cmake_minimum_required() MUST be called even before project(), otherwise
some policies will not be correctly set. On the macOS build on Travis
for example, CMP0025 was accidentally set to "OLD" which resulted in
CMAKE_C_COMPILER_ID being reported as "Clang" instead of "AppleClang".
Change-Id: I20065e621628cde24946edb519d719f527936d87
Reviewed-on: https://code.wireshark.org/review/30685
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using -4 or -6 to set an IP address pair to use in the dummy IP
header it is possible to generate a capture in which the next
layer protocol is undefined. Add a check that an next layer
protocol is always set.
Bug: 15275
Change-Id: Ifef54be7f708a0f168d2067f6f691e2611f25428
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/30683
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
compressed_file_extension shouldn't include the ".", as we insert the
"." before it.
Use it when appending the extension, rather than hardwiring "gz" in two
places.
Change-Id: I89e3ed1df9a8457fdbb6e6386686176816f4671b
Reviewed-on: https://code.wireshark.org/review/30682
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
If the file is to be compressed, then:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions followed by the extension for the compression type,
otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type;
otherwise:
if the type in which the file is to be written has a set of extensions
it uses, leave the file name alone if it ends with one of those
extensions, otherwise append the default extension for that file type followed by
the extension for the compression type;
if it doesn't, leave the file name alone if it ends with the extension
for the compression type, otherwise append the extension for the
compression type.
Change-Id: I7c4093af28cc30d579a2ae9faa8f4164b4764001
Reviewed-on: https://code.wireshark.org/review/30681
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The three merge_files routines (filename, tempfile, stdout) have exactly
the same code except for a single wtap_dump_open routine. Reduce code
duplication to ease further improvements to this file.
Change-Id: I4fa890730d54c11b3614e56cf4d3d3da1ae9f5fd
Reviewed-on: https://code.wireshark.org/review/30678
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I08d45c87c9232edcabfc69d25a773552fe9e0871
Fixes: v2.9.0rc0-2567-g43872a3a0e (""." in version numbers and file names isn't translated into other languages.")
Reviewed-on: https://code.wireshark.org/review/30680
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"xxx.pcap.gz" is "xxx.pcap.gz" in any language. "3.0.1" is "3.0.1" in
any language.
Change-Id: I231a3f9bd21a3ea5d56a8e410d20b1bc3927540f
Reviewed-on: https://code.wireshark.org/review/30676
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure the -i <pipe> documentation is consistent and correct.
Change-Id: I9019effb658f914ac754e4ae893eafbe7c4b4da1
Reviewed-on: https://code.wireshark.org/review/30675
Reviewed-by: Gerald Combs <gerald@wireshark.org>
If we have a single capture source and that capture source is pcapng and
we're writing a pcapng file, do the following:
- Pass its SHB and IDBs through unmodified. Don't save or write command
line interface IDBs.
- Save the most recent SHB and IDBs so that we can write them when we're
writing multiple output files.
If we have multiple capture sources, do the following:
- Write Dumpcap's SHB.
- Keep a global list of IDBs, consisting of both command line interfaces
and IDBs read from pcapng sources.
- When reading an EPB or ISB, remap its local interface number to its
corresponding global number.
Add Dumpcap pcapng section tests. Make the application IDs in the
"many_interfaces" captures unique.
Change-Id: I2005934c1f83d839727421960005f106d6c682dd
Reviewed-on: https://code.wireshark.org/review/30085
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Added dissection of field PID_DOMAIN_TAG. PID_DOMAIN_ID moved to
PID_RTI_DOMAIN_ID and PID_IS_RELIABLE moved to PID_DOMAIN_ID.
Change-Id: Ie189b2d2e66b705df202e7ee3e752aea5ddee271
Reviewed-on: https://code.wireshark.org/review/30664
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
When the LISP dissector was initially written, it followed a different
pattern for adding subtrees with a text label, which needs to be
modified while dissecting: proto_tree_add_item() +
proto_item_append_text() + proto_item_add_subtree().
This commit updates the code to use the more elegant
proto_tree_add_subtree_format() call.
Change-Id: Icb6424be3c9cdecbfe9bb5aa2d39f3ad3d1499e0
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/30655
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Proper dependency tracking has been implemented such that tests that
require dumpcap are skipped when unavailable, let's enable tests again.
Use pytest for nicer traces.
Bug: 14949
Change-Id: I1751bed8bd62e1a69d6e19161f7517735ae96662
Reviewed-on: https://code.wireshark.org/review/30669
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Convert the old start_pinging routine to use pytest fixtures, rewriting
it to enable a different generator that uses (for example) UDP.
Remove the config module since it is no longer neded.
Change-Id: Ic4727157faab084b41144e8f16ea44f59c9037d8
Reviewed-on: https://code.wireshark.org/review/30659
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add a new --capture-interface option to pytest, similar to test.py. It
will grab some Ethernet interface on Windows. An empty value overrides
this and disables capture tests. Remove the test.py --enable-capture
option since that is implied by the --capture-interface option.
Port the `test.py --program-path` option to pytest and additionally make
the pytest look in the current working directory if neither WS_BIN_PATH
nor --program-path are specified. Drop config.setProgramPath, this
allows tests to be run even if not all binaries are available.
With all capture tests converted to fixtures, it is now possible to run
tests when Wireshark is not built with libpcap as tests that depend on
cmd_dumpcap (or capture_interface) will be skipped.
Bug: 14949
Change-Id: Ie802c07904936de4cd30a4c68b6a5139e6680fbd
Reviewed-on: https://code.wireshark.org/review/30656
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The test_tshark_io_direct_stdout test was failing because the command
"tshark -r test/captures/dhcp.pcap -w - > some.pcap" produced a corrupt
capture file which has the packet information appended at the end.
Change-Id: I1a79e98f1475c29d7dad3ff90d4cb689f46b0e57
Fixes: 57389a0c69 ("make tshark compile and work also when pcap is not available")
Reviewed-on: https://code.wireshark.org/review/30668
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: Iabdd87128a2af8c668c0602ea677f71984e64723
Fixes: v2.9.0rc0-2556-gb894c53d5e ("Add an API to get a description of a compression type, and use it.")
Reviewed-on: https://code.wireshark.org/review/30670
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Add wtap_compression_type_description(), which returns NULL for
WTAP_UNCOMPRESSED and a descriptive string for other compression types.
Instead of checking for WTAP_GZIP_COMPRESSED and appending "(gzip
compressed)", just pass the compression type to
wtap_compression_type_description() and, if the result is non-null,
append its result, wrapped in parentheses, with a space before the left
parenthesis.
Change-Id: I79a999c7838a883953795d5cbab009966e14b65e
Reviewed-on: https://code.wireshark.org/review/30666
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fixed incorrect field type for tariff label in publish tariff information.
It is an zigbee octet string, so the first byte indicates the length of the string.
Change-Id: Ia90e47a19a3bd1ca7642f5e7ce99377618198f15
Reviewed-on: https://code.wireshark.org/review/30663
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Fix decoding of the TDS7 password field by treating it as a byte string, not an ASCII string.
Also fix another display problem demonstrated by the sample trace.
Bug: 15274
Change-Id: I906d6e9499e2e986820e9248604e98051d877bed
Reviewed-on: https://code.wireshark.org/review/30653
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Using WTAP_ENCAP_PER_PACKET if there's more than one interface forces a
format supporting multiple encapsulations even if all interfaces use the
same encapsulation; there's no reason to force that - you might as well
let the user specify pcap format, for example, if that's what they
really want.
(If there are multiple interfaces and they have different
encapsulations, the file encapsulation will be WTAP_ENCAP_PER_PACKET
*anyway*.)
Change-Id: I0e65c06e1ae3ff159ccd27f72cc63014e30a58f3
Reviewed-on: https://code.wireshark.org/review/30658
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It means "snapshot length unknown".
For most file formats, the snapshot length isn't recorded (even for
formats that support slicing - all they record is the on-the-network
length, and length after slicing, for each packet), so it's ignored in
the dumper.
The one exception is pcap, which records it in the file header; if it's
unknown, the pcap-writing code picks the maximum supported snapshot
length for the file's link-layer header type.
Change-Id: Ieda5dfe34c4bac63e43fdadeff31799ac3c908de
Reviewed-on: https://code.wireshark.org/review/30657
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Stop using subprocesstest, drop the (now redundant) DFTestCase base
class and use pytest-style fixtures to inject the dependency on tshark.
This approach makes it easier to switch to pytest in the future.
Most substitutions were automated, so no typos should be present.
Change-Id: I3516029162f87423816937410ff63507ff82e96f
Reviewed-on: https://code.wireshark.org/review/30649
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Create a special custom profile just for the nameres tests, instead of
doing this for all tests. Other tests do not need it.
Change-Id: I41de0ece9dcf1ee310957beab2bbee0a99784753
Reviewed-on: https://code.wireshark.org/review/30633
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Inline all capture file names and use fixtures instead of the global
config object. This makes dependencies more explicit.
Change-Id: I37a6eda73822735b5a6957b44bce53bb5ecd1aa0
Reviewed-on: https://code.wireshark.org/review/30631
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Check for pipe status only when we no longer have packets. This keeps us
from flushing packets that we should have written.
Change-Id: I714f52597da792a0b228b5e1a1dd3a993dc93681
Reviewed-on: https://code.wireshark.org/review/30651
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Just directly set wth->file_encap.
Change-Id: I9fb3d34d3d46d9bef6b7206e25ba72049d9b12f1
Reviewed-on: https://code.wireshark.org/review/30648
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The information given by the person who provided the change to do so for
V7 files seems to indicate that 1) V5 and V6 files have the same file
header and 2) the protoNum field shouldn't be used for this purpose.
It also provided information about the bits in the flags and status
field, so add that.
The first three of those bits appear to match the first three bits of
the flags field in Peek tagged files, so note that in the Peek tagged
reader, in case the other bits also match.
Change-Id: I492afd594676efc14b487b3030c861bf5feb2d23
Reviewed-on: https://code.wireshark.org/review/30647
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make sure cap_pipe_read_data_bytes sets pcap_src->cap_pipe_err if it
encounters an error or EOF. This fixes a regression introduced in
ga51b3d1d16. Have it return -1 or the number of bytes read similar to
read(2). Explicitly treat its return value as a signed integer.
Change-Id: I3de92859eee45e8d4a24a8c8309a816ef1b7924a
Reviewed-on: https://code.wireshark.org/review/30639
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Try to describe the motivation of pytest fixtures and update the
examples. Add a missing build dependency in CMake while at it.
Change-Id: I5384a86f2191835b834285b81343a7ee56f88e79
Reviewed-on: https://code.wireshark.org/review/30632
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Change-Id: I76f5e10fbc5ca0071d1444e31ce4c8fba639c3bc
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/30630
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Update the following versions:
CMake: 3.7.2 to 3.12.4
Qt: 5.9.5 to 5.9.7 (Current LTS)
libxml2: 2.9.4 to 2.9.7 (2.9.4 has security issues)
c-ares: 1.12.0 to 1.15.0 (1.12.0 has security issues)
libssh: 0.7.4 to 0.8.5 (0.7.4 has security issues)
Change-Id: Ia97b436981705a4d99c0b0a2f238738e18394d45
Reviewed-on: https://code.wireshark.org/review/30589
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fix use-after-free of decompress_streams when reloading a capture file.
Cleanup the z_stream on capture file closure and simplify the hash key.
Fix build in case zlib is not available, remove unnecessary headers and
fix the indentation information (tabs instead of spaces).
Change-Id: I08268db1b9714cdddfc7f47b496f3e9da518139a
Fixes: v2.9.0rc0-2492-ga8c40412d8 ("Added support for the Couchbase BLIP protocol")
Reviewed-on: https://code.wireshark.org/review/30626
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jim Borden <jim.borden@couchbase.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* create a draft14 (and older) frame type
* on ACK_ECN, ECN (ect0, ect1, ecn-ce) are after ACK block
Change-Id: I810e32865a00abebbc29611cae5972d51268f476
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/30491
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The MongoDB ObjectID spec traditionally included a "host hash" and "PID" field.
These have for a while been treated as random data for the server, and the
MongoDB drivers have recently addopted a specification that says the same:
https://github.com/mongodb/specifications/blob/master/source/objectid.rst#random-value
This patch reorganises the original Host Hash and PID fields under a new
"Machine ID" field, to be able to show both the current interpretation of the
field, as well as the historical one.
Change-Id: Ib25b5552935781bc512fcdadb870ed20838d8808
Reviewed-on: https://code.wireshark.org/review/30604
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>