Tests are independent and can be run in parallel using pytest-xdist
(https://github.com/pytest-dev/pytest-xdist), document it.
While at it, allow running the tests from other directories.
Change-Id: I3e55c549669f7d59d35cd64eca53680cea6dec2d
Reviewed-on: https://code.wireshark.org/review/26943
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
First mention tvbuff_new_subset_remaining(), as that's good enough for
most uses.
Then mention tvb_new_subset_length(), which is what most of the
remaining cases should use; we weren't even documenting it.
Then mention tvb_new_subset_length_caplen(); we want that to be used
only when *absolutely* necessary.
Change-Id: I57a6c202d4a68b001ddca8bd4c7e1d271eb52ef9
Reviewed-on: https://code.wireshark.org/review/26864
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The original implementation lead to multiple extcap interfaces
being loaded, as well as an error output from the default example.
This fixes both
Change-Id: Icb6fbda7bcb11ed0d14cb683ddcdabdc20a7070d
Reviewed-on: https://code.wireshark.org/review/26773
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Explain the new behavior for reload and version
Change-Id: I80d0f3338ac2e6a588964ce052ed49640155bc71
Reviewed-on: https://code.wireshark.org/review/26754
Reviewed-by: Roland Knall <rknall@gmail.com>
Allow certaing elements to be reloaded upon request. The way
this works is, certain elements can be configured to be reloadable.
By doing so, the extcap is asked once more just for the values
list of this item, together with all already set options, and
reloads the available options depending on the response.
Only supported for selector. Radio and Multiselect will need
additional patches, also moving those parts outside of extcap_argument.cpp
might make sense before hand.
Change-Id: I2e9e3d109b334bf878835a7cc9354f468bc22dee
Reviewed-on: https://code.wireshark.org/review/26223
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Add an optional argument to extcap-version, which tells the utilities
the wireshark version and therefore allows them to handle different
versions differently.
If no version is provided, the utility has to assume it is dealing
with a Wireshark 2.x version (default behavior).
Change-Id: I51658300f28f503ca8050d204b73749f1a54df16
Reviewed-on: https://code.wireshark.org/review/26752
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Otherwise the utility no longer works for Python 2.
Change-Id: Ibe2f09d26887603a971185253aeaf2521875770d
Reviewed-on: https://code.wireshark.org/review/26751
Reviewed-by: Roland Knall <rknall@gmail.com>
Run 2to3. Convert our payload to bytes. Switch from tab to 4-space
indentation as described in PEP8, which fixes a "TabError" message.
Change-Id: Ic20b6bc1fc1a945758c8be1bb54435f3326fb605
Reviewed-on: https://code.wireshark.org/review/26744
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Update invalid description for tvb_get_nstringz() and
tvb_get_nstringz0().
Change-Id: I03483bc1a2aa5a701b44cd895b91289716ef215d
Reviewed-on: https://code.wireshark.org/review/26598
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
Add mmdbresolve, a utility that reads IPv4 and IPv6 addresses on stdin
and prints resolved information on stdout. Place it under a liberal
license (MIT) so that we can keep libmaxminddb at arm's length. Add
epan/maxmind_db.[ch], which spawns mmdbresolve and communicates with it
via stdio.
Migrate the preferences and documentation to MaxMindDB.
Change the IPv4 and IPv6 asnum fields to FT_UINT32s. Change the
geographic coordinate fields to FT_DOUBLEs.
Bug: 10658
Change-Id: I24aeed637bea1b41d173270bda413af230f4425f
Reviewed-on: https://code.wireshark.org/review/26214
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
IIRC this was used to generate a list of display filters for the User's
Guide. We stopped doing that a long time ago.
Change-Id: Ib18f3982169ebda133f05e5fcad4083f75051286
Reviewed-on: https://code.wireshark.org/review/25907
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Try to do a better job of explaining the behavior with various
combination of options. There are a lot of different output options,
and combinations of those options, for TShark; try to cover more of them
- it's complicated.
Consistently refer to command-line "options" rather than "flags".
Change-Id: Idbe6d22a07920789b3d5ed46a700e654a5ac0ae3
Reviewed-on: https://code.wireshark.org/review/25902
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The plugin.c generation in an autotools build comes in from an included
Makefile.am file. The various types of plugins need different parameters
for the generation script. Put the plugin.c production rule is a seperate
include file so each plugin type build can include its own variant.
Also amend the README.plugins file with regards to the new directory
structure and the fact that there are multiple types of plugins, not just
dissector plugins.
Change-Id: I3a815d0d767baa555356cf428861b18697401355
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/25398
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Reviewed-by: Michael Mann <mmann78@netscape.net>
At one point, I remember a discussion resulting in the official name of
the next-generation replacement for pcap format being changed to
"pcapng", with no hyphen.
Make Wireshark reflect that.
Change-Id: Ie66fb13a0fe3a8682143106dab601952e9154e2a
Reviewed-on: https://code.wireshark.org/review/25214
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use SetConsoleTextAttribute to reset our colors on Windows. Update the
release notes and man page.
Change-Id: I2bc309787f9c2331324503092bd1c9ae6360eb55
Reviewed-on: https://code.wireshark.org/review/25170
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The sample dissector was inconsistent with the definition of
expert_field_info in epan/expert.h.
Change-Id: I533537e52bbcfa7f0cd7ff42e4233f17f40f8bab
Reviewed-on: https://code.wireshark.org/review/24902
Reviewed-by: Michael Mann <mmann78@netscape.net>
plugin_ldadd was removed in 262a84c384.
Change-Id: I516aa1be3466433bf8db83ab3d1773bf88082e8c
Reviewed-on: https://code.wireshark.org/review/24850
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Micro version bump for mate to homogenize it between CMake and autotools.
The cmake macro doesn't handle the "a" suffix and it doesn't seem worth
implementing.
Change-Id: Ib022c6aa170623b83a9700e4fa098c60a9cddfab
Reviewed-on: https://code.wireshark.org/review/24847
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
plugin.rc is Windows specific, also add condition to reflect that.
Change-Id: Ibbb7dab77dd1f277e2302c8f931218ca433f8c72
Reviewed-on: https://code.wireshark.org/review/24833
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Put different types of plugins (libwiretap, libwireshark) in different
subdirectories, give libwiretap and libwireshark init routines that
load the plugins, and have them scan the appropriate subdirectories
so that we don't even *try* to, for example, load libwireshark plugins
in programs that only use libwiretap.
Compiled plugins are stored in subfolders of the plugin folders, with
the subfolder name being the Wireshark minor version number (X.Y). There is
another hierarchical level for each Wireshark library (libwireshark, libwscodecs
and libwiretap).
The folder names are respectively plugins/X.Y/{epan,codecs,wiretap}.
Currently we only distribute "epan" (libwireshark) plugins.
Change-Id: I3438787a6f45820d64ba4ca91cbe3c8864708acb
Reviewed-on: https://code.wireshark.org/review/23983
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Currently more autotools than CMake.
Change-Id: I167f0bdd49d70d72f6155a4d978975c034ce3b4a
Reviewed-on: https://code.wireshark.org/review/24773
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: I728091998c531c992aa1b741b03e653460a0e77f
Reviewed-on: https://code.wireshark.org/review/24499
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
This sets the scope of the static build option to Wireshark support
libraries only.
Before the patch:
Static plugins don't work with CMake and autotools.
autotools static build is broken, and most likely will always be, as
building Wireshark all-static is difficult and time-consuming.
After the patch:
For CMake Wireshark will be built with static or shared libraries and
dynamic plugins. Everything just works. CMake apparently doesn't want
you building static and shared libraries at the same time.
For autotools Wireshark will be built with shared libraries by default.
--disable-shared and --enable-static options work as usual. Dlopened
plugins are not built if --disable-shared is given to configure (to
disable shared libraries). This is a limitations imposed by libtool.
Tested on Linux. This removes broken support for building plugins
statically.
Change-Id: Ib8e8176976f136eea93a2ce8f9857b6cf9bec64c
Reviewed-on: https://code.wireshark.org/review/24241
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Replace the GPLv2+ blurbs in the doc and docbook directories with SPDX
headers as appropriate. This includes example code such as
packet-PROTOABBREV.c.
Remove dfilter2pod.pl and dfilter2xml.pl. We haven't used them since
2010.
Change-Id: I4adec02a9a4bc3e71e32bdf89f2754edaf696938
Reviewed-on: https://code.wireshark.org/review/24343
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
After other changes, add info about -G help
and update output from -G dissector-tables.
Change-Id: I339d5c31a606720ef92e641e59ec5a45114321a8
Reviewed-on: https://code.wireshark.org/review/24188
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Convenience function to add the same parameters to find_conversation as
find_or_create_conversation.
Change-Id: I3a92541cb9c1e827a9de8248825636debbd989cd
Reviewed-on: https://code.wireshark.org/review/24118
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move The Slowest Migration In The History Of Ever a little further
along.
Change-Id: Ib8b49708e7036dd412a7ffc8660ded9f681374c0
Reviewed-on: https://code.wireshark.org/review/24006
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Modeled after BASE_PT_XXX, this will format a FT_UINT24 to look a OUI, in the form of:
XX:XX:XX (Manufacturer Name) for display.
For display filtering, it will treat the value as hexadecimal.
It requires that FT_UINT24 be the field type.
Change-Id: I8716ae4dfcd4e854764a2425e2ff13c50f571d52
Reviewed-on: https://code.wireshark.org/review/23869
Reviewed-by: Richard Sharpe
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We don't need to be this strict for bundled plugins about following
the GNU Coding Standards.
Change-Id: I18ed1b81d428eea15ea387102823f588287daf81
Reviewed-on: https://code.wireshark.org/review/23918
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Currently, the Elasticsearch output exports the packet details and,
if -x is specified, the raw hex data.
This change adds the option of exporting the packet summary as well.
The default stays the same (packet details only), but now the existing
-P switch turns on printing of the packet summary. It also turns off
printing packet details, which can be turned back on with -V to print
both, and combined with -x to print all three: summary, details and
raw hex.
The packet summary is especially useful when exploring and visualizing
the data in Kibana, e.g. by displaying the summary "Info" field/column
in a table, as in the Wireshark GUI.
Change-Id: I2030490cfdd905572397bc3d5457ba49d805a5c4
Reviewed-on: https://code.wireshark.org/review/22716
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ptvcursor_add_ret_uint
ptvcursor_add_ret_int
ptvcursor_add_ret_string
ptvcursor_add_ret_boolean
Change-Id: I41fa91b1ab805778d34a61215830b12a1331e864
Reviewed-on: https://code.wireshark.org/review/23895
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
tcpdump just got a --print option, which causes packet information to be
printed even if the raw packets are being saved to a file with -w. We
have -P for the same purpose; make --print another name for it.
While we're at it:
document --help and --version;
just speak of -P/--print as causing printing even of the packet
details, even though -V forces printing with -w, for consistency
with how --print is documented for tcpdump;
fix the description of -h/--help.
Change-Id: Idf650a202a09a2d1682edbd9d76123f1b1412b55
Reviewed-on: https://code.wireshark.org/review/23888
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Only plugins built for the same feature release (X.Y) are assured binary
compatibility. Make sure we don't try to run unsuitable code and, if so,
warn the user. This might happen for example if the user manually copies
a binary plugin to the wrong folder, intentionally or by accident.
I'm using "release version" to loosely mean not a patch release
(i.e: a feature release).
Change-Id: I896e9cbbd2d3843623fff6af8ef51002ec06f1f8
Reviewed-on: https://code.wireshark.org/review/23807
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Print the SHA256, RIPEMD160, and SHA1 hashes for each file instead of
SHA1, RIPEMD160, and MD5. SHA256 seems to be the preferred file hashing
algorithm these days and MD5 is actively discouraged. Note that we might
remove SHA1 (which is also discouraged) as well.
Change-Id: I74d972ae5f3484c83175cd3f3c7a55f99c171e20
Reviewed-on: https://code.wireshark.org/review/23761
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add flow graph functionality to tshark through -z option.
Output is same as ASCII format saved from GUI.
Change-Id: Iee0bfea7215858e6488b4728581be28287e9ea1a
Reviewed-on: https://code.wireshark.org/review/23652
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add support for extcap control pipes on Windows.
Improved read loop in InterfaceToolbarReader.
Delay opening control pipes until extcap has opened the fifo pipe.
Make extcap_example.py work on Windows.
Bug: 13833
Change-Id: I4b47d25452637759b8a3be53be48eee5365bc0e4
Reviewed-on: https://code.wireshark.org/review/23211
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
pcap provides a pcap_set_tstamp_type function, which can be used to request
hardware timestamps from a supporting kernel.
This patch adds support for aforementioned function as well as two new
command line options to dumpcap, wireshark and tshark:
--list-time-stamp-types
List time stamp types supported for the interface
--time-stamp-type <type>
Change the interface's timestamp method
Name choice mimics those used by tcpdump(1), which already supports this
feature. However, unlike tcpdump, we provide both options unconditionally.
If Wireshark was configured without pcap_set_tstamp_type being available,
--list-time-stamp-types reports an empty list.
Change-Id: I418a4b2b84cb01949cd262aad0ad8427f5ac0652
Signed-off-by: Ahmad Fatoum <ahmad.fatoum@siemens.com>
Reviewed-on: https://code.wireshark.org/review/23113
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert the contents of the top-level README to Markdown and give it a
.md extension. Most of our documentation is plain text or AsciiDoc, but
the top-level README file in a Git repository is special in that many
online browsers will show the README contents along with the directory
listing and those browsers tend to favor Markdown. This is true of
GitHub (which we're currently mirroring to), Gerrit via its Gitiles
plugin (which we're not yet using but likely will), and other places.
Add "foreign" to AM_INIT_AUTOMAKE. There is probably a joke to be
made here about the FSF and border walls.
Change-Id: I87c306d74864e1f0a432225b160a1b4483ee946c
Reviewed-on: https://code.wireshark.org/review/23049
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adjust the following CMake and Autotools behaviors in order to
synchronize their respective install behaviors:
- Disable tfshark by default in CMakeOptions.txt
- Add profiles/Bluetooth/preferences to Makefile.am
- Add missing captype and ciscodump entries to doc/Makefile.am
- Install help/faq.txt on all platforms in CMakeLists.txt
- Add BUILD_corbaidl2wrs, BUILD_dcerpcidl2wrs, and BUILD_xxx2deb
options to CMake and use them to adjust the corresponding parts
of the build.
- Pull the DCERPC idl2wrs build steps into the top-level
CMakeLists.txt.
This change doesn't sync everything. Some installed content still
diverges, including the following:
- CMake installs a bunch of modules into lib/wireshark:
FindGLIB2.cmake
FindWireshark.cmake
FindWSWinLibs.cmake
LocatePythonModule.cmake
UseAsn2Wrs.cmake
UseMakeDissectorReg.cmake
WiresharkConfig.cmake
WiresharkConfigVersion.cmake
Do we need any or all of these? If so, should the Autotools behavior
be synced accordingly?
- Autotools installs libtool .la files. It also installs
wireshark-gtk.desktop unconditionally.
Change-Id: I7846efe08f7139c31b6ceca6f08a1fa5168b3e22
Reviewed-on: https://code.wireshark.org/review/23041
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Peter Wu