It requires some "extra work" to get it to work properly. Despite
documenting it, some previous use cases didn't do the extra work.
Let's just see how we get by without it.
Change-Id: I31dba1d5038d793085f6c9e4b4a6eda574e86872
Reviewed-on: https://code.wireshark.org/review/15610
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Also add a length parameter to wtap_optionblock_set_option_string
Change-Id: I8c7bbc48aa96b5c2a91ab9a17980928d6894f1ee
Reviewed-on: https://code.wireshark.org/review/15505
Reviewed-by: Anthony Coddington <anthony.coddington@endace.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
rawshark shouldn't be converting FT_ and BASE_ values into strings on its own, there's a function for that.
Change-Id: Ib4ce1651ee130a03644b5de3ab471333444e19a9
Reviewed-on: https://code.wireshark.org/review/15341
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use libSSH 0.7.2 compiled with MinGW(32|64) and linked with zlib and gcrypt support
Change-Id: I7c17d1ba3dd1890e2f83c119f5ea851834807e43
Reviewed-on: https://code.wireshark.org/review/12117
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows keeping the code-sharing with the static linking.
This "fixes" a hypothetical ABI mismatch with wsutil and avoids pulling more
external dependencies to wsutil than strictly necessary.
A nice side-effect is that libwsutil no longer depends on version.h.
Follow up to f95976eefc.
Change-Id: I8f0d6a557ab3f7ce6f0e2c269124c89f29d6ad23
Reviewed-on: https://code.wireshark.org/review/15002
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Dissector and heuristic tables now setup protocol dependencies.
"Manual" dependencies in separate patch.
Ping-Bug: 1402
Change-Id: I8da1239306de8676dcb05f8807914376816fc44f
Reviewed-on: https://code.wireshark.org/review/14447
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bluetooth Specifications specify properties of every characteristics
(read, write, indicate, notify, write without response, signed write etc.)
Check it and add expert info about invalid usage if detected use of wrong
opcode with the characteristic.
Change-Id: I98ad8280b9ee65b4015a021e732ea748cc9e7a83
Reviewed-on: https://code.wireshark.org/review/14313
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
This was inspired by https://code.wireshark.org/review/9729/, but takes it in a different direction where all options are put into an array, regardless of whether they are "standard" or "custom". It should be easier to add "custom" options in this design. Some, but not all blocks have been converted.
Descriptions of some of the block options have been moved from wtap.h to pcapng.h as it seems to be the one that implements the description of the blocks.
Also what could be added/refactored is registering block behavior.
Change-Id: I3dffa38f0bb088f98749a4f97a3b7655baa4aa6a
Reviewed-on: https://code.wireshark.org/review/13667
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
OTS/OTP is the newset "profile" announced by Bluetooth SIG.
It name describe what it doing: Object Transfer Service/Profile,
so it is something like OPP.
While we are at this move some HID attributes to get right
order in switch-case.
Change-Id: I460963a422c7292b2cabf7e88f32dbd6e8d7051f
Reviewed-on: https://code.wireshark.org/review/13735
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
The proto tree is needed in several cases when using Lua field extractors,
because they fetch values from the tree. Without a valid field extractor
a Lua plugin may misbehave and display wrong column info.
This fixes column issues when:
- Calling resetColumns() in Qt. This involves adding a display filter,
change time display format, change name resolution and other changes
in UI which requires column updates.
- Print summary lines.
- Export as CSV and PSML.
Change-Id: Ieed6f8578cdf2759f1f836cd8413a4529b7bbd80
Reviewed-on: https://code.wireshark.org/review/13708
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It adds string-type fields to the protocol tree and returns the value of
the string.
Add the new bitmask-adding routines to the Debian symbol list while
we're at it.
Change-Id: Idaeec44c9cd373588cadce85010f3eaf1f3febb5
Reviewed-on: https://code.wireshark.org/review/13657
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Create a "registration" system for Follow functionality so most of the work can be abstracted into a dissector and GUI can just be responsible for "display".
This also removes the global variables in follow.c to open up multithreading possibilities.
TCP, UDP and HTTP all have the same "tap interface" for Follow functionality (passing a tvb with byte data to "follow"). SSL still has it's own behavior, so Follow structures have to take that into account.
TShark through the Follow registration now has support for HTTP.
The only thing possibly missing is dynamic menu generation to further reduce explicit knowledge of Follow "type" (and rely on registration)
Bug: 11988
Change-Id: I559d9ee1312406ad0986d4dce9fa67ea2103b339
Reviewed-on: https://code.wireshark.org/review/13161
Reviewed-by: Michael Mann <mmann78@netscape.net>
proto_item_get_len() is *not* guaranteed to return a correct value.
Even if there's a non-null tree item, it might be pointing to a "faked"
item; it really shouldn't be used.
So add proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length(), which calculate the real length
themselves and return it through a pointer.
Fix as many places as we straightforwardly can to use them rather than
to use proto_item_get_len(). (There's a Lua API for
proto_item_get_len(), so we keep it around, but we should add Lua APIs
for the new routines, and deprecate the old API.)
Fix ptvcursor_add() to do the same thing that
proto_tree_add_item_ret_length() and
proto_tree_add_item_new_ret_length() do.
Split the TRY_TO_FAKE_THIS_ITEM macros into a macro to check for the
tree being null and to try to fake the item. We don't always use the
former macro, as we might need to do more than just return NULL if the
incoming tree is null (for example, calculating the item's real length
and using it...).
new_field_info() never returns NULL; remove checks for it. The check
for a null tree is done before the calls to new_field_info().
Change-Id: I002a218d1f810c73e0de837e0ac6ebcde21bacec
Reviewed-on: https://code.wireshark.org/review/13139
Reviewed-by: Guy Harris <guy@alum.mit.edu>
[KISS - Keep It Simple, Stupid]
Convert the Follow TCP functionality to use a tap from the TCP dissector that passes the tvb of the payload. This makes things A LOT simpler, but relies on the TCP dissector to make all decisions.
The "tap" logic passes tvb data
1. Before calls to process_tcp_payload
2. Before hf_tcp_segment_data fields (that aren't retransmissions or otherwise handled)
Follow up patches will be necessary to clean up all of the supporting "follow" functionality that is now useless.
Bug: 6925
Bug: 9780
Change-Id: I4e7f5d453519be839de39a109bafa899b9987139
Reviewed-on: https://code.wireshark.org/review/13038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead, prime the epan_dissect_t's tree to look for rtp.ssrc, and
extract that value with proto_get_finfo_ptr_array().
Also, have the filter used to check whether the packet is a candidate
for RTP analysis to check for RTPv2 (and add a check for IPv4 or IPv6
back to the Qt version), and get rid of an unnecessary extra level of
indirection for that string.
In the Qt version, if findStreams() set the error string, don't
overwrite it with a "No streams found." indication, and fix error
handling for the "filter didn't compile" case.
Change-Id: I09d0ea37ccd4806d99e3b6394f2a8a376e974705
Reviewed-on: https://code.wireshark.org/review/13045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This makes RTP Player actually play RTP stream using Qt, too.
Bug: 11918
Change-Id: I9a90f50ceeccc1f298bf1b0a8dcc7a9017107484
Reviewed-on: https://code.wireshark.org/review/12882
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This also moved color.h into color_filters.h
Change-Id: Ic19e27aa1b3ec67e764aa7ee8bbef7b1187bb12e
Reviewed-on: https://code.wireshark.org/review/12831
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
remove redundant HT MCS/rate table. Preparation for duration calculations
that will use this data as well.
Change-Id: Iee4fb2eefb00eaa53a6368eca4ed60f705ff49df
Reviewed-on: https://code.wireshark.org/review/12856
Reviewed-by: Michael Mann <mmann78@netscape.net>
This new extcap is for testing and educational purpose.
It relies on rankpkt-core functions to generate random packets.
Change-Id: If6890f0673545682995a2079458108edc0913b30
Reviewed-on: https://code.wireshark.org/review/11764
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
GTK already has it, but Qt forgot about it, so multi-field custom column
works ok if previously saved in GTK-shark. Invalid validation prevent from
modifying and saving multi-field custom column in Qt version.
While at it, rename "custom field" to "custom fields" to ensure
we think about multi-field custom column.
Change-Id: I99588150ccb38be11b75f5dd5b0f6443e7055ebb
Reviewed-on: https://code.wireshark.org/review/12685
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Capture dissectors could be architected like dissection dissectors, with tables and subtables and possibly using tvbs to pass there data instead of raw byte arrays. This is a first step towards that by refactoring capture_info_packet() to work off of a "capture dissector table"
Registering the capture dissection functions instead of calling them directly also clears up a bunch of dissector header files who sole purpose was providing the capture dissection function definition.
Change-Id: I10e9b79e061f32d2572f009823601d4f048d37aa
Reviewed-on: https://code.wireshark.org/review/12581
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Most of the deregister functions are used internally from Lua
while reloading plugins. Don't export them for others to use.
Change-Id: I919dbfa807f696c38d409ca7206104a0fba1ae65
Reviewed-on: https://code.wireshark.org/review/12508
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This includes:
1. new_create_dissector_handle -> create_dissector_handle
2. new_register_dissector -> register_dissector
3. new_register_ber_oid_dissector -> register_ber_oid_dissector
4. new_register_ber_syntax_dissector -> register_ber_syntax_dissector
Also remove PDU_NEW, SYNTAX_NEW and REGISTER_NEW as there is no need for the distinction anymore.
Change-Id: I82c7de7c8ffeeab3259d1b55bb4afc5f6a1e0329
Reviewed-on: https://code.wireshark.org/review/12491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Ask user during installation if she/he wants to allow regular users
to capture packets
* Fix minor typos in d/control
* Handle upgrades from older versions properly
* Make wireshark depend on misc:Depends
* Sync order of some fields
Change-Id: I608b43cfaa81799f165f4c39734182d41cb1d524
Reviewed-on: https://code.wireshark.org/review/12448
Petri-Dish: Balint Reczey <balint@balintreczey.hu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
with new_ to plain function names without changing all at the same time.
Change-Id: I52682996704ff2472c9830bb62fda2a3cbef6589
Reviewed-on: https://code.wireshark.org/review/12401
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Both old and new style API existed, just remove the "old" one.
Change-Id: If725e778a0ecad5a431d634ed5c4856b4a281013
Reviewed-on: https://code.wireshark.org/review/12107
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Most of it wasn't used in current Wireshark source anyway.
Change-Id: If395e4e940adc76a2701d226ba4f7c9b17cb795d
Reviewed-on: https://code.wireshark.org/review/12108
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
new_register_dissector will eventually take its place, but that search/replace should be done when all "old style" APIs have been removed.
Change-Id: Ic3fdec67d5761fd72beeca7355f9de617562bb77
Reviewed-on: https://code.wireshark.org/review/12095
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added get_column_tooltip() to use common code in GTK and Qt.
Change-Id: I2f6ce95e2e129752bbb958a28aec6f42aa81be3d
Reviewed-on: https://code.wireshark.org/review/12047
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Check if description (protocol name) and short_name are used before
registering the protocol. This because proto_register_protocol() makes
sure there's not already a protocol with any of the names registered
and duplicates will be reported with a g_error() which terminates the
Wireshark unexpectedly.
Also check if short_name contains valid characters.
Give appropriate error messages.
Bug: 11739
Change-Id: Ib9776a2a3406ae5278ce744defd61864ebed0282
Reviewed-on: https://code.wireshark.org/review/11995
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Some vendors use UUID128 as own services/attributes.
Sometimes they use UUID16 for it too. Support both cases.
Change-Id: I001692b94fcc2f86eafa81012790e9134b0f2a36
Reviewed-on: https://code.wireshark.org/review/11976
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
sshdump is an extcap module that allows dumping from a remote host using an ssh connection.
It goes with the existing extcap plugin interface.
Change-Id: I8987614fdd817b8173a50130812bc643a4833bca
Reviewed-on: https://code.wireshark.org/review/11402
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We just export some UI helpers and the Big Merge Engine.
Change-Id: I60bc8ab167e7100189a9ce60d84c0e4db27b6bda
Reviewed-on: https://code.wireshark.org/review/11689
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Failing postinst has been reported several times under LP#1447893
Change-Id: I196f246b34aa3be9d53f02b4e0092c802effc42a
Reviewed-on: https://code.wireshark.org/review/11693
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Having a single function call to format source-destination port column info serves the
current (and presently only) use case better by having a single place to manage the
display format.
This commit does not introduce any actual formatting changes.
Change-Id: I1d479d0fd5690d12afb47e538057fdc2dd369ca2
Reviewed-on: https://code.wireshark.org/review/11539
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Since ssl_dissector_[add|delete] only take TCP dissectors, remove the parameter and just use it within the "internal" ssl_association_add call.
Change-Id: I0fdf941389934c20cbacf910250e17520614e706
Reviewed-on: https://code.wireshark.org/review/11591
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is hopefully just the first step in getting DCE/RPC dissection to use "standard" APIs instead of homegrown ones.
For starters, it allows Decode As functionality to be less hacky (although incomplete in Qt)
Change-Id: Ia0923a3d8d514ab7acce32e26ee7e08f6e24feca
Reviewed-on: https://code.wireshark.org/review/11468
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In the GTK, there was "colorize" (via context menu using color_dissector_filter.{c,h}) or "not colorize" (via main menu using dissector_filters.{c,h}). In Qt, you have the option to colorize (via context menu using color_dissector_filter.{c,h}) or not colorize (via main menu using color_dissector_filter.{c,h}).
Combine all into "colorize" and convert GTK to use color_dissector_filter.{c,h} in the "not colorize" main menu like Qt.
Change-Id: Ib3ca1c822f5f66ab5b812632d808f7905b328483
Reviewed-on: https://code.wireshark.org/review/11263
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If5897e8137f729503edf2cafb49b2ebeab4716ad
Reviewed-on: https://code.wireshark.org/review/10997
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Do not leak the key and SSID. Note that there are still some leaks in
the GTK UI related to get_wireshark_keys(), but I did not track them
down.
Caught by LeakSanitizer.
Change-Id: I639166e6ea457605d6ae0ebd58e56d7594a7b7db
Reviewed-on: https://code.wireshark.org/review/10860
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Debian packages used to build with parallel build enabled when
debian/rules used autotools but with switching to CMake the
parallel build failed sometimes. Now the CMake based build
system seems to be working for parallel builds, too, thus
it seems to be safe to enable parallel building of .debs again.
Change-Id: I79003bf6c4b74640f24d907b763a5cc3da595e68
Reviewed-on: https://code.wireshark.org/review/10657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Its time has finally come.
Technically I just renamed it to proto_tree_add_text_internal and removed the WS_DLL_PUBLIC (so it shouldn't link outside of epan). It's still (legitimately) used by expert.c otherwise I would have made it static within proto.c (and the rename wouldn't have been necessary).
Change-Id: I9bdf888d5e92bc7b70a3f5461b9297a66d994b80
Reviewed-on: https://code.wireshark.org/review/10594
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
This is further encouragement to not try to manually create a bitstring while formatting a field.
Change-Id: I4efbeb39a210cf1fd26203cd8560859276b333b0
Reviewed-on: https://code.wireshark.org/review/10494
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is intended for use in expert_add_info_format or proto_tree_add_expert_format to get the "base" string to then append additional information, but I'm sure other uses can be found.
Similar to some of the proto_get_xxx APIs, but still only "create as needed".
Change-Id: Ib76e6ed557c2ae41e0a40957a9efa4bf485909da
Reviewed-on: https://code.wireshark.org/review/10420
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add more information about the capture file, and about the interface
descriptions in it. Also remove long-unused g_options code.
Change-Id: I93cbd70fc7b09ec1b8b2fd6c85bb885c7f749543
Reviewed-on: https://code.wireshark.org/review/10073
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Refactor the file merging code by removing the duplicate logic from mergecap.c
and file.c's cf_merge_files(), into a new merge_files() function in merge.c.
Also the following user-visible changes:
* Removed the '-T' encap type option from mergecap, as it's illogical for
mergecap and would complicate common merge code.
* Input files with IDBs of different name, speed, tsprecision, etc., will produce
an output PCAPNG file with separate IDBs, even if their encap types are the same.
* Added a '-I' IDB merge mode option for mergecap, to control how IDBs are merged.
* Changed Wireshark's drag-and-drop merging to use PCAPNG instead of PCAP.
Bug: 8795
Bug: 7381
Change-Id: Icc30d217e093d6f40114422204afd2e332834f71
Reviewed-on: https://code.wireshark.org/review/10058
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It works similar to tcp_dissect_pdus, but only works on a single packet. Intended for protocols that go over TCP and UDP so that they can have a common dissection function.
Will of course, also work on UDP-only protocols with a fixed length header and size.
Used DNP3 as a guinea pig since "multiple PDU support" over UDP was just added.
Change-Id: Ib7af8eaf7102c96b4f8b5c1b891ae2d8f0886f9d
Reviewed-on: https://code.wireshark.org/review/10083
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The default version doesn't use GTK+ any more, so the version we
distribute doesn't have "Categories=System;Monitor;GTK;", and the Debian
version presumably shouldn't put it into category "GNOME".
Change-Id: I4e59026b5c4f26d02e4a96686e339f8d54bdcd1e
Reviewed-on: https://code.wireshark.org/review/10035
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This is initial support for reloading Lua plugins without
restarting the application.
Still todo:
- Deregister FileHandlers
- Support deregister ProtoField with existing abbrev (same_name_hfinfo)
- Add a progress dialog when reloading many plugins
- Search for memory leakages in wslua functions
Change-Id: I48870d8741251705ca15ffe1068613fcb0cb18c1
Reviewed-on: https://code.wireshark.org/review/5028
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
As it turns out we *do* need to free table elements. We also need to
free the tables themselves and clear the table array. Do so.
Change-Id: Ic1c81388eac8f47f74caea0169c79685a83aaff9
Reviewed-on: https://code.wireshark.org/review/9901
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Make pcapng decode options in an NRB during read, and store the comment
option, and write it back out as well. Also make it handle plugin handlers
for unknown options in received NRB(s).
Change-Id: I81863ef8d85cb1c8b5ba6673ba0e562efe77714f
Reviewed-on: https://code.wireshark.org/review/9723
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the boolean flag for using captured DNS packet info for name resolution
to the Name Resolution preferences settings, as it was rather surprising to
disable Name Resolution preferences and still have names being resolved. Also
disble them all if the '-n' command line switch is used, and re-enable it for
a 'd' character in the '-N' option.
Bug: 10337
Change-Id: Ie4d47bab0100db3360cc447cd3e446b2e39aa917
Reviewed-on: https://code.wireshark.org/review/9786
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
This allows for a global place to enable/disable all heuristic dissectors. This removes the need for individual dissector preferences, but those will be removed at a later date. The more important part is the epan code to save/restore the enabled state of the heuristic dissector. The GTK dialog was more for quickly testing the feature (there was already some GTK code in place that started the heuristic dialog tab)
Change-Id: Ie10687505c27a4456c49d5c4c69a5fc5f6394275
Ping-Bug:11152
Reviewed-on: https://code.wireshark.org/review/9508
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Currently reassembly tables are not freed on shutdown. This makes
memleak debugging more difficult due to noise. Support cleanup
routines that can do smarter things.
After this change, "init" routines are not called anymore when
closing files. Further changes should split init routines to
cleanup routines as needed.
Change-Id: Ib0b2cef6dd9c16905259063ac2c2fdfb7e066be6
Reviewed-on: https://code.wireshark.org/review/9135
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib6e5a48fa0b0802c920e68d3dc7d62362818d36b
Reviewed-on: https://code.wireshark.org/review/9465
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add the wireless toolbar to the Qt UI.
Start adding AirPcap support to ui/80211_utils. Add FCS validation
routines to ws80211_utils.
Move a bunch of AirPcap routines that require epan from caputils to
ui/gtk. They were required for driver key management, which we'll
leave to the AirPcap Control Panel in the Qt UI.
Move frequency-utils to wsutil.
Change-Id: I44446758046621d183f5c2ba9f6526bf01e084f1
Reviewed-on: https://code.wireshark.org/review/8910
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Please found it under Bluetooth menu. It shows all devices found
in logs, not only connected, all that its address can be found in
logs. Show if device is local (in most cases: capturing on it side)
and manufacturer and LMP version what should answer the question what
version of Bluetooth is used by Bluetooth device chip.
Also firmware version.
Change-Id: I32e3b7100cdebcaa850b6541de0ab89dff41c0e1
Reviewed-on: https://code.wireshark.org/review/8901
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Change-Id: I6cd3ce90dd3ffe5ebdf5f39f14cb3dabb38c62e9
Reviewed-on: https://code.wireshark.org/review/8009
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Add proto_tree_add_bitmask_value, proto_tree_add_bitmask_value_with_flags and proto_tree_add_bitmask_list to aid in the removal of proto_tree_add_boolean "groupings" as well as "groups" of fields that use proto_tree_add_item with the same offset/len.
This may be able to be optimized later, but the first step will be converting dissectors to use it. A sample conversion of each API is also included.
Change-Id: I53febc7450ad632482f82615a7fa62174f8472c9
Reviewed-on: https://code.wireshark.org/review/8038
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I4ec48067e9ca2cbe88e1cf2e6c9dc1e382379221
Reviewed-on: https://code.wireshark.org/review/7767
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
works as proto_tree_add_item(), but also returns the value of (u)ints
of 8,16,24 and 32 bits length in a 32 bit variable. It's based on Hadriels
previous work.
Change-Id: If3b4b8588b63251f1ee9b954a202acde7c02ce86
Reviewed-on: https://code.wireshark.org/review/7230
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This "encourages" (forces) dissectors to use the bitmask field of the header_field_info structure to get "bitmask formatting" of a field.
other_decode_bitfield_value should be treated the same (eventually eliminated), but there are still replacements to be made in the dissectors.
Change-Id: I8a0d829c3fef2d5e5a588667a259e231bca559e6
Reviewed-on: https://code.wireshark.org/review/7736
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This allows for exporting the SSL session keys for captures which were
decrypted using a RSA certificate, but where the server does not support
session resumption.
To avoid frequent reallocations, the expected length is used as initial
string size.
Tested against a nginx server with ssl_session_cache off.
Note that all keys loaded via ssl.keylog_file are exported, not just the
displayed ones!
Change-Id: Ie3a93d3692885502f46442953fa53303d16672d7
Reviewed-on: https://code.wireshark.org/review/7175
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
This is mostly to reduce tvb_get_ptr calls that were used to pass into get_ether_name.
Some optimizations were made to packet-ieee80211.c in the process of conversion.
Change-Id: I81d3c65d4c09a15237fc287c2e989eb6e6936b1f
Reviewed-on: https://code.wireshark.org/review/7492
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Convert dissectors to using the API where appropriate.
Change-Id: I059582f73a75635d4a0338d02d4c4b212162480b
Reviewed-on: https://code.wireshark.org/review/7296
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Move filter_expression_nuke from ui/gtk to epan and rename it to
filter_expression_free. Call it in prefs_reset along with the other
preference reset routines.
This keeps the Qt filter toolbar from filling up with duplicate
expressions when the profile changes.
Change-Id: I9fae9a7b48944079ea342a126979d9e79af0d22b
Reviewed-on: https://code.wireshark.org/review/7281
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add address_with_resolution_to_str API that returns address string + name resolution in the format %s (%s), first string is resolved name (if available) and second string is raw address string.
Convert AT_FCWWN to using proper name resolution format
First use of address_with_resolution_to_str with field types in proto.c
Change-Id: I2ae77c29a4ffc30bb919fbec00f06629830898c2
Reviewed-on: https://code.wireshark.org/review/7196
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Model get_manuf_name after get_ether_name so that a string (either name resolved or colon-separated bytes) is always stored in a hash table. This will make name resolution of addresses perform a little better because it doesn't have to worry about the wmem_allocator.
Change-Id: If976fe7b0c3f9cd053225096c2ac05418f061af6
Reviewed-on: https://code.wireshark.org/review/7081
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If the UAT file failed a field check, then the user_data pointer may be
empty. As a result uat_save() triggers an invalid write.
(Discovered while working with a dfilter_macros file having duplicate
names for bug 10957, caught by ASAN.)
The second issue fixed in this patch is that the validity of an item is
only calculated when a new record is added. So even if the user edits
the UAT and makes the entry valid, it would not be saved. This is solved
by adding a new uat_update_record() function which got wires up into GTK
and Qt.
Some open-coded g_array_index and UAT[_USER]_INDEX_PTR are also
converted.
Even after this patch, Qt has some issues with UAT handling. In
particular, it saves new, but empty/invalid, items. It also it does not
check individual fields when saving all fields (unlike Gtk). This patch
focused on getting Gtk fixed first so ignores those existing issues.
Change-Id: Ia35cfe9d2b793c65144ae7e29a1ed706b6668d99
Reviewed-on: https://code.wireshark.org/review/7120
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
One use in a GUI function isn't really enough to justify making the structure public.
Change-Id: Ic7dee275ba0a2bd4e19c06702a867417c5624c27
Reviewed-on: https://code.wireshark.org/review/7080
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change name from proto_tree_add_new_bytes to
proto_tree_add_bytes_with_length and other tweaks
pointed by Peter Wu.
Change-Id: I6058c28a74a154e2882e4eb04558bedcede6f508
Reviewed-on: https://code.wireshark.org/review/7039
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Model get_manuf_name after get_ether_name so that a string (either name resolved or colon-separated bytes) is always stored in a hash table. This will make name resolution of addresses perform a little better because it doesn't have to work about the wmem_allocator.
Change-Id: I80f465ae0845290255a659ab63310ac3cc35506e
Reviewed-on: https://code.wireshark.org/review/7075
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
One use in a GUI function isn't really enough to justify making the structure public.
Change-Id: I6d70b9bacbc0fa1898150f59c0c69779a6cd5d51
Reviewed-on: https://code.wireshark.org/review/7074
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This combines the SSE4.2 instructions usage, with pre-compiled
pattern searching usage, for a faster pbrk search method.
Testing against large files of HTTP and SIP, there is about
a 5% performance improvement by using pre-"compiled" patterns
for guint8_pbrk() instead of passing it the search string and
having it build the match array every time.
Similar to regular expressions, "compiling" the pattern match array
in advance only once and using the "compiled" patterns for
the searches is faster than compiling it every time.
Change-Id: Ifcbc14a6c93f32d15663a10d974bacdca5119a8e
Ping-Bug: 10798
Reviewed-on: https://code.wireshark.org/review/6990
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It is a GUI+QT feature that introduce Bluetooth menu and
"ATT Server Attributes" that present all handle+UUID pairs
as table. User may copy cell value, row, selected rows or whole
table within header. On activate user will go to packet that
introduce UUID for specified handle.
Change-Id: If17e53aff5feb89ededc740a595ba5882b90be5e
Reviewed-on: https://code.wireshark.org/review/6911
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Change-Id: Iddd1200e62bf3200cb1a68408378dd9d47120b77
Reviewed-on: https://code.wireshark.org/review/6939
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
These will be used to replace cases where packet-scope isn't valid for val_to_str/val_to_str_ext calls
Change-Id: Ie8a4c423a8608548c837c1ae7edde52c4d728340
Reviewed-on: https://code.wireshark.org/review/6880
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, remove some no-longer-existent functions from checkAPIs.pl.
Change-Id: I2bf11e3ec03a34f9e89d58d560e340d76fd3ddc1
Reviewed-on: https://code.wireshark.org/review/6645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Id336dc16f97a0973754993094aa637813c0ca31c
Reviewed-on: https://code.wireshark.org/review/6604
Reviewed-by: Michael Mann <mmann78@netscape.net>
Thanks to Michael's work, it is now totally unused.
Change-Id: I67b5f7c69535a08f96f449c36c429e2548f4ea11
Reviewed-on: https://code.wireshark.org/review/6505
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I4a803d83844d937804849b2ad3b067381c9b96d0
Reviewed-on: https://code.wireshark.org/review/6448
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It was only used by 1 dissector and that dissector can just use bitmasking in the hf_ field.
Change-Id: I99179356dd7cbfab0c7be1512357a7e4c0eecde6
Reviewed-on: https://code.wireshark.org/review/6390
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adjust any other ep_ related APIs related to the transition.
Change-Id: I961b371c2c4bda557e0f1817705c27eef0dae66c
Reviewed-on: https://code.wireshark.org/review/6388
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I79c613cbdd8dc939dd4c29ebc477fb6eefd5bfc4
Reviewed-on: https://code.wireshark.org/review/6371
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I8aa7d7374db94685fd875cbf358c3bfbc83f3255
Reviewed-on: https://code.wireshark.org/review/6370
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also change bytestring_to_str to match bytes_to_ep_str_punct functionality (limiting byte string size)
Change-Id: Idb958c7f0c203d103629469302b81fa922714f7e
Reviewed-on: https://code.wireshark.org/review/6369
Reviewed-by: Michael Mann <mmann78@netscape.net>
Use wmem equivalent bytestring_to_str
Change-Id: I1ec7509e3adb36ab0f65317459653cb3b4b11af8
Reviewed-on: https://code.wireshark.org/review/6368
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is intended to handle ALL address types retrieved from a tvbuff.
One of the (good) side effects of this function is that it can replace a lot of the "hidden" ep_alloc calls used to allocate memory for the address string.
A few existing "popular" helper tvb_ functions were turned into pure macros calling tvb_address_to_str. Some of the "less used" helper tvb_ functions were just directly replaced with tvb_address_to_str.
Change-Id: I361d991c4ad90142173e63eae02a94d68af3ec43
Reviewed-on: https://code.wireshark.org/review/6333
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I4f1078b20f41800f72a751612703ad0d4c2ae87b
Reviewed-on: https://code.wireshark.org/review/6323
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Almost all instances require using "manual" memory management, but it gets some ep_ calls out of the GUI.
Change-Id: Ifa7303766b08d09442ccf3d7063cbe061578ecd9
Reviewed-on: https://code.wireshark.org/review/6318
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changed all remaining code in wslua that was using emem, to use wmem or
simpler methods.
Bug: 9927
Change-Id: I3d19a770e0fd77d996bdb6b61a76a722cc2bcd55
Reviewed-on: https://code.wireshark.org/review/6109
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I045368a0a91586231fc4b1e2700c2275088b76af
Reviewed-on: https://code.wireshark.org/review/6244
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The routines to get compiler, GLib version, CPU, and memory info are
used only in routines in ws_version_info.c; move them into
ws_version_info.c and make them static.
Change-Id: I58edd18da3301095012d2c7a3c5198e5a7073964
Reviewed-on: https://code.wireshark.org/review/6183
Reviewed-by: Guy Harris <guy@alum.mit.edu>
-z "follow,udp" tshark cli command now supports a stream index
It is now possible to select the UDP stream displayed in Qt GUI (like for TCP)
Change-Id: Ia367f36ea4f60db0fddb997a7e0903c09e172f2d
Reviewed-on: https://code.wireshark.org/review/6083
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I1d258923a7a63539ec8456d3e306bca5016a1e4b
Reviewed-on: https://code.wireshark.org/review/6060
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I40d0c8253743183aecef252040b7dd6742ae5c71
Reviewed-on: https://code.wireshark.org/review/5934
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I8cce9fddbfe950e27e96ea8a5a6d2e0921ff4260
Reviewed-on: https://code.wireshark.org/review/5933
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I5868a40b71a989a3a1522cb091064bb0aaec6daf
Reviewed-on: https://code.wireshark.org/review/5828
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add make-dissector-reg.py to the Debian packages.
Making it possible to generate out-of-source wireshark plugins.
Change-Id: I0bbe5b46205d39e229d31812341540b26a7336d6
Reviewed-on: https://code.wireshark.org/review/5802
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix wrong symbol for proto_tree_add_bitmask_with_flags
Change-Id: I6804aab8f4394653fbeb2b6343d20d43eaa2b93e
Reviewed-on: https://code.wireshark.org/review/5803
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
These files make it possible to use the cmake command find_package(Wirehark) to obtain information about the wireshark installation.
Change-Id: I5af7c4e7b53b99cd473e04905a92bac267cd9b83
Reviewed-on: https://code.wireshark.org/review/5235
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Permit passing TRUE as the parameter during table registration to achieve that
effect.
Use it in RTP media type table.
Bug: 10708
Change-Id: I892fb1a421d349f0c05197dec90f14fc34ad6b97
Reviewed-on: https://code.wireshark.org/review/5695
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add convenience targets for generating the release notes and the NEWS
file. Make sure we don't run multiple instances of a2x + AsciiDoc at the
same time.
Add the docbook directory to the build by default unless we're running
Windows. Explain why we don't yet build docs on Windows. Make each
docbook makefile target optional.
Split the ENABLE_GUIDES option into ENABLE_HTML_GUIDES and
ENABLE_PDF_GUIDES. Add a default "all_guides" target if either is on.
Remove the Debian patch that hacked around the PDF requirement.
Copy ws.css to the docbook build directory. Don't build PDF release
notes. I'm not sure we ever used them and I don't want to install Java
and FOP just to make a release.
Change-Id: Ia2f710000c17f9e0b4b514fd373d9a5902889553
Reviewed-on: https://code.wireshark.org/review/5712
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Have dissectors register their desire to be part of "color" conversation filters and have the GUI use that registered list. GUI actually using API will come in a separate commit.
Change-Id: I5ffe922d97894fe7bf3182056b76ab5839a9461a
Reviewed-on: https://code.wireshark.org/review/5658
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
They are libparse-yapp-perl and libsbc-dev.
Change-Id: I474179bb805acb87f8bf316730d63eb294e10a69
Reviewed-on: https://code.wireshark.org/review/5322
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
It's proto_tree_add_bitmask with the ability to control the data appended to header.
Change-Id: Icce97437ba7cfc9158ec204a837da8db8138424a
Reviewed-on: https://code.wireshark.org/review/5533
Reviewed-by: Michael Mann <mmann78@netscape.net>
It will be reused by CAPWAP dissector (* Rates Message Element)
Change-Id: I60ce12f382a35cdc2747baf23e2e3c30a305a8bd
Reviewed-on: https://code.wireshark.org/review/5640
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* register_tap_ui is removed in a21436eaed
* wtap_read_bytes(_or_eof) are introduced in 670ebda4a6
Change-Id: If815c686d57310f0d87f965b5b5c2a71b651cbad
Reviewed-on: https://code.wireshark.org/review/5465
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This improvement avoids use of deallocated memory (crash) if using a
deregistered field in display filter, color filter, custom column and
other cases when the field is used as "interesting field".
This functionality is currently used in http, imf and ldap preferences.
Also removed unused proto_registrar_n() as this does not work correctly
after deregistering fields.
Change-Id: I043e3bf7a98bd773c9801e712a012d1eab8a7f94
Reviewed-on: https://code.wireshark.org/review/5161
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
Change-Id: I64b18ac20401f93b6162ecc7ec4935f8b78508f7
Reviewed-on: https://code.wireshark.org/review/5009
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: If5b85609d3daaf66cbcc15e3127af4e7f5736e52
Reviewed-on: https://code.wireshark.org/review/4995
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We get rid of the exports file with ws_symbol_export.h, and then we
bring it back with this.
Change-Id: Ic689d20ec8ca5806677e1b52018c8c79b381508f
Reviewed-on: https://code.wireshark.org/review/4335
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure the Qt UI is named "Wireshark" and its executable is named
"wireshark" or "wireshark.exe". Make sure the GTK+ UI is named
"Wireshark 1" or "Wireshark (GTK+)" depending on how much the target
audience is likely to care about UI toolkits. Make sure the GTK+
executable is named "wireshark-gtk" or "wireshark-gtk.exe".
It looks like moving to Qt 5.3 (g978faf3) broke the PortableApps
package. It's likely even more broken now.
Autotools out-of-tree builds also broke on Ubuntu 12.02 (automake
1.11.3) at some point. The first attempt to compile in ui/qt returns
"error: source_file.cpp: No such file or directory". The second attempt
works. Out-of-tree builds work fine on Ubuntu 14.04 (automake 1.14.1).
Tested:
- Nmake builds
- NSIS packaging
- CMake builds (Windows, OS X)
- Autotools build and distcheck
- RPM packaging
To do:
- Test Debian packaging
- Fix PortableApps
Change-Id: I66429870e05fd2d6fc901942477959ed6164fce2
Reviewed-on: https://code.wireshark.org/review/3919
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Use a common set of SVG files for AsciiDoc / DocBook admonition
graphics. Put them in a common directory. According to
http://caniuse.com/svg all common browsers have had SVG support for
a while now.
The graphics themselves were created with Inkscape. If you would like
to refine them further you are more than welcome.
Use variables to assemble xsltproc commands in Autotools and Nmake
while we're here.
Try to update Debian rules to reflect ga92c3fb.
Change-Id: If82647af27a60117c517125dff0aca81c033be72
Reviewed-on: https://code.wireshark.org/review/3206
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Apply the patches printed out when the Debian package build complains,
and then remove the #MISSING indications that correspond to routines we
don't export outside the library (either because we don't declare them
as exported outside the library, because they've been removed, or
because they've been moved to another library).
Change-Id: Iba2d5c5436dabd31d7f84fd400bb78afcb5ee69f
Reviewed-on: https://code.wireshark.org/review/3367
Reviewed-by: Guy Harris <guy@alum.mit.edu>
I thought ws_symbol_export.h was supposed to eliminate API list files.
Apparently it didn't, so we have to update this file every time we add a
new API.
Change-Id: I93dda6ccc992c79d52d2b460e818995e6332f1be
Reviewed-on: https://code.wireshark.org/review/3363
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We went with the whole WS_DLL_EXPORT thing so that we don't *have* to
maintain lists of exported symbols; is there truly no way to automate
the generation of *these* files?
Change-Id: I77f240c77782ed634e4620833f951c4a02fb4390
Reviewed-on: https://code.wireshark.org/review/3083
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The groups are, technically, independent of the notion of a menu, and,
if we have mechanisms by which taps that are not only GUI
toolkit-independent but independent of the *existence* of a GUI can be
registered, they might want to register themselves in a group just in
case they're running in a program that has a GUI.
Also, this might fix the Debian package build.
Change-Id: I29435681e79748fd4f2e0c5ac872cd11f831d172
Reviewed-on: https://code.wireshark.org/review/2830
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Idf07c767587815d2cb2c8c094fd820983302b043
Reviewed-on: https://code.wireshark.org/review/2043
Reviewed-by: Michael Mann <mmann78@netscape.net>
The sync makes CMake the build system for the .deb package
and starts providing wireshark-qt in the wireshark-qt package.
The package structure, i.e. the libraries are shipped in separate
packages is also sync-ed.
Wireshark-qt uses the Qt 4 libraries, but it is easy to switch
it to Qt 5.
Change-Id: I849d18bdb8ca6ebf4072cf1d73d749080ac5dac2
Reviewed-on: https://code.wireshark.org/review/1986
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Balint Reczey <balint@balintreczey.hu>
Tested-by: Balint Reczey <balint@balintreczey.hu>
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add libwsutil to wireshark-dev.files - I'm not sure it's necessary, but
code added to Wireshark has to be able to call routines from libwsutil.
svn path=/trunk/; revision=54655
Remove the 03-preferences patch: there's an ongoing discussion over at Debian
about using xdg-open to open URLs[1] (instead of sensible-browser as this
patch was doing) and anyway xdg-open behaves better for Balint.
Since we'll be using xdg-open, add a dependency on xdg-utils (also suggested
by Balint).
Both changes are untested.
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=172436
svn path=/trunk/; revision=50611
so it applies more cleanly to the modern prefs.c .
Note: I built this patch partially by hand from "svn diff"; hopefully the
Debian stuff likes it.
svn path=/trunk/; revision=50596
Use the PNG versions of the new application icons.
Remove the XPM versions of the Wireshark application and capture icons.
To paraphrase Zoidberg, XPMs are bad and we should feel bad. Remove
xpm_to_widget_from_parent (which we weren't using and likely won't use
in the future).
Replace wiki_24.xpm (which was a GNOME or GTK+ stock icon IIRC) with the
16x16 and 24x24 versions emblem-web.png from GNOME icon theme 2.30.3.
This version was used specifically because it's GPLv2 and later versions
are GPLv3.
Update image/README.
svn path=/trunk/; revision=48565
Michael Mann