Switch from WinPcap's WpdPack SDK to a libpcap package built with vcpkg.
We explictly load wpcap.dll on Windows, so make sure we don't link with
pcap.lib.
Move timestamp code from capture-pcap-util-unix.c to
capture-pcap-util.c. Add timestap routines to capture-wpcap.c and make a
couple of other updates.
Change-Id: If0e3dbeb7378c42ed9e3f91b2f15add95d22a2bb
Reviewed-on: https://code.wireshark.org/review/37905
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove duplication of code.
Change-Id: I7cd1bd73ee9eda962a37468cadb72de291f1ec6a
Reviewed-on: https://code.wireshark.org/review/36432
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2004 called, they want their libpcap/WinPcap back.
RHEL 6 initially shipped with libpcap 1.0; even old Enterprise(TM)
versions of OSes ship with something shinier than 0.7.x these days.
This lets us get rid of a bunch of #ifdefs and workaround code for
missing APIs.
Change-Id: I862cb027418b0a0c0f45a26979acea82f93f833b
Reviewed-on: https://code.wireshark.org/review/36383
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ic5a3653cb8bcc33e0be108c8b201567e7090f9f5
Reviewed-on: https://code.wireshark.org/review/33043
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: João Valverde <j@v6e.pt>
On Windows, if WinPcap isn't installed, warn about that for errors other
than failed attempts to start capturing.
On HP-UX, if we appear to have an old version of libpcap, warn about
that for errors other than failed attempts to start capturing.
If we know the error is a permissions problem, don't make suggestions
appropriate to other problems.
If we know the error is *not* a permissions problem, don't make
suggestions appropriate to permissions problems.
For permissions problems, or possible permissions problems, on Linux,
suggest doing dpkg-reconfigure wireshark-common if you've installed from
a package on Debian or a Debian derivative such as Ubuntu.
Change-Id: If4aac0343095ac0b984eebc21853920c3b6d3c63
Ping-Bug: 14847
Reviewed-on: https://code.wireshark.org/review/28189
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move */ to a separate line below the SPDX identifier.
Change-Id: Id1032215449cfccae0933147b45e04b65e0b727f
Reviewed-on: https://code.wireshark.org/review/27211
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I074d027cd2528b0438015ddd098c9f4f6542090a
Reviewed-on: https://code.wireshark.org/review/23415
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Avoid anachronisms, however; there was no "macOS 10.0" or even "OS X
10.0", for example. It was "Mac OS X" until 10.8 (although 10.7 was
sometimes called "OS X" and sometimes called "Mac OS X"), and it was "OS
X" from 10.8 to 10.11.
Change-Id: Ie4a848997dcc6c45c2245c1fb84ec526032375c3
Reviewed-on: https://code.wireshark.org/review/20933
Reviewed-by: Guy Harris <guy@alum.mit.edu>
AC_CHECK_MEMBER() and AC_CHECK_MEMBERS() use a standard name for the
{structurename} being the name of the structure type, complete with
"struct" if a typedef wasn't used, and with all letters mapped to upper
case, and with {membername} being the name of the structure member, with
all letters mapped to upper case.
check_struct_has_member() lets you choose the name; choose the same name
that the autoconf macros use, and fix the code to check for them.
Change-Id: Ifb3cf65e7e94907ad0a2f8aacca0c21a531f0c5b
Reviewed-on: https://code.wireshark.org/review/18382
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Move the code to open capture devices and get properties of capture
devices there, joining the code to get a list of capture devices.
This lets us do a better job of handling pcap_create() in WinPcap,
including handling both WinPcap with pcap_create() and WinPcap without
pcap_create() at run time, just in case somebody tries using WinPcap 3.x
with a Wireshark built with WinPcap 4.x.
It also could make it easier to use libpcap/WinPcap directly in
Wireshark and TShark, if we have versions of libpcap/WinPcap that run
small helper utilities to do privileged functions, allowing programs
using them never to need elevated privileges themselves. That might
make it easier to fix some issues with running TShark when not saving to
a file (we could avoid the file entirely) and with delays when stopping
a capture in Wireshark (Wireshark could stop writing to the file as soon
as you click the stop button, rather than letting dumpcap do so when the
signal gets to it).
It might also make it easier to handle future versions of
libpcap/WinPcap that support using pcap_create()/pcap_activate() for
remote captures, and other future extensions to libpcap/WinPcap.
Rename some XXX_linktype routines to XXX_datalink to indicate that they
work with DLT_ values rather than LINKTYPE_ values; future versions of
libpcap might use LINKTYPE_ values in newer APIs.
Check for pcap_create() on all platforms in CMake.
Change-Id: Ia12e1692c96ec945c07a135d246958771a29c817
Reviewed-on: https://code.wireshark.org/review/13062
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Leftover crud before I notied that RTLD_NEXT would do what I want.
Change-Id: I5e510e74c65b211e6cc6c300e760869abb399dc8
Reviewed-on: https://code.wireshark.org/review/5121
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The latest Xcode, as of today, has only 10.9 and 10.10 SDKs, which means
that, if we build Wireshark and request a deployment minimum release of
10.6, we'll be building against an SDK in which libpcap has routines
that aren't available in 10.6 and that doesn't use weak linking for
them, so the resulting binary won't actually work on 10.6.
Use the run-time loader to find those routines (currently, only
pcap_set_tstamp_precision()) and call them only if we find them.
On other UN*Xes, we still assume that we'll be running only on the
release against which we were built and newer releases.
Change-Id: Iab20d86fe3be4b299cfb6e25c1f95dc6e1581661
Reviewed-on: https://code.wireshark.org/review/5120
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It just means "pcap didn't give me any interfaces, and didn't report an
error". Hopefully, in the future, there will be pcap APIs that
distinguish between the (admittedly unlikely, these days) case of "there
really *are* no interfaces on which *anybody* can capture" and "you
don't have sufficient permission to capture", and we can report the
latter as an error. (Given that pcap supports more than just "regular
interfaces", though, there are cases where you don't have permission to
capture on those but you have permission to capture raw USB traffic, for
example, so perhaps what's really needed is per-interface indications of
permissions.)
Change-Id: I7b8abb0829e8502f5259c95e8af31655f79d36a1
Reviewed-on: https://code.wireshark.org/review/3169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Gerald Combs