Make sure we link each application that calls WSAStartup with ws2_32.lib.
Pass version 2.2 to WSAStartup. Wikipedia says it was introduced in 1996,
so we should be OK.
Ping-Bug: 15711
Change-Id: I431839e930e7c646669af7373789640b5180ec28
Reviewed-on: https://code.wireshark.org/review/33033
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
In ws_pipe_wait_for_pipe() on Windows, the WaitForMultipleObjects() waits
on the pending pipe connection events and process handle. If the process
handle is signalled, then it means that the process did exit without
connecting to the pipes.
The WaitForMultipleObjects() was not waiting on the process handle and thus
if the process did fail without connecting to pipes the Wireshark gui was
frozen for 30 seconds.
This change fixes the freeze by increasing the number of handles, so
WaitForMultipleObjects() is aware of the process handle.
Change-Id: Id13824a60baf4be7795cbe1d5ed1c7932edbff45
Reviewed-on: https://code.wireshark.org/review/33028
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I9b0c6b118b5f866abc969a437bbd9b9a28271bf0
Reviewed-on: https://code.wireshark.org/review/32841
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Creating Job Object named "Local\Wireshark child process cleanup"
results in the job being shared between all Wireshark instances run
within a single session.
When two or more Wireshark instances were running, debug message appeared:
"Could not assign child cleanup process: Access is denied. (5)"
As the child process was not assigned to a job, it was possible that the
child process was still active even after Wireshark did terminate.
This fixes the issue by creating unnamed job object which is not shared.
Change-Id: I59adc2aacff0151802163f155d68cbc8022c1479
Reviewed-on: https://code.wireshark.org/review/32985
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
On Windows, ws_pipe_spawn_sync always leaks 'winargs', and leaks 'argv'
on some error paths. Fix these and refactor the common argument parsing
functionality to reduce duplication of functionality.
Change-Id: I8fa5ca45aec20b53f6fa243b0dd07241a345f7ab
Reviewed-on: https://code.wireshark.org/review/32932
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The function returns a GPid, not a gboolean. Callers (mmdbresolv and
extcap) only assume WS_INVALID_PID to be invalid (as documented).
Change-Id: I40b491272a451f569864fa3259009d6d3fcce772
Fixes: v2.5.1rc0-413-g1a0987904f ("Generalize our process spawning code.")
Reviewed-on: https://code.wireshark.org/review/32933
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The ws_pipe_wait_for_pipe() implementation had multiple issues:
* Use auto-reset events with ConnectNamedPipe (should be manual-reset)
* Leaking event handles
* Not checking return value from CreateEvent()
* Waiting on closed handles
This change fixes all the above mentioned issues.
Bug: 15696
Change-Id: Ia0c389a902655f85eccb0c59288b4a7d49da48c9
Reviewed-on: https://code.wireshark.org/review/32896
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The WIRESHARK_EXTCAP_DIR environment variable is currently only used on
Windows, and on UN*X when not running from the build directory. In order
to avoid copying the sampleif.py test utility to the program directory,
let's prioritize the environment variable over the build directory.
Update the outdated comments while at it, the version directory has been
removed long time ago. (The comments are based on the one for plugins.)
This also fixes the test suite on macOS where the extcap subdirectory is
located in the appbundle directory and not the build directory.
Change-Id: I329bb233b1dd0b9c1422c2ebd60a6455347e1d62
Reviewed-on: https://code.wireshark.org/review/32890
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Callers should not include empty strings in arguments list. Log warning
message instead of silently dropping remaining arguments.
Change-Id: Ia68c7b90cec860e032f81a4008aa005b07ebcfd5
Ping-Bug: 15586
Reviewed-on: https://code.wireshark.org/review/32849
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This significantly reduces the initialization time when system is using
small pipe buffers. No time is lost on periodic process status checks as
WaitForMultipleObjects() returns when the stdout/stderr data was read
and/or when process finishes.
Bug: 14657
Change-Id: I61fabf986577db7102a3136df83d2d92c7156727
Reviewed-on: https://code.wireshark.org/review/32773
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If the PATHEXT environment variable contains .py and extcap is enabled,
then Wireshark did leak 2 pipes for every .py file present in the extcap
directory (regardless if there was .bat wrapper for it or not).
Bug: 15689
Change-Id: Iae402c0075ee8155a7205a59711bbae734da7e9e
Reviewed-on: https://code.wireshark.org/review/32812
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(Routines, so that if we internationalize strings not in the Qt code,
this can return the appropriately translated version.)
Change-Id: I1c169d79acde2f0545af7af2a737883d58f52509
Reviewed-on: https://code.wireshark.org/review/32549
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This helps the developer in the debug phases.
Change-Id: I85558334b5d618219a48a6c00129cd36a6ab0b10
Reviewed-on: https://code.wireshark.org/review/32531
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Add support for decrypting IEEE 802.11 WPA3-Personal / SAE traffic.
SAE uses AES encryption but a different key derivation function (KDF)
making Wireshark fail to decrypt such captures. Also both KDF and
decryption method is determined based only on EAPOL key description
version. This is not enough to figure out that SAE is being used.
Implement the alternative KDF needed to derive valid PTK. Also
implement a function to parse pairwise + group cipher suites and
auth key management type from RSNE tag. Using this new function
together with a number of new cipher and AKM lookup functions
correct KDF for SAE can be selected.
Bug: 15621
Change-Id: I8f6c917af1c9642c276a244943dd35f850ee3757
Reviewed-on: https://code.wireshark.org/review/32485
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set a bigger IO buffer to avoid syscall overhead.
See https://github.com/the-tcpdump-group/libpcap/issues/792
Change-Id: If370da5ab2b70a9d0c925dd7c4c5c135c675c3f6
Reviewed-on: https://code.wireshark.org/review/31326
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
In CMake we only used PROJECT_RELEASE_VERSION to construct our plugin
path, so rename it to PLUGIN_PATH_ID. Use a dash to separate version
numbers on macOS in order to allow code signing and a period elsewhere.
In the C code we only used VERSION_RELEASE to construct our plugin path,
so rename it to PLUGIN_PATH_ID.
Change-Id: I02abc591d7857269e8d47b414b61df4b28a25f2d
Reviewed-on: https://code.wireshark.org/review/32013
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If the JSON output is written in a script tag for a HTML page, be sure
to not to break it.
Change-Id: I1b9ba6a39faf266e8a7bf9befa2899978beb130c
Reviewed-on: https://code.wireshark.org/review/31953
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add locale-independent version that replaces json_dumper_value_anyf for
floating-point numbers. NaN and -/+Infinity are mapped to null.
Change-Id: I8e7856de480b7bcafe77ddd015239e1257768ced
Reviewed-on: https://code.wireshark.org/review/31948
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jakub Zawadzki <jbwzawadzki@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
User guides are installed to doc/Wireshark. Use doc/wireshark instead.
Remove leftover variable CPACK_PACKAGE_NAME.
Change-Id: I9a1d6bdc7d8f0b48c61e43679285d5ba83904a63
Reviewed-on: https://code.wireshark.org/review/31851
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
That's what g_strerror() does, and it means that the caller doesn't need
to free the string (it's kept around, and if another call to
win32strerror() generates the same string, the interned string is
returned).
Change-Id: I564bb700fabe2629131fb1c6468494dd5f5fc9e3
Reviewed-on: https://code.wireshark.org/review/31854
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use FormatMessageW() to get a UTF-16-encoded Unicode error string,
rather than an error string in the local code page, and then convert it
from UTF-16 to UTF-8.
Make it dynamically-allocated, so it's big enough and so that we are
thread-safe. Make the callers free the result.
Change-Id: I217aec5a644fa0176a829f181eb05561cb9d10f4
Reviewed-on: https://code.wireshark.org/review/31846
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Instead of using "$ORIGIN/../lib" just use "$ORIGIN".
Also be explicit in configuring the relative RPATH. We don't want
to assume a default relative path, in case more targets are addded,
out of caution.
Change-Id: I3b7f5e8de7be8bb30aca3b433212113d876c4163
Reviewed-on: https://code.wireshark.org/review/31647
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The new value has been chosen to make room for sharkd packet output
as: proto.c:MAX_TREE_LEVELS * 2 + 10% of additional sharkd overhead.
A new regression test for sharkd has been added that requires more
than 15 levels.
Change-Id: Ie54955c79c50c60b95c99b1a3c472888fc4842ac
Reviewed-on: https://code.wireshark.org/review/31624
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This is more explicit and easier to read with slightly better locality
while using less code.
Also less awkward when the package doesn't fit the narrow package list
expectations.
The ws_find_package() macro doesn't include all the status messages. The
choice was to rely on standard find_package() and feature_summary() output
and be less verbose.
Avoid polluting the CLI build interface. Per target include paths and
macro definitions are preferred.
Because this patch intentionally removes the global CMAKE_*_FLAGS
and include_directories() usage in favor of target properties, some
untested build configurations may inadvertently break because of
missing ${PACKAGE}_INCLUDE_DIRS or ${PACKAGE}_DEFINITIONS. This
required a manual review of dependencies that might have been
incomplete.
${PACKAGE_VAR}_LINK_FLAGS seems to be unused.
Changing the CMake Qt code to use more modern CMake component syntax
is left as future work.
Change-Id: I3ed75252189a6e05a23ed6e619088f519cd7ed78
Reviewed-on: https://code.wireshark.org/review/31496
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
parameter 'argv' not found in the function declaration [-Wdocumentation]
Change-Id: I68262a23e3a6f4b50d8b5e666b92f055feeaf74f
Reviewed-on: https://code.wireshark.org/review/31424
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
parameter 'string' not found in the function declaration [-Wdocumentation]
Change-Id: I8c6fe47e708411e329954a682ea4da10aad348f6
Reviewed-on: https://code.wireshark.org/review/31423
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Found by clang-tidy.
Change-Id: I2f89c6860d591c5c1563b9ca01306bb3d9e5e42c
Reviewed-on: https://code.wireshark.org/review/31359
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by clang-tidy.
Change-Id: I0d324faf494f6b68275d6ff600304f716529778b
Reviewed-on: https://code.wireshark.org/review/31358
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found by clang-tidy.
Change-Id: I5afce9464536cbbaf8f7f84b165d2ef56e166c2e
Reviewed-on: https://code.wireshark.org/review/31357
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Generated code and 256-element lookup table with pycrc
* Combined 2 crc6 functions which both have same poly 0x6f and lookup table
* Using the example file from the bug report,
$ tshark -r ~/Downloads/M1_header_crc.pcapng -V | grep "Calculated CRC"
1101 00.. = Header CRC: 0x34 [Calculated CRC 0x34]
Header and Calculated CRC are now both 0x34 (correct value)
* pycrc settings for generation:
$ python pycrc.py --reflect-in False \
--reflect-out False \
--xor-in 0 \
--xor-out 0 \
--algorithm table-driven
--width 6 \
--poly 0x2f
* To manually check 3GPP protocol header CRCs, use above command with flag
--check-hexstring=<HEADER HEX>
Bug: 14875
Change-Id: I283f52fcae10b2f92f107df6988629d49d692428
Reviewed-on: https://code.wireshark.org/review/31356
Reviewed-by: Ross Jacobs <rossbjacobs@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Newer versions of libpcap define it (due to the somewhat infelicitous
API for "active mode" remote capture, which returns a socket); don't
define it ourselves if it's already defined.
Change-Id: I620576620fd2708ebd503da696e17b472bc20472
Reviewed-on: https://code.wireshark.org/review/31344
Reviewed-by: Guy Harris <guy@alum.mit.edu>
A call to this function means a programming error. g_error makes it
fatal and terminates the program, making the debug easier.
Change-Id: I5c9e82507482733b4d450ed6c3a9fc17fb0fcdca
Reviewed-on: https://code.wireshark.org/review/31310
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Gracefully handle repeated calls of ws_buffer_free on the same buffer to
avoid strange crashes in other new users that allocate a "small" buffer.
The first call to ws_buffer_free would store data pointer in the
'small_buffers' array for reuse and set the pointer to NULL. Result:
(gdb) p cfile.rec.options_buf
$2 = {
data = 0x0,
allocated = 2048, // Oops, not modified!
start = 0,
first_free = 0
}
All users of Buffer (including ws_buffer_free) however asssume that
'allocated' reflects the actual size of 'data'. If this is not the case
(if ws_buffer_free is called again), then a data pointer (NULL!) will be
stored and the next ws_buffer_init request for a "small buffer" will
result in unexpected behavior (including crashes).
Fix the issue by clearing the 'allocated' field as well. Add assertions
to catch such issues earlier rather than crashing at random users of
these buffers (such as frame_tvbuff).
Bug: 15263
Change-Id: I0b491c3fccac8c6fddd43779629343d721638ca9
Reviewed-on: https://code.wireshark.org/review/31278
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
NISO Z39.50 is a protocol used by libraries and library vendors for information retrieval and catalog manipulation. It is defined using ASN.1 using BER encoding. It has an assigned TCP port of 210. This is an initial implementation.
Features:
- The Z39.50 standard OIDs are defined.
- The bib-1 attribute set is decoded.
- The bib-1 diagnostics are decoded.
- Some OCTET STRINGs which are nearly always printable ASCII are special-cased.
- The MARC (MAchine Readable Cataloging) format is decoded. Only the MARC21 variant is
currently handled, but this is one of the most common variants. The most common tags
are decoded. The MARC dissector is included in the Z39.50 dissector, but the code is
structured in such away that it could be pulled out.
Todo:
- Add information to the Wiki about Z39.50.
As part of this work, the definition of isdigit_string() was fixed to avoid const complaints.
Change-Id: I29a7db53375ef8be83738a1ab98707761d878717
Reviewed-on: https://code.wireshark.org/review/31209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Print warnings to help with debugging. Add Jakub (author of
json_puts_string).
Change-Id: I8bf039afc21357e97accb2a9abf9378735af12eb
Reviewed-on: https://code.wireshark.org/review/31041
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Setting LIBRARY_OUTPUT_DIRECTORY to Wireshark.app/Contents/Frameworks
for each of our libraries ends up installing a fully versioned .dylib
along with soversion and unversioned symlinks, which is more than we
want and which wastes disk space when osx-app.sh dsymifies our
libraries.
Leave LIBRARY_OUTPUT_DIRECTORY unset and depend on osx-app.sh to copy
our libraries into place.
Bug: 15361
Change-Id: If0fbaa796b4be806e2aa13887e511a330fe55df5
Reviewed-on: https://code.wireshark.org/review/31139
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This is needed for ek json compatibility.
Change-Id: I75c74a1dc7996f3f4c17071508655ae6e3c6b94c
Reviewed-on: https://code.wireshark.org/review/30993
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Allow the function json_puts_string() to be called with the NULL
argument that translates to 'null' json object.
Change-Id: I3d2aafad446962d3342ab30b9d509f054d393c64
Reviewed-on: https://code.wireshark.org/review/30978
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Rename DATAFILE_DIR to be closer to CMake and avoid mixing
with the staging dir path variable of the same name.
Change-Id: I7b1e02152d8bde14cca210fbfae4acbdba7d78d7
Reviewed-on: https://code.wireshark.org/review/30916
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Fixes an issue where sometimes datafile_dir is not freed
before exiting.
Change-Id: I2ff7d1b8ea4e20a1ce98e5e11965073eb479bb03
Reviewed-on: https://code.wireshark.org/review/30909
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap executables require libwsutil.dll from the program directory.
These were loaded by setting the PATH environment variable, but this
is not thread-safe (and caused sporadic tests failures as a result).
Use SetDllDirectory instead, this also prevents loading DLL files
from arbitrary directories in PATH.
To make this work, the search logic for Npcap has to be modified to
avoid relying on SetDllDirectory. This implies that Npcap cannot be
used on Windows 7 anymore until KB2533623 (July 2011) is applied.
Change-Id: I3fc42ff76e75ae162b6dd31103451fb8f71c09e6
Reviewed-on: https://code.wireshark.org/review/30804
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
libwireshark and libwiretap have their INTERFACE link dependencies
changed to the required set.
libwsutil keeps a default public visibility. Further work may
show some unneeded link requirements.
The executable dependencies are adjusted accordingly.
Change-Id: I3a534f72403819cac136ae47a3d80acee76e0fb3
Reviewed-on: https://code.wireshark.org/review/30815
Reviewed-by: João Valverde <j@v6e.pt>
The deadlock can be observed with a slow malloc implementation, e.g.
ASAN_OPTIONS=fast_unwind_on_malloc=0 tshark --version
(This calls extcap_run_all which uses threads and ws_pipe_spawn_sync.)
Change-Id: Iff329c465c53ed177980368cd645f59222f88dd3
Reviewed-on: https://code.wireshark.org/review/30777
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
While at it prefer to use add_definitions() instead of config.h. This
puts all definitions in the same place and limits the scope to the
respective wsutil API.
Change-Id: Idc30914220b876865e0ae47709e6f17eb9b0fc2c
Reviewed-on: https://code.wireshark.org/review/30782
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Install headers to support plugins development on Windows.
Change-Id: I3161bd2f730edf62ab44fee6ce4fedbb9aee0d31
Reviewed-on: https://code.wireshark.org/review/30776
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
This avoids an unnecessary explicit cast. For clarity, rename the
working directory argument to match g_spawn_sync.
Change-Id: Idf7072cd590e686294d953f77da2a52c861a89c0
Reviewed-on: https://code.wireshark.org/review/30763
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
When Wireshark uses a synchronous spawn (e.g., to launch an extcap)
it would be nice to be able to see what command line is constructed
to launch the process, and to see what comes back. The output will
go to the g_log.
Change-Id: Iec6baeebc026cd80398084c9644fc916ab068e2f
Reviewed-on: https://code.wireshark.org/review/30475
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
JSON-GLib was added in v2.9.0rc0-201-g511c2e166a, but is no longer
necessary since we have a home-grown JSON dumper (wsutil/json_dumper.h).
Remove the remaining traces and additionally remove GObject from
FindGLIB2.cmake since it was only added for JSON-GLib.
Change-Id: If9dfd2c60cec130f98109d100bdb6618bde06ba0
Reviewed-on: https://code.wireshark.org/review/30733
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The (optional) JSON-GLib library adds dependencies on GObject, GIO. For
statically linked oss-fuzz builds it also adds libffi and more. To avoid
these dependencies, replace JSON-GLib by some custom code. This allows
`tshark -G elastic-mapping` to be enabled by default without extra deps.
API design goals of the new JSON dumper library:
- Small interface without a lot of abstraction.
- Avoid memory allocations if possible (currently none, but maybe
json_puts_string will be replaced to improve UTF-8 support).
- Do not implement parsing, this is currently handled by jsmn.
Methods to open/close array/objects and to set members are inspired by
the JsonGlib interface. The interfaces to write values is inspired by
the sharkd code (json_puts_string is also borrowed from that).
The only observed differences in the tshark output:
- JSON-GLib ignores duplicates, json_dumper does not and may produce
duplicates and currently print two "ip.opt.sec_prot_auth_unassigned".
- JSON-GLib adds a space before a colon (unimportant formatting detail).
- (Not observed, but UTF-8 strings will be wrong like bug 14948.)
A test was added to catch changes in the tshark output. I also fuzzed
json_dumper with libFuzzer + UBSAN/ASAN and fixed an off-by-one error.
Change-Id: I0c85b18777b04d1e0f613a3d59935ec59be87ff4
Link: https://www.wireshark.org/lists/wireshark-dev/201811/msg00052.html
Reviewed-on: https://code.wireshark.org/review/30732
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Rename wsjson_unescape_json_string to json_decode_string_inplace
(inspired by the g_base64_decode_inplace name). Rename
wsjson_is_valid_json to json_validate (inspired by g_unichar_validate).
Ideally json_parse is inlined with its user (sharkd_session.c), but that
requires exporting the jsmn_init and jsmn_parse functions... Hence the
dependency on jsmn.h remains in wsjson.h.
Change-Id: I7ecfe3565f15516e9115cbd7e025362df2da5416
Reviewed-on: https://code.wireshark.org/review/30731
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The modelines says tabs, but the actual indentation is 8 spaces. Let's
change it to match the standard 4 spaces in the top-level .editorconfig.
Change-Id: I2b26b095f5e4f6f8d5d083d41ceaae98f9284fba
Reviewed-on: https://code.wireshark.org/review/30730
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We were not calling TerminateProcess() to stop mmdbresolve.Exe process on
Windows.
Bug: 15248
Change-Id: Ic90cf438a8003a6fefb023b7056984681ce09b46
Reviewed-on: https://code.wireshark.org/review/30449
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make ws_basetostru32(), and the other ws_baseto... routines, public, and
use ws_basetostru32() when parsing ranges, to detect additional errors
such as negative values.
Addresses part of
https://ask.wireshark.org/question/5538/preference-range/.
Change-Id: I00fac97a198a237b01b5cd9406ea32c220f80972
Reviewed-on: https://code.wireshark.org/review/30266
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Check if data is available on stderr before doing a blocking read() to
avoid an infinite read loop when having less data than STDERR_BUFFER_SIZE.
Append data instead of overwrite when doing multiple read() to fetch
available data.
This is a regression from g6a949ed155.
Bug: 15205
Change-Id: I84b232aeafb6123f77f3f5d48bbe89326fe7eb0f
Reviewed-on: https://code.wireshark.org/review/30209
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The purpose of this function is to check if a configuration file exists
and has at least one entry which is not a comment.
Use this when building the list of profiles where the user can copy
configuration from, to avoid listing profiles with empty files or files
with only comments.
Change-Id: If45f52025959818fb1213ffac488cd59441e9fce
Reviewed-on: https://code.wireshark.org/review/30113
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Call it from wmain() in the command-line tools, passing it the input
argument count and vector, and call it from main() in Wireshark, after
getting a UTF-16 argument vector from passing the result of
GetCommandLineW() to CommandLineToArgvW().
Change-Id: I0e51703c0a6c92f7892d196e700ab437bd702514
Reviewed-on: https://code.wireshark.org/review/30063
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Doing so for command-line programs means that the argument list doesn't
ever get converted to the local code page; converting to the local code
page can mangle file names that *can't* be converted to the local code
page.
Furthermore, code that uses setargv.obj rather than wsetargv.obj has
issues in some versions of Windows 10; see bug 15151.
That means that converting the argument list to UTF-8 is a bit simpler -
we don't need to call GetCommandLineW() or CommandLineToArgvW(), we just
loop over the UTF-16LE argument strings in argv[].
While we're at it, note in Wireshark's main() why we discard argv on
Windows (Qt does the same "convert-to-the-local-code-page" stuff); that
means we *do* need to call GetCommandLineW() and CommandLineToArgvW() in
main() (i.e., we duplicate what Qt's WinMain() does, but converting to
UTF-8 rather than to the local code page).
Change-Id: I35b57c1b658fb3e9b0c685097afe324e9fe98649
Ping-Bug: 15151
Reviewed-on: https://code.wireshark.org/review/30051
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use this in profile_exists() and copy_persconffile_profile().
Change-Id: I48728038b086a38822ef71766b23db8050deb464
Reviewed-on: https://code.wireshark.org/review/30027
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With autotools, it was possible that the binary was located in a .libs
directory, but with CMake the executables directory and data directory
are the same (except macOS with app bundles). Use this property to get
rid of the hard-coded build directory. Helps with reproducible builds.
Bug: 15163
Change-Id: I5b8807a03783a9919fba7b0cc83f5c162caa8052
Reviewed-on: https://code.wireshark.org/review/29984
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the ability to specify maximum function counts for each group to
checkAPIs. Add maximum counts for the "termoutput" and "abort" groups
where needed. Show summaries in various checkAPI targets.
Switch uses of ws_g_warning back to plain g_warning.
Change-Id: I5cbddc8c671729e424eed8551f69116d16491976
Reviewed-on: https://code.wireshark.org/review/29721
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Replace ws_base64_decode_inplace() with g_base64_decode_inplace()
or g_base64_decode(), which was introduced in glib 2.12.
The only observed difference is a need for zero-terminate the buffer
after decoding.
Change-Id: Ia102d0d8e9bec575ffeddf448191a3f6de9fb1ed
Reviewed-on: https://code.wireshark.org/review/29382
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
A CMake config-file package provides support for downstreams using
CMake and Wireshark libraries to easily configure the libwireshark
dependency with:
find_package(Wireshark CONFIG [REQUIRED])
target_link_libraries(foo epan)
The FindWireshark.cmake file is no longer needed.
See cmake-package(7) for more details on CMake's package system.
Change-Id: Ie8af1d44417a99dd08d37959f7b2ffca88572ec2
Reviewed-on: https://code.wireshark.org/review/29208
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Change the plugin compatibility check to make it more convenient to
define and check the major.minor Wireshark version.
Change-Id: I2a6d2a746682c29504311cce5c457e0a852c3daf
Reviewed-on: https://code.wireshark.org/review/29224
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
The Remarks section in WaitForMultipleObjects describes what kind of
handles the function can wait for. Pipe handles are not listed there.
The problem was introduced in c18459e66e
While it might be possible to setup overlapped reads on the pipe handles
and then wait on overlapped events, it would result in quite complex
code. As a tradeoff, simply keep peeking at the pipes every 100 ms.
Change-Id: I6ba4f4bf4c1d2af856027cca36ffd6d4f7f49f36
Bug: 14657
Reviewed-on: https://code.wireshark.org/review/29163
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
On Windows the code calling extcap worked as follows:
1. Create stdout and stderr pipes with default buffer size
2. Execute extcap redirecting output to the pipes
3. Wait for extcap process to exit
4. Read the data from stdout pipe
This resulted in deadlock when the extcap wrote more data than the pipe
could buffer. This was especially seen with USBPcap as it is quite
normal to have plenty of USB devices connected.
Fix the issue by contantly reading the stdout data and storing it in
GString. To prevent similar deadlock on the stderr, the stderr data is
being constantly monitored as well (and discarded).
Change-Id: I0f93e6d79617cef0e828aef2b96fad2757227923
Bug: 14657
Reviewed-on: https://code.wireshark.org/review/29159
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The WireGuard dissector will need X25519 to enable decryption, add a
Gcrypt implementation that implements the NaCl/Sodium interface.
While inspired by the MPI example in t-cv25519.c, note subtle but
important correctness/interoperability fixes: add a check for infinity
(gcry_mpi_ec_get_affine) and handle short values from gcry_mpi_print.
The last issue is ugly, perhaps the high level API (gcry_pk_decrypt)
should be used instead (which < 2% slower than this MPI implementation).
(Both issues were found through fuzzing.)
As for alternative options, Sodium is superior but would be a new
dependency. For some older performance and usability notes (comparing
crypto_scalarmult_curve25519_base (note "_base") against others), see
https://lists.gnupg.org/pipermail/gcrypt-devel/2018-July/004532.html
Performance comparison on Ubuntu 18.04 (i7-3770) between Sodium 1.0.16
against Gcrypt 1.8.3 and Gcrypt 86e5e06a (git master, future 1.9.x) by
computing 65536 times X25519(1, 8) via crypto_scalarmult_curve25519:
Sodium (sandy2x): 1.4x faster than ref10
Sodium (ref10): 1 (baseline)
Gcrypt (git): 5x slower than ref10, 7x slower than sandy2x
Gcrypt (1.8.3): 17x ref10, 24x sandy2x (took 65 seconds)
Change-Id: Ia54e73cc3cc469a6697554729aff4edd19f55630
Ping-Bug: 15011
Reviewed-on: https://code.wireshark.org/review/28987
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Or, at least, use them in the libwiretap file-writing code; we can
change other places to use them as appropriate.
Change-Id: I63af2267a22a158ee23f3359b043913dac0e285b
Reviewed-on: https://code.wireshark.org/review/28783
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For better type safety
Change-Id: Ida7b98af8c44a52ddac2c4ab0702db2519a0c4af
Reviewed-on: https://code.wireshark.org/review/28570
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This allows code to initialize them without having to know the details
of the structure; the initializes should, and will, be changed if the
members of the structure are changed.
Change-Id: I93e6ebfcde9ceca17df696fcba4e8410c5afb175
Reviewed-on: https://code.wireshark.org/review/28501
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Adds the Windows 10 (and Server 2016) Release ID to the info in the
About Wireshark blurb.
The ID displayed in parentheses, e.g.
Running on 64-bit Windows 10 (1803), build 17134
Change-Id: I1bbce27e149dbf6da6da7847ad1f7dd861176ece
Reviewed-on: https://code.wireshark.org/review/28475
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove -DBUILD_WINDOWS and sections of code that we no longer use.
Bug: 14715
Change-Id: Iae1a950e2f52f4ce45fcf0ae5dea06c1172c3a28
Reviewed-on: https://code.wireshark.org/review/28466
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Multi-configuration generators (such as Xcode or VS) append the current build configuration to most paths (eg. Debug/Release). Currently this results in inconsistent paths for the application bundle and the included command line tools. This commit sets the correct path information for multi-configuration generators for macOS application bundles. The standard Makefile behaviour is untouched.
One Windows specific configuration was changed, as it was conflicting with these changes. This needs to be checked before merging.
Additionally the wrapper scripts are omitted for Xcode, as the path to the binaries depends on the configuration chosen in Xcode. Therefore it is not viable to create these scripts in the cmake run.
Bug: 11816
Change-Id: Ib43d82eb04600a0e2f2b020afb44b579ffc7a7c9
Reviewed-on: https://code.wireshark.org/review/28291
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
gd2e0724afc moved our library versions into their own variables named
FULL_SO_VERSION. They're no longer used and interfere with
tools/release-update-debian-soversions.sh so remove them.
Fix some shellcheck warnings in release-update-debian-soversions.sh
while we're here.
Bug: 14778
Change-Id: I0eb0bb4ab4c482bdb8a94f8c18aa04c6c83c781b
Reviewed-on: https://code.wireshark.org/review/28068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using an environment variable the user can override the config
directory. Keep the previous Windows-specific variable ("WIRESHARK_APPDATA")
alive for backward compatibility.
Change-Id: I2350b815e60e7dbb19f9c193d7aaaa68f94576b2
Reviewed-on: https://code.wireshark.org/review/27946
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
DWORD on windows is unsigned, then there is no point in checking
for negative values.
Change-Id: I0b03fb19ebdff86e610cd4571fc30c49b7bd1284
Reviewed-on: https://code.wireshark.org/review/27766
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Gerald Combs