Add a "refresh the local interfaces" method to WiresharkApplication,
which reloads the interface list and emits the "interface list changed"
signal, and invoke it from the Capture -> Refresh Interfaces menu item.
Change-Id: I9641e4b341eb44d773c556691d8bb9dac776ea9d
Reviewed-on: https://code.wireshark.org/review/3195
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't assume that a change to the interface list is from a non-empty
interface list to a different non-empty interface list.
Change-Id: I94054ca0cf2661704aff1869385aa2155c19677d
Reviewed-on: https://code.wireshark.org/review/3193
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The fuzzbot has been upgraded, so hopefully this is no longer necessary.
Change-Id: Ia2d8ae03180c6e0b81a4f7b69b72610d047307ff
Reviewed-on: https://code.wireshark.org/review/3194
Reviewed-by: Evan Huus <eapache@gmail.com>
Nmake 12 seems to be more strict about spaces in commands. Add the
hhc.exe path to PATH and use a bare command instead.
Change-Id: I9fbd9abdabf7f51ac7bac2cbe8d938ae7bb0640e
Reviewed-on: https://code.wireshark.org/review/3192
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I6e0109bc1d1acf200fd0c1a9f8ddd3a3d98f5908
Reviewed-on: https://code.wireshark.org/review/3189
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I589a6ced098d1d224e86386f028c92fc0797164e
Reviewed-on: https://code.wireshark.org/review/3188
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ibeaf5ba5d104e7f9bc9291e83923f8675abf0099
Reviewed-on: https://code.wireshark.org/review/3187
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I342f283bbab3052337e00502769150cf3f4a8800
Reviewed-on: https://code.wireshark.org/review/3186
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I467bfae2db7d3a119b58505b43b3d9bb59615ee9
Reviewed-on: https://code.wireshark.org/review/3185
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
- compute_offset_and_remaining(...) is a little bit faster than
check_offset_length(.., .length_val = -1);
- tvb_find_guint8(), tvb_pbrk_guint8() - both function are limiting data to
MIN((unsigned) maxlength, tvb_len) - do the same with less count of ifs.
Change-Id: I7761d77b6282d800eea94852d5c6543aef4bc7ca
Reviewed-on: https://code.wireshark.org/review/2829
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It was not clear whether the data_len member of StringInfo refers to
the allocated memory (as was done for session_ticket) or the length
of the actual data. This is clarified in a comment. To keep the
invariant "data_len refers to the length of meaningful data", some
code has been moved just in case some intermediate code fails:
- Setting session_ticket.data_len vs tvb_memcpy to session_ticket.data.
- PRF functions would expect the data length as input to a paramter
named "out". This is highly confusing, so another parameter has been
added to signify the requested length, "out_len". This also helps
holding up the invariant.
- For prf() calls, out.data_len does not need to be initialized but
passed as parameter.
Other PRF-related changes:
- Change the PRF functions to return a boolean instead of an int.
- tls_hash: return void as it cannot fail and remove related error
handling from callers. Fix a memleak of label_seed if tls_hash was
successful.
- tls_hash: add comments to clarify its functionality, whitespace.
- ssl3_generate_export_iv could not fail, so make it void. Also added
an out_len param to pass the target length.
- In prf(), replaced if-conditions for SSL version by a switch.
- In ssl_generate_keyring_material, the scope of some variable has been
tightened.
- ssl_session_init: explicitly set data_len to 0. This is strictly not
necessary as the callers have already zeroed out the memory, but that
has not been documented.
Other changes related to master_secret (ssl_save_session[_ticket]):
- Initialize master_secret.data_len to 0 in ssl_session_init as the
master_secret is unusable at that point.
- Remove the hack that tests whether master_secret.data is non-empty.
- Replace hardcoded master_secret length (48) from wmem_alloc0().
- Introduce macro for master secret length, use this in
SslDecryptSession, for parsing from keyfile and converting pre-master
secret to master secret (prf).
- Use (master_secret + 1) to refer to the part after the struct rather
than adding the size manually to a gchar-casted master_secret.
Change-Id: Ie1ea448db54e828b904568224486147a3d962522
Reviewed-on: https://code.wireshark.org/review/3030
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Changes:
- dtls: also support saving session tickets.
- Drop the length check and let proto_tree_add_item throw exceptions
on length errors.
- Use proto_tree_add_item instead of proto_tree_add_uint.
- Drop "TLS" from header field descriptions, the RFC does not name it
as such and DTLS can also use it (a draft is in progress that extends
DTLS with Session Tickets,
draft-hummen-dtls-extended-session-resumption-01).
Change-Id: I11195217368b7200821d11289b1c5870a1ffe637
Reviewed-on: https://code.wireshark.org/review/3029
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I2d2bbc211e98ad24a27c855031f670b7bdbd530e
Reviewed-on: https://code.wireshark.org/review/3162
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
I really don't understand why MSVC would make the result of this computation an
int64 then complain about down-casting to an int16 when *all* of the
participating variables are int16 or smaller...
Change-Id: I2d9c27ac22b51b10e4872a6640881c8d0ec566e7
Reviewed-on: https://code.wireshark.org/review/3180
Reviewed-by: Evan Huus <eapache@gmail.com>
Client/Server hello and Hello extensions are now dissected inside
ssl-utils, no need to export them for the SSL or DTLS dissectors.
Change-Id: I8f2405199f21616743fe74959f07cfa839565527
Reviewed-on: https://code.wireshark.org/review/3022
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Changes to ClientHello dissection:
- Move ssl_find_private_key (and its pre-req, ssl_set_server) outside
ssl_dissect_hnd_cli_hello. It has not really something to do with
dissection, but state tracking and decoder param feeding.
- dtls: add expert info for bad cipher suites len.
- ssl: remove bad cipher suites len text label which is also
available as expert info. Attach expert info to a the length proto
item (which is converted to use add_item instead of add_uint).
- Remove `if (tree || ssl)` since expert info seems not to apply
otherwise (this also needs changes in common and handshake
dissection).
- ssl: remove tvb_ensure_bytes_exist so we can dissect more
compression methods and cipher suites.
- Since DTLS has an additional Cookie field which TLS does not have,
pass these additional header fields through a struct whose type is
defined in ssl-utils.
Change-Id: I41bef04c1c3353e582e30f561d1d246a744e1d60
Reviewed-on: https://code.wireshark.org/review/3021
Reviewed-by: Evan Huus <eapache@gmail.com>
Changes to ServerHello:
- Get rid of session parameter as the SslDecryptSession already
provides a reference to SslSession. Done for the new
ssl_dissect_hnd_srv_hello and ssl_dissect_hnd_hello_ext functions.
- No need to generate the keyring here, decryption is only needed after
ChangeCipherSpec and the keyring will be generated there provided
that there are enough params (cipher, version, master-secret, etc.)
- Get rid of labels and goto in favor of if/else.
- DTLS: SSL_HAVE_SESSION_KEY is implicitly set when
ssl_generate_keyring_material succeeds, no need to set it. Remove it.
- Remove `if (tree || ssl)` since expert info seems not to apply
otherwise (this also needs changes in common and handshake
dissection). (Expert info from the TLS extensions, not the
ServerHello itself.)
Other changes:
- ClientHello: renamed some fields shared with ServerHello.
Change-Id: I466b905d990489e03250bac97bf9d862ff82ce6c
Reviewed-on: https://code.wireshark.org/review/3020
Reviewed-by: Evan Huus <eapache@gmail.com>
Exported PDU may contains (Binary) Logcat, so it is possible to
"export" logcat binary from it.
Change-Id: Ic6607126e739ea3972b46c2bf19f064597d4e970
Reviewed-on: https://code.wireshark.org/review/3001
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
It just means "pcap didn't give me any interfaces, and didn't report an
error". Hopefully, in the future, there will be pcap APIs that
distinguish between the (admittedly unlikely, these days) case of "there
really *are* no interfaces on which *anybody* can capture" and "you
don't have sufficient permission to capture", and we can report the
latter as an error. (Given that pcap supports more than just "regular
interfaces", though, there are cases where you don't have permission to
capture on those but you have permission to capture raw USB traffic, for
example, so perhaps what's really needed is per-interface indications of
permissions.)
Change-Id: I7b8abb0829e8502f5259c95e8af31655f79d36a1
Reviewed-on: https://code.wireshark.org/review/3169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most callers of capture_interface_list() don't expect an error string
for NO_INTERFACES_FOUND, because that's not really an error, it's just a
statement of face (and perhaps an error of 0 should be returned), so
they don't bother freeing the error string, causing a leak.
Instead, have the one place that *did* expect it to return an error
string just put "No interfaces found" itself.
Also, have that place not check for an error string if interfaces *were*
found, as no error code or string is returned in that case.
Change-Id: I9cb8ed7ad22810b23e2251d2833d9b7ab02eec03
Reviewed-on: https://code.wireshark.org/review/3165
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In way too many places in the GTK+ code we wait for the user to do
something wrong, leap out from behind the bushes, yell "AHA!", and hit
them in the face with a herring^W error dialog.
We really need to not do that. We also shouldn't carry that behavior
over to the Qt UI.
If the user shouldn't press a button it should be disabled. Do so for
the "Compile BPF" and "Start" buttons.
Change-Id: Iad9c15951d5ae640ea82ca74d5f0c26e88bd2554
Reviewed-on: https://code.wireshark.org/review/3156
Reviewed-by: Gerald Combs <gerald@wireshark.org>
That better indicates that it reflects changes to the list of local
interfaces on the system, as supplied by libpcap/WinPcap, not to any
other interface list we maintain, such as lists of remote interfaces, or
the list of non-hidden interfaces.
Change-Id: Idf79b365e07f2e3eaa83c105ae9cd7ace54c435e
Reviewed-on: https://code.wireshark.org/review/3154
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Items are sorted by value.
Move common conversation code to ui/conversation_hash.[ch]. Add a
conversation_type_e enum along with convenience functions for fetching
titles, tap names, etc.
We have a single main dialog instead of a main dialog + individual
protocol dialogs. It de-clutters the statistics menu and results in
simpler code. Conversation type tabs can be added and removed within the
dialog itself. The tab list is sticky and saved with the current profile
when the dialog closes. Data can be copied as CSV or YAML.
Add a FilterAction class and a corresponding filterAction slot to
MainWindow. Use it for the Conversations context menu.
Add an addressResolutionChanged signal and related plumbing.
Get rid of the iterator members in the conversation item struct. Update
the GTK+ code accordingly.
Excercise for the reader:
- Update TShark to use the common hash code.
Ping-Bug: 9231
Ping-Bug: 8703
Ping-Bug: 6727
Change-Id: I8728d771fc5b1a85937bed9d898e53c3ecc3a544
Reviewed-on: https://code.wireshark.org/review/2987
Reviewed-by: Michael Mann <mmann78@netscape.net>
Then have the capture interfaces dialog connect only *its* code to
update *its* list of interfaces to ifListChanged, rather than connecting
a routine that then emits interfaceListChanged.
This makes it the responsibility of each widget that displays local
interfaces to connect to the ifListChanged signal.
Change-Id: Iff8e8ca4202c8784eed58c8f05175d986a16baea
Reviewed-on: https://code.wireshark.org/review/3153
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I887000ac2bb273a0cc0c41709e346e1cf52140d9
Reviewed-on: https://code.wireshark.org/review/3149
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I50c1ef94aff4d1067b6561c5a06a397216e49ee2
Reviewed-on: https://code.wireshark.org/review/3148
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I862203c9be0cd10c72599609631629bf976a7a22
Reviewed-on: https://code.wireshark.org/review/3137
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>