Rename the following build targets, similar to the recent macOS target
name changes:
nsis_package_prep to wireshark_nsis_prep
nsis_package to wireshark_nsis
Rename some NSIS files to reflect that they're specific to Wireshark.
Update the documentation and CI configurations.
Support merging files with IDBs in the middle of the file.
Use wtap_get_next_interface_description when doing the initial
list of interfaces so that we can correctly get IDBs later.
Note that while IDB merge modes "any" and "none" work as expected, the
default "all" mode can't really work for IDBs in the middle of the file
without adding a two-pass mode. In "all" mode, if there are any such IDBs,
merge them with duplicates iff the interfaces at the beginning of the
files were merged.
Related to #15502 and #16542.
If we do a save with copy, so that we just copied the binary
file, everything in the wtap structure should be the same except
for the filename and the file descriptors, so just change that
instead of closing wtap and reopening it.
The current behavior of calling wtap_open_offline does not work
for files that have blocks (SHBs, IDBs, NRBs, DSBs, ISBs, etc.) in
the middle of the file instead of at the beginning, but we shouldn't
have to waste time rescanning the entire file either.
In the case where a specific file format reader was manually selected,
this will keep the same file format as selected instead of switching to
the auto-detection when opening the copy, just as SAVE_WITH_MOVE already
does and presumably what the user wants.
Update wtap_fdreopen to change the wtap struct's pathname if
wtap_fdreopen is called with a different filename than currently.
Fix#17472
If merge_files_common() is called with a non NULL value for out_filenamep,
that always indicates tempfile mode, even if the tempdir is not set.
A NULL value for the tempdir is handled by wtap_dump_open_tempfile,
which writes to the OS default temp directory.
Only write to stdout if both out_filename and out_filenamep are NULL.
Fixes a crash introduced by commit 1e0d117eb7
when selecting Merge from the GUI and the new temp_dir option is not set.
Add a "section number" field to wtap_rec, with a presence flag, and
provide the section number (0-based) for pcapng files.
Display it (1-based) if present.
This allows the "needs to be reloaded" indication to be set in the close
process, as is the case for ERF; having a routine that returns the value
of that indication is not useful if it gets seet in the close process,
as the handle for the wtap_dumper is no longer valid after
wtap_dump_close() finishes.
We also get rid of wtap_dump_get_needs_reload(), as callers should get
that information via the added argument to wtap_dump_close().
Fixes#17989.
Add asterisks to doxygen generates for existing
supported_block_type comments.
Add < to #define's so that doxygen associates comments
with the #define above, instead of below.
Extract the FCS length information from that field, and reject captures
that have a non-zero "class" field (the 10-bit reserved field that was
once intended to allow other "classes" of link layer type, with class 0
being "LINKTYPE_ values", but the original use case doesn't appear ever
to have been used).
The block is lightweight and doesn't have any options so the create
function doesn't really do anything, but it needs to be registered
so that when systemd journal files are opened, the wtap_block_create()
call works and doesn't segfault. Fix#17875
It's common to put multiple certificates in one RFC 7468 file in order to store
a certificate chain, as described in the introduction to RFC 7468 itself.
Support this usage by presenting each such certificate (or any other encoded
structure - the code doesn't discriminate) as a separate packet.
The new parsing code supports arbitrary line lengths, so update the detection
code to support arbitrary line lengths as well. Instead of probing up to 20
lines, we now try to find the first pre-encapsulation boundary in the first
2048 bytes of the file. I chose this new limit so that it works roughly the
same in practice as the old one (it's equal to 20 lines times 80 characters
per line, rounded to a power of two).
Repeated words were found with:
egrep "(\b[a-zA-Z]+) +\1\b" . -Ir
and then manually reviewed.
Non-displayed strings (e.g., in comments)
were also corrected, to ease future review.
Currently used to define ssize_t on platforms that lack it.
Fix some Windows build errors caused by moving the definition into a
separate header.
Fix some narrowing warnings on Windows x64 from changing the definition
of ssize_t from long int to int64_t.
The casts in dumpcap are ugly but necessary. The whole code needs
to be rewritten for portability, or the warnings disabled.
In wtap_dump_init_dumper(), when constructing a dummy IDB for files
that don't have one, if the tsprecision value is anything other than
the default, then the OPT_IDB_TSRESOL option also needs to be set.
Without it, for a pcapng the timestamps will be written according to the
tsprecision and time_units_per_second values, but when it is read,
the values will be interpreted incorrectly.
It would probably be better if the consistency of these values were enforced.
In addition to setting tsprecision and time_units_per_second, add
the OPT_IDB_TSRESOL option as well, because pcapng expects that to
be set if tsprecision is anything other than the default.
Gerald Combs