Don't try to compile code that uses pcap if you don't have it.
Change-Id: Ifa98b4ff47783f5347cb6e1129bbf4e5cac35aab
Reviewed-on: https://code.wireshark.org/review/21611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
QFont::toString returned the default font (which might be unavailable),
leading to use of non-monospace fonts in the bytes view. Detect the
effective font instead and apply it to avoid this issue.
Add additional logic to invoke font detection when the configured font
is bad (for example, because of the bug or because a font has been
removed in meantime).
Bug: 13638
Change-Id: I8a625cf365c90119caebe8c4deada0df7426e53a
Reviewed-on: https://code.wireshark.org/review/21551
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Jörg Mayer <jmayer@loplof.de>
Reviewed-by: Ahmad Fatoum <ahmad@a3f.at>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The packet details context menu allows you, through the Protocol
Preferences sub menu to manipulate (disable) the protocol dissection
through the Disable <protocol>... option. This opens up the appropriate
dialog and select the applicable protocol.
This fails for protocols which have their can_toggle flag reset (e.g.
the frame protocol). The dialog opens, but the protocol can't be found,
hence the top item is selected.
Instead disable the menu option for protocols which can't have their
enabled state toggled.
Change-Id: Ifa83f656a8ab747f379d3ca0114520e5efed4b67
Reviewed-on: https://code.wireshark.org/review/21494
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- Select one of the capturing interfaces when start capture
- Only send user changed control values when start capture
- Don't show hidden interfaces
- Allow a toolbar with no interfaces
- Renamed button role "reset" to "restore"
- Improved control number validation
- Updated documentation
Change-Id: Icc8d04043c95c1f3ef8d7cdc3b251be4471cba0a
Reviewed-on: https://code.wireshark.org/review/21445
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This makes it easier to copy error messages.
Change-Id: I39284d9b2d716336c6fc4b211e5346abcebf0aee
Reviewed-on: https://code.wireshark.org/review/21326
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
An extcap utility can provide configuration for controls to use in a
GUI interface toolbar. This controls are bidirectional and can be
used to control the extcap utility while capturing.
This is useful in scenarios where configuration can be done based on
findings in the capture process, setting temporary values or give other
inputs without restarting current capture.
Todo:
- Add support for Windows
Change-Id: Ie15fa67f92eb27d8b73df6bb36f66b9a7d81932d
Reviewed-on: https://code.wireshark.org/review/19982
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Packet ranges are used only in the UI; move the packet range stuff into
libui.
Don't pass a print_args_t structure to libwireshark packet-printing
routines, just pass the few parameters they need. Move the declaration
of print_args_t into file.h.
Change-Id: Icff5991eea7d7d56f33b4716105895263d275bcf
Reviewed-on: https://code.wireshark.org/review/21308
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Expand comments while we're at it.
Change-Id: I6dcc791eab1c9e323a9572f3d54720d223bdd64b
Reviewed-on: https://code.wireshark.org/review/21252
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The GTK+ UI performs automatic formatting of the units (us, ms, s) based
on the magnitude of the value (for MIN/MAX/SUM calculations). Internally
the numbers are stored as integers (microseconds).
The Qt UI did not have this formatting feature yet and would therefore
display the values as-is (in microseconds). This patch rescales the Y
value and appends an appropriate label (s, ms or us).
With multiple graphs, rescaling is disabled completely for simplicity
(GTK+ would still try to find an appropriate unit prefix if there are
multiple time graphs).
Bug: 12828
Change-Id: I26ed68fc3497e06ac283a618fee8b673b1b0cf71
Reviewed-on: https://code.wireshark.org/review/21062
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This workaround prevents moving around other columns during drag and
drop and also transfers the sorting order to the new position.
Bug: 13183
Ping-Bug: 13540
Change-Id: I4609c63557bf3abf06ba417ac1b40cac22a82abc
Reviewed-on: https://code.wireshark.org/review/21022
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I35d666a5a9fb5813706c312334f1552703c9475c
Reviewed-on: https://code.wireshark.org/review/21214
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Take cf_close_failure_alert_box() and put it into libui, with the name
cfile_close_failure_alert_box(). Use it not only in file.c but also
in ui/export_pdu_ui_utils.c, ui/gtk/file_import_dlg.c, and
ui/qt/import_text_dialog.cpp where the error we get back isn't
necessarily an errno.
Have ui/gtk/file_import_dlg.c and ui/qt/import_text_dialog.cpp also use
cfile_open_failure_alert_box() on open errors.
Change-Id: I987f339a23ea58609390306a319923e7f92d5c07
Reviewed-on: https://code.wireshark.org/review/21203
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Rename actionViewAdditionalToolbars to menuAdditionalToolbars
because this is a menu, not an action.
Change-Id: I85e45c065f415ffa008792f04127d81283e54b7e
Reviewed-on: https://code.wireshark.org/review/21181
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This is a breaking change.
prefs_register_filename_preference hasn't been differentiating
between files to be saved and ones to be opened.
On GTK, a neutral dialog is used, so no problems there.
On Qt, a save dialog has been always used, even in dissectors that
were reading configuration files without modification.
prefs_register_filename_preference now takes an argument to indicate
whether UI could be a save dialog with a warning on overwriting
a file, or whether it's a general purpose open file dialog.
Qt now does this. Previously no warning was shown on overwriting a file,
so it may be used for opening files too without irritating the user.
This has been changed, as non-destructive reads should now use
the open dialog.
Dissectors were changed accordingly.
Change-Id: I9087fefa5ee7ca58de0775d4fe2c0fdcfa3a3018
Reviewed-on: https://code.wireshark.org/review/21086
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
XXX_prime_with_YYY makes it a bit clearer than does XXX_prime_YYY that
we're not priming YYY, we're priming XXX *using* YYY.
Change-Id: I1686b8b5469bc0f0bd6db8551fb6301776a1b133
Reviewed-on: https://code.wireshark.org/review/21031
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Currently, this is only used to determine whether a protocol tree needs
to be built on the first pass or not - if there are postdissectors that
need fields, it does - but eventually we should be able to use it to
prime the dissection to deliver those fields in cases where we don't
need the *entire* protocol tree (rather than using a hack such as
cooking up a fake tap with a fake filter to do that).
Update MATE and TRANSUM to use it.
Clean up code to check whether we need a protocol tree, and add comments
before that code indicating, in each case, what the criteria are.
The array of postdissectors includes a length, so we don't need to
separately keep track of the number of postdissectors.
Clean up indentation while we're at it.
Change-Id: I71d4025848206d144bc54cc82941089a50e80ab7
Reviewed-on: https://code.wireshark.org/review/21029
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When preferences are modified, these must be marked to ensure that the
"prefs_changed" callback for Lua dissectors is invoked.
Bug: 13536
Change-Id: Ib93b2920ebefbc1532d3c6cd097f802a45ec6f35
Reviewed-on: https://code.wireshark.org/review/21016
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That way, nothing using libwireshark needs to know what settings need to
be loaded, they just call epan_load_settings().
Change-Id: I9390e259e286fc4f5acaeaac2767e4c3c4b656af
Reviewed-on: https://code.wireshark.org/review/20983
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It doesn't belong in libwireshark, as it doesn't affect dissection, but
it *does* belong in libui, as it's helper code for the UIs.
Change-Id: I8a5e0640a299a08e9ec1917dd253197438ebfdbc
Reviewed-on: https://code.wireshark.org/review/20974
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No need to duplicate it in N different programs.
Update comments while we're at it.
Change-Id: I3096cbe5448a19363eff6303bdd54e522dae9336
Reviewed-on: https://code.wireshark.org/review/20973
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It's identical in the GTK+ and Qt UIs, and it should just be done in
libwireshark.
Rename some routines to just speak of enabled_and_disabled_lists, so we
don't have to say enabled_and_disabled_protos_and_heuristic_dissectors
or something such as that.
Clean up indentation.
Change-Id: Ief2e612d9e1b60d8d0123b6bd3409dce5faf6495
Reviewed-on: https://code.wireshark.org/review/20970
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
When switching between packets, the first field at a level would be
selected. This is annoying if you have similarly structured trees (like
TLVs or text labels).
Combined with something like bug 13533, this causes erratic jumping. Fix
this by incorporating the level position in the path.
Change-Id: I998853ce899fffc69dd4932902508141325c35a4
Ping-Bug: 13533
Reviewed-on: https://code.wireshark.org/review/20799
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Avoid anachronisms, however; there was no "macOS 10.0" or even "OS X
10.0", for example. It was "Mac OS X" until 10.8 (although 10.7 was
sometimes called "OS X" and sometimes called "Mac OS X"), and it was "OS
X" from 10.8 to 10.11.
Change-Id: Ie4a848997dcc6c45c2245c1fb84ec526032375c3
Reviewed-on: https://code.wireshark.org/review/20933
Reviewed-by: Guy Harris <guy@alum.mit.edu>
GTK+ supports selecting the first packet (via the "left mouse button")
and the last packet (via the "right mouse button") in an interval, and
Qt supports selecting the last packet of an interval. This patch enables
picking the packet matching the extreme value in Qt.
Bug: 12401
Change-Id: If0b7f2f1bf8c384ea0d68b5f5fae2d1e8b4b0ac2
Reviewed-on: https://code.wireshark.org/review/20769
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Do not assume first graph in the list, pick the first visible graph.
This (1) fixes the tracer which would otherwise show a marker at an
non-obvious position that is not located on the graph and (2) fixes the
GoToPacket action when clicking on the graph.
Bug: 13537
Change-Id: I49d750102ad25c8539aa2e44fe1583cd535dd471
Reviewed-on: https://code.wireshark.org/review/20768
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add ability to display only these HCI commands whose names match specified
filter. Currently only simple filtering is implemented (substring search,
no regex-matching).
Change-Id: I418d3d2d3e7a3b196d5ba05496d31c508e842dec
Reviewed-on: https://code.wireshark.org/review/20880
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
Petri-Dish: Michal Labedzki <michal.labedzki@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Scenario: user selects a field, collapsed tha parent tree and selects
the next packet. Before this patch, the tree would be expanded again,
selecting the child. After this patch, the tree will not be expanded,
instead selecting the tree node that got collapsed.
Change-Id: I7968fca1056a937cf3b399afb6f3089c2d199067
Reviewed-on: https://code.wireshark.org/review/20801
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fixes the following UBSAN errors:
ui/qt/io_graph_dialog.cpp:1720:75: runtime error: load of value 3200171710, which is not a valid value for type 'io_graph_item_unit_t'
#0 0x5611f0b0cd1d in IOGraph::setFilter(QString const&) ui/qt/io_graph_dialog.cpp:1720:75
#1 0x5611f0b737a1 in IOGraph::IOGraph(QCustomPlot*) ui/qt/io_graph_dialog.cpp:1682:5
#2 0x5611f0afb3f3 in IOGraphDialog::addGraph(bool, QString, QString, int, IOGraph::PlotStyles, io_graph_item_unit_t, QString, int) ui/qt/io_graph_dialog.cpp:340:24
#3 0x5611f0af7c19 in IOGraphDialog::IOGraphDialog(QWidget&, CaptureFile&) ui/qt/io_graph_dialog.cpp:289:13
ui/qt/io_graph_dialog.cpp:1818:19: runtime error: load of value 3200171710, which is not a valid value for type 'io_graph_item_unit_t'
#0 0x5611f0b1167e in IOGraph::setPlotStyle(int) ui/qt/io_graph_dialog.cpp:1818:19
#1 0x5611f0b062ee in IOGraphDialog::syncGraphSettings(QTreeWidgetItem*) ui/qt/io_graph_dialog.cpp:420:10
ui/qt/io_graph_dialog.cpp:1872:29: runtime error: load of value 3200171710, which is not a valid value for type 'io_graph_item_unit_t'
#0 0x5611f0b13e6a in IOGraph::setValueUnits(int) ui/qt/io_graph_dialog.cpp:1872:29
#1 0x5611f0b06640 in IOGraphDialog::syncGraphSettings(QTreeWidgetItem*) ui/qt/io_graph_dialog.cpp:422:10
Note that calling setFilter with an empty string is pretty useless,
especially since the filter is initialized later, so remove it.
The choice for IOG_ITEM_UNIT_FIRST is quite arbitrary and needed because
setValueUnits reads the "old" (uninitialized) value.
Change-Id: I32c65a30593cb718b838c0f324e0d1b0eaab90e5
Reviewed-on: https://code.wireshark.org/review/20767
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
While this is one possible way to fix it, it probably is not the "right"
way to do it. I just don't know which one would be right. I regard
several options to be cleaner:
- Remove if_info from interface_t altogether and add the required fields
to interface_t directly.
- Never use device.if_info.name but always use device.name (same with
friendly_name)
- Initialize both fields the same (same with friendly_name)
- Also not nice: device is optically a struct, not a pointer. So into the
function, when we create a new struct (that's where the error "is made"),
the same name continues to be used.
Not improving my confidence into my solution:
- I haven't bee able to figure out why the automated Windows builds don't
crash/assert.
Last but not least: The two qt/gtk functions should probably have their common
core extracted into a common function.
Change-Id: I1b36d1765d1a1ec975927cb5785a1540ba4952f5
Ping-Bug: 13448
Reviewed-on: https://code.wireshark.org/review/20721
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jörg Mayer <jmayer@loplof.de>