If a display filter had been applied during the opening
of the conversation or endpoint dialog, automatically check
the entry for "Limit to display filter" to ensure that
the filtered result is being shown, as expected by the user.
In commit 8c7e3f0d30, the config.nsh.in
was renamed as wireshark-config.nsh.in, and the config.nsh was renamed
as wireshark-config.nsh as well, but the wireshark-common.nsh still
includes the config.nsh, which will cause the packaging failed.
Commit 5cd591129f removes a number
of conversation related functions. Remove them from the debian
symbol list.
The commit also removed the implementation of conversation_hash_exact,
so remove the declaration from the header file.
It's only necessary to check that cap_file_.capFile()->edt is
not NULL if use_stream_index is FALSE.
This prevents failure and an inaccurate error message about the
capture file being invalid when using the spinbox to cycle through
a stream when all packets are filtered out.(E.g., Follow a stream,
append to the filter looking for something, no packets match, try to
go to the next stream.)
CMake 3.19 added support for CMakePresets.json and
CMakeUserPresets.json, which let you prepopulate various configure,
build, and test options. Add CMakeUserPresets.json to .gitignore as
recommended by the documentation and add an example to the Developer's
Guide. CMake uses 2-space indentation; specify that for CMake*.json in
.editorconfig.
Building tfshark is disabled by default in CMake options.
The tfshark code should be continuously tested or removed from the
main repo. It should not be allowed to exist in a broken state.
Add it to the code check job to make sure that it at least compiles.
Convert the address+port conversation code to element lists. Make our
conversation keys element lists. Document more of the conversation API.
Update the Conversation Hash Table dialog to use the new API.
Describe an alternative key type and data structure at the top of
conversation.c.
Allow the endpoint and conversation dialogs to have detachable
tabs. At the same time move the tree functionality to a subclass
to better be able to handle the context menu when detached.
Right now, still a lot of tree stuff is in the tabwidget, but
could be moved to the tree for the future
In a typical setting where int is 32 bits and the type guint8 is 8 bits,
the overflow check in Dot11DecryptDerivePmkFromMsk will automatically
promote the sum of msk_len and *pmk_len to an int. Since int is 32 bits
and guint8 will always be 8 bits, the sum will never overflow.
Therefore, an explicit casting of the sum of msk_len and *pmk_len to
the type guint8 is necessary.
Signed-off-by: Elijah Conners <business@elijahpepe.com>
Some AT commands and responses need context to be parsed correctly.
For example AT+CGMI's and AT+CGSN's responses are arbitrary strings
without "AT+" or "+" prefix (So saving the command is needed).
Another use case is when a command/response is followed by its data in
the following line, like AT+CGML (SMS content's listed in the line after
the "+CGML" line).
The implementation utilizes the USB conversation of the session to
pass information between packets.
Every new packets takes a 'snapshot' of the data stored in the conversation
before starting to parse and re-uses it when parsing & re-parsing of
that packet occurs.
Create Logwolf-specific copies of the various Wireshark NSIS config files
and modify them to install and uninstall Logwolf. There are still a bunch
of rough edges, but the installer works for a test capture I have here.
Retapping can have some side-effects and was done in
an overflowing way. Reducing the number of times retapping
is required and done, and also giving control for taps
reload to TrafficTab
Rename the following build targets, similar to the recent macOS target
name changes:
nsis_package_prep to wireshark_nsis_prep
nsis_package to wireshark_nsis
Rename some NSIS files to reflect that they're specific to Wireshark.
Update the documentation and CI configurations.
Epan plugins init runs before proto_init() to setup for that but there
is also a need to have a routine that runs at the end of epan_init(),
which can do pretty much anything using epan, like runnning tests.
Support merging files with IDBs in the middle of the file.
Use wtap_get_next_interface_description when doing the initial
list of interfaces so that we can correctly get IDBs later.
Note that while IDB merge modes "any" and "none" work as expected, the
default "all" mode can't really work for IDBs in the middle of the file
without adding a two-pass mode. In "all" mode, if there are any such IDBs,
merge them with duplicates iff the interfaces at the beginning of the
files were merged.
Related to #15502 and #16542.
Instead of instantiating CaptureFileDialog with a reference to
the filter (which means allocating a new empty QString when using
it for Save As and Export Packets, which don't use a filter), pass
the filter reference into the open and merge functions.
This plugs a memory leak that happened each time the Save As or
Export Packets dialog was created.
Allow the option to save the data from the traffic dialogs
as raw data and enable it as the default option for 4.0. The
option to display the data with pretty formatting is still
available.
The current model makes it very hard to extend the traffic tables
with new functionality. For instance, having a total view column
additionally to the normal columns when filtered.
This change removes the QTreeWidget and moves to a more generic
approach using QAbstractListModel elements.
It is implemented in thtree parts:
- ATapDataModel implements the basic collection and handling of
the tap data information, as well as updating if new data is
becoming available
- EndpointDataModel / ConversationDataModel handles the display
and representation of the data
- Implementing TrafficTab as a TabWidget which will handle the
adding/removing of new protocol tabs