id: I0bf0c868c5dfd150a23b2ef887e7c70030b48d05
Reviewed-on: https://code.wireshark.org/review/32201
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Throw away the old temporary filename when restart capture to create
a new temporary file. This was omitted from the previous restart
capture fix.
Change-Id: I39396d26563ec3d424161f81667864440a13e6d2
Reviewed-on: https://code.wireshark.org/review/32184
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Add ColorUtils::themeIsDark and use it to report our dark / light mode
in the "About" dialog. Summarize the HiDPI capability of our displays as
well.
Change-Id: I242af1eb48017d49b90e71099bb753e67a8dd32b
Reviewed-on: https://code.wireshark.org/review/32115
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reapply the column width and alignment when editing the fields
in a custom column.
Bug: 14177
Change-Id: I581ea67505f9181c1e5133c9950f59ed0780b0ba
Reviewed-on: https://code.wireshark.org/review/32121
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Set capture_opts->restart before restart current capture.
Update the restart handling in capture_input_closed() to not remove
the current save file; this is either the last file in a ring buffer
or a temporary file which will be reused later. Also remove the code
which starts the capture again because this is now done in
MainWindow::on_actionCaptureRestart_triggered().
Keep the code to restore the original save file when having a ring
buffer. This will avoid the error message "Ring buffer requested,
but capture isn't being saved to a permanent file" and a following
unwanted capture stop.
This fix will also avoid the "No packets captured" warning when
restart capture without having any packets captured.
Remove the unused capture_restart() function which was used in GTK.
Change-Id: I80802217b71810eaa36b78a2eb4c32697ddc92ce
Reviewed-on: https://code.wireshark.org/review/32110
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make it possible to remove the "Capture to a permanent file" setting
in Capture Interfaces Output dialog by turning off saving_to_file in
updateInterfaces().
Also make sure to free the old values for save_file and orig_save_file
to avoid memory leaks.
Set orig_save_file to the same as save_file from the '-w' option to
fill in the current "Capture to a permanent file" value correctly.
Change-Id: I1f4df8cfa279f934eff028f32838b9734b627af1
Reviewed-on: https://code.wireshark.org/review/32111
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Convert our self-generating FAQ to Asciidoctor via the following steps:
- `help/faq.py > /tmp/faq.html`.
- `pandoc -t asciidoc -o docbook/faq.adoc /tmp/faq.html`.
- Manually clean up the markup using a text editor.
Question and answer content was left intact. Removing or updating
obsolete content will have to be done in a separate change.
The Asciidoctor project uses the .adoc extension, so start using it here
as well.
The contents of the "help" directory appear to have been used for
offline support in help_url.c, but that functionality was removed in
2008 in 242e3b78bc. Its content is covered in the User's Guide and man
pages so remove it.
Change-Id: I9060eefe97cfc137f8b414077c30f814379b576a
Reviewed-on: https://code.wireshark.org/review/32014
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add macros to extract the direction, reception type, and FCS length
fields of the pack_flags field, and add definitions for different
directions and reception types.
Add a macro to construct a pack_flags field value from subfields; this
is for use by non-pcapng file readers (the pack_flags field is just a
copy of the EPB flags option, so that's not needed for pcapng).
Move some #defines for that field from packet-frame.c to wtap.h, and
rename them to match the new macros.
Use the macros rather than rolling our own code.
Fix a variable name in text2pcap.c that apparently had the wrong name,
given the value that was being tested.
Change-Id: Ia788ca4e9f5fabd8d24e6ead5ff1817509f54827
Reviewed-on: https://code.wireshark.org/review/32010
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Avoid crashed in context menu in Bluetooth windows when there is no any items.
Also add missing last column in "Copy All" in HCI Summary (fix console warning).
Change-Id: I28af0208c3b1c813d43305f3c0a4bf19f66d3e31
Reviewed-on: https://code.wireshark.org/review/31977
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Both functions accept an address in network byte order, but
maxmind_db_lookup_ipv4 does not accept a pointer. Add an indirection and
remove unnecessary memcpy calls. This removes some confusion for me.
Change-Id: I291c54c8c55bc8048ca011b84918c8a5d3ed1398
Reviewed-on: https://code.wireshark.org/review/31951
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixing some "implicit conversion loses integer precision" warnings
reported by clang with -Wshorten-64-to-32 option
Change-Id: Icd641d5f4fd8ff129f03f1b9e1da0fc86329f096
Reviewed-on: https://code.wireshark.org/review/31901
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fixes ASAN test failures for test_wireshark_capture_from_stdin and
test_wireshark_capture_from_fifo tests.
Change-Id: I196fe2a299761f95e07b3091b934a566403e3e3f
Reviewed-on: https://code.wireshark.org/review/31844
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The RSA Keys API and GUI are only functional when GnuTLS support is
available. Be sure to hide the functions in the header and hide the
preferences panel when GnuTLS support is missing.
Change-Id: I0a52ab142c4d45b8186780ea9b1645542dcc6305
Fixes: v2.9.1rc0-585-gec8f506c4b ("Qt: add initial RSA Keys preference frame")
Reviewed-on: https://code.wireshark.org/review/31837
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
In some cases the column width and/or hidden setting is not correctly applied
when switching between profiles having different hidden settings.
Unhiding the column before applying width and hidden setting fixes this issue.
Bug: 15466
Change-Id: I09e3451612ba6dd0510b19f7f4d84d281b0188b5
Reviewed-on: https://code.wireshark.org/review/31812
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Update release notes now that this GUI is mostly functional.
Change-Id: I118fbbe879e366643084f0e7ac3e437a29f21d5f
Reviewed-on: https://code.wireshark.org/review/31797
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Load the list of key URIs, strip known keys, ask for a PIN, add valid
results to the list. Apply this list on pressing OK in the preferences
dialog or revert the changes on pressing Cancel.
Change-Id: Id48cd9b876b4d272eb6dbdadf8a0859190cc0ce8
Reviewed-on: https://code.wireshark.org/review/31796
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The RSA Keys frame is intended to configure RSA keys (both key files and
PKCS #11 tokens). Add a new "RSA Keys" item to the preferences menu.
Implement addition and removal of PKCS #11 libraries and add an initial
version that displays configured RSA keys.
The "Add new token…" button will be implemented later.
Change-Id: Ie5b9eb403afc7bebeb7be8bd53d4d4b30842204c
Reviewed-on: https://code.wireshark.org/review/31795
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
UatModel could be constructed with a name instead of an epan_uat type.
To allow those users to save/revert the uat, make sure to expose a
method that does not require access to the underlying epan_uat type.
Change-Id: I1d1a5811c1025bd9c2a2ea1722f460e6ac33b9aa
Reviewed-on: https://code.wireshark.org/review/31793
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Set the push button as parent to the save menu so it will be deleted
when that parent is destroyed.
Change-Id: Ic396dcf25092c90cd305a010be3d551d8ad8397c
Reviewed-on: https://code.wireshark.org/review/31802
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The memory ownership of wtap_rec::opt_comment was not clear. Users of
wtap were leaking memory (editcap.c). wtap readers were not sure about
freeing old comments (erf) or simply ignored memleaks (pcapng).
To fix this, ensure opt_comment is owned by wtap_rec and free it with
wtap_rec_cleanup. The erf issue was already addressed since
cf_get_packet_comment properly duplicates wth.opt_comment memory.
- wtap file formats (readers):
- Should allocate memory for new comments.
- Should free a comment from an earlier read before writing a new one.
- Users of wth:
- Can only assume that opt_comment remains valid until the next read.
- Can assume that wtap_dump does not modify the comment.
- For random access (wtap_seek_read): should call wtap_rec_cleanup
to free the comment.
The test_tshark_z_expert_comment and test_text2pcap_sip_pcapng tests now
pass when built with ASAN.
This change was created by carefully looking at all users opt
"opt_comment" and cf_get_packet_comment. Thanks to Vasil Velichkov for
an initial patch which helped validating this version.
Bug: 7515
Change-Id: If3152d1391e7e0d9860f04f3bc2ec41a1f6cc54b
Reviewed-on: https://code.wireshark.org/review/31713
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
cf_get_packet_comment already has one code path that returns duplicated
memory. Be sure to document the requirement to free this memory and
adjust Qt to avoid memory leaks.
Be firm and assume that wth.opt_comment is owned by wth, so duplicate it
before returning it from cf_get_packet_comment.
Change-Id: I91f406296c9db5ea21b90fc2e108c37de4528527
Ping-Bug: 7515
Reviewed-on: https://code.wireshark.org/review/31712
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Vasil Velichkov <vvvelichkov@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Manually checked all callers of wtap_seek_read to ensure that
wtap_rec_cleanup is called. Added missing wtap_rec_cleanup to:
- Completion of sequential read: wtap_sequential_close
- Callers of wtap_seek_read:
- users of cf_read_record_r:
- PacketListRecord::dissect
This fixes one of the two ASAN memleak reports while running
test_tshark_z_expert_comment and test_text2pcap_sip_pcapng (the other is
about opt_comment which is still unfixed).
Vasil Velichkov also found this issue and came up with a similar fix.
Change-Id: I54a6aa70bfdb42a816d03ad4861d0ad821d0ef88
Reviewed-on: https://code.wireshark.org/review/31709
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The glib gboolean and integer types are used interchangably,
while a proper use is easily achievable.
Change-Id: I8943bb90c9f23c0e58c296ad3b45153d0364953c
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31708
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Include the current word in the filter completion list to give the
user a more complete picture of what constitutes a valid single-token
protocol name.
Bug: 15431
Change-Id: I77cfc78f19623d9aefd4441a67ed3ae72068034e
Reviewed-on: https://code.wireshark.org/review/31654
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
From the updates to text2pcap take the updates to the code comments and
apply them here as well. This also applies to the User Guide help texts.
Change-Id: I4e73fb1372ea0c1866c6d0fee7c14bc645fbe1b1
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31636
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is more explicit and easier to read with slightly better locality
while using less code.
Also less awkward when the package doesn't fit the narrow package list
expectations.
The ws_find_package() macro doesn't include all the status messages. The
choice was to rely on standard find_package() and feature_summary() output
and be less verbose.
Avoid polluting the CLI build interface. Per target include paths and
macro definitions are preferred.
Because this patch intentionally removes the global CMAKE_*_FLAGS
and include_directories() usage in favor of target properties, some
untested build configurations may inadvertently break because of
missing ${PACKAGE}_INCLUDE_DIRS or ${PACKAGE}_DEFINITIONS. This
required a manual review of dependencies that might have been
incomplete.
${PACKAGE_VAR}_LINK_FLAGS seems to be unused.
Changing the CMake Qt code to use more modern CMake component syntax
is left as future work.
Change-Id: I3ed75252189a6e05a23ed6e619088f519cd7ed78
Reviewed-on: https://code.wireshark.org/review/31496
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Resources such as translations (autogenerated qm files) and SVG images
resulted in non-reproducible builds. Be sure to disable this to make the
resources reproducible on Qt < 5.8 or Qt >= 5.9 (excluding Qt 5.8.x).
With this change, the Wireshark build is reproducible invariant of the
build directory (but not the source directory).
Bug: 15163
Change-Id: I9240d2aa6e7298e1928c0f1d97ce83673320024d
Reviewed-on: https://code.wireshark.org/review/31593
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The correct method of selection of colors is just using the
QColorDialog not a specialized object. Implementing it just
that way, to correct bug on Linux
Bug: 15399
Change-Id: I3c4785d352888ec34c34534667c3f7df182f9fd7
Reviewed-on: https://code.wireshark.org/review/31465
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Save 800ms and avoids a synchronization point (improves build
parallelism) by directly adding object files to the wireshark binary.
Change-Id: I7d1484c65a26f3f6874474b61d38ba474aba8347
Reviewed-on: https://code.wireshark.org/review/31512
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
What we were calling the "name" is actually a description to show to
users; what were calling the "short name" is just the name to use on the
command line.
Rename some routines and structure members, and put the name first and
description second in the table.
Expand some descriptions to give more details (e.g., to be more than
just a capitalized version of the name).
Fix the CamelCase capitalization of InfiniBand.
Change-Id: I060b8bd86573880efd0fab044401b449469563eb
Reviewed-on: https://code.wireshark.org/review/31472
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Set the push button as parent to the profile list menu so it will
be deleted when that parent is destroyed.
Change-Id: Ide4a234e039a3e27d9ee4732a3800906c80be173
Reviewed-on: https://code.wireshark.org/review/31446
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Only copy ASCII characters when doing "Copy Bytes as Hex + ASCII Dump"
from the ByteView. This is what we do in all other Hex Dumps.
Also change the parameter name to reflect this.
Change-Id: I63cc79ffa014fd9aa50c84d765ee168f0b1ea44a
Reviewed-on: https://code.wireshark.org/review/31442
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Draw a circle+backslash or a warning triangle in the far right of the
line edit entry for invalid and deprecated filters respectively. This
should provide an additional clue for color blind users.
Bug: 15326
Change-Id: I55a1e214834a340ccda3bfe8880bba12c5e274e9
Reviewed-on: https://code.wireshark.org/review/30936
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename the Remove action in the welcome page to "Remove from list" to
indicate that the file is only removed from the list, not from disk.
Change-Id: I4a47c9852203596cc601bf254a4bcfc700ccd025
Reviewed-on: https://code.wireshark.org/review/31433
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add a menu item for "Show in Finder/Folder" for plugins in cases where
Wireshark loads plugins from other folders than is listed in "Folders".
Change-Id: I8cc42d9992d885f1ca37f5769d7292bed1584f4b
Reviewed-on: https://code.wireshark.org/review/31270
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Doing so means we'd close the FD, but we've already closed it.
Addresses Coverity CID 1442274.
Change-Id: I5aab1bd4b82e9ac0901bcdbc1ddb6b16eec30573
Reviewed-on: https://code.wireshark.org/review/31312
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We've already reported the files that couldn't be saved; no need to tell
the user something they already know by that point.
Change-Id: I8251a46134342df6b40a6324aa76a5237fde7c93
Reviewed-on: https://code.wireshark.org/review/31298
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
If a particular save failed, always let the user know.
Change-Id: I618e0ff82813cd4249ab7b1714f9a50e095a1ea8
Reviewed-on: https://code.wireshark.org/review/31296
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Limiting the maximum *path* name length is bogus; if the user wants to
store the file in some directory deep under the root (UN*X) or the root
of the drive (Windows), that's their choice - don't prevent them from
saving in a directory with a path longer than some maximum or limit the
file name based on the length of the path leading up to it.
Limiting the maximum *file* name is presumably to cope with, for
example, HTTP objects with a URL that had a very long query component,
so it makes sense.
Change-Id: Idfc7de8124ee80bdd4950341ff2239834eb9f6f6
Reviewed-on: https://code.wireshark.org/review/31295
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have eo_save_entry() use the report_ routines to report errors, so they
pop up a dialog in Wireshark and print an error message in command-line
programs such as TShark. Use it instead of local_eo_save_entry().
Change-Id: I689fd880ff2a31486372374560129ee9d9692b1e
Reviewed-on: https://code.wireshark.org/review/31294
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows taps that can fail to report an error and fail; a failed
tap's packet routine won't be called again, so they don't have to keep
track of whether they've failed themselves.
We make the return value from the packet routine an enum.
Don't have a separate type for the per-packet routine for "follow" taps;
they're expected to act like tap packet routines, so just use the type
for tap packet routines.
One tap packet routine returned -1; that's not a valid return value, and
wasn't one before this change (the return value was a boolean), so
presume the intent was "don't redraw".
Another tap routine's early return, without doing any work, returned
TRUE; this is presumably an error (no work done, no need to redraw), so
presumably it should be "don't redraw".
Clean up some white space while we're at it.
Change-Id: Ia7d2b717b2cace4b13c2b886e699aa4d79cc82c8
Reviewed-on: https://code.wireshark.org/review/31283
Reviewed-by: Guy Harris <guy@alum.mit.edu>
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The third URL works, but let's go https: for it. The other two don't.
Line-wrap another part of the comment while we're at it.
Change-Id: I744770c859b317ace2a71e82f86e2419b6d7ef2b
Reviewed-on: https://code.wireshark.org/review/31276
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Thanks for killing off a bunch of comment mechanisms, not saving the
old comments and placing them somewhere useful, and not even allowing
the Wayback Machine to archive at least some of those sites, Microsoft.)
Change-Id: Ie4258250a0176a56ee33be77604acf43c6886e0f
Reviewed-on: https://code.wireshark.org/review/31274
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Class TrafficTableTreeWidget is used by the conversation and enpoint
dialogs, both of which are subclasses of WiresharkDialog.
Those dialogs use WiresharkDialog::registerTapListener() to register tap
listeners. When the dialog is closed, those listeners are removed by
WiresharkDialog::removeTapListeners().
TrafficTableTreeWidget's destructor tries to remove its tap listener a
2nd time after WiresharkDialog did its cleanup. This causes warnings
Warn remove_tap_listener(): no listener found with that tap data
Don't call remove_tap_listener() from TrafficTableTreeWidget's
destructor. The destructor is now empty and can be removed completely.
Change-Id: I3143fa1c5116203f4a0be791bd4c5f08135aefb0
Reviewed-on: https://code.wireshark.org/review/31259
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add interface name (colon delimited) to SP_DROPS ('D') message so when dropped
packets are outputted, they include the interface name for clarity.
Bug: 13498
Change-Id: I68cdde4f20a574580f089dc5096d815cde5d3357
Reviewed-on: https://code.wireshark.org/review/31218
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap utilities can be Python scripts. Show the files as URLs and
allow double click to open.
Change-Id: I214caa2683896b89fbe6243562eee9b12d4ae217
Reviewed-on: https://code.wireshark.org/review/31221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Arvind Dalvi