This automatically detects and decompresses HTTP along a TCP stream through the use of taps.
Bug: 3528
Change-Id: I8ab832d509700d0da8eabf3c3e514d8511c598d3
Reviewed-on: https://code.wireshark.org/review/13009
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
(That should also keep people from deciding that they don't want to
include <wsutil/nstime.h>, but still want to use Wireshark nanosecond
times, and do so by sticking a private incomplete definition of "struct
nstime_t" into the code.)
Change-Id: I94e863fe7083ebba254c3a718b85088a89fb6b7d
Reviewed-on: https://code.wireshark.org/review/13022
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't just define it yourself.
(And especially don't define it yourself if you're already including
epan/ipv6-utils.h.)
Change-Id: I9970d0edecef0c820b2a7fdce34509b54e7b3106
Reviewed-on: https://code.wireshark.org/review/13020
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The TLV length includes the T and the V, so it must be at least 4; fail
if it's not.
If the IPv4 or IPv6 prefix length isn't valid, don't bother trying to
parse the rest of the addresses, just give up.
Don't bother returning offset values that aren't used.
Rename some routines to indicate that they process more than one item.
Add some comments while we're at it.
Change-Id: I6825216f0e7218e230d8d60d958b3c2453a3bb62
Reviewed-on: https://code.wireshark.org/review/13016
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ia799910f72674702c98f146525171d29f1b35432
Reviewed-on: https://code.wireshark.org/review/13006
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reported by Fredrik Lönnman
Bug:11953
Change-Id: Icaff04122e8ed94751ea8aeb4069be2fc2dda52c
Reviewed-on: https://code.wireshark.org/review/13007
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
git can be installed (or the path manually set) so that the msys
unix utilities supplied with git (expecially bash) are on the path
and then picked up by CMake. These utilities are not compatible with
the build and will fail.
This change checks the output of the --version option to the found
executable and ensures "cygwin" is found in the result. If not found
a FATAL_ERROR message is issued and the CMake generation is stopped.
Change-Id: I0eca014ae194862abbc8dee56d347526691e72cb
Reviewed-on: https://code.wireshark.org/review/13008
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Instead of an array of pointers to preference values, have an array
of preference values.
Clean up some white space while we're at it.
Change-Id: Iaa2cf6bcc2a271a5c2645ddbb2dbddba311b413d
Reviewed-on: https://code.wireshark.org/review/13002
Reviewed-by: Guy Harris <guy@alum.mit.edu>
At least with Qt5.5.1 there is no duplicate clang_64 in the qt path.
Change-Id: I2ac66f246b3c9dbe2155ee8394d31e7d560faaf9
Reviewed-on: https://code.wireshark.org/review/13000
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Cleaned up handling of the qualifier field. Sub-parts are now
identified as the prefix and range rather than index and code.
This has changed the field names;
dnp3.al.objq.index -> dnp3.al.objq.prefix
dnp3.al.objq.code -> dnp3.al.objq.range
and the associated packet tree details text strings.
Change-Id: I42d51b71233303eaf8b37982dd15b5090918630b
Reviewed-on: https://code.wireshark.org/review/12998
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Bug: 11949
Change-Id: I625d80ce01918bd050889d21236aaa4cde4af8d0
Reviewed-on: https://code.wireshark.org/review/12961
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Color filters can be seen as a function that takes a tree and display
filters as input and a (possibly empty) coloring rule as output.
This coloring rule is then added to the frame tree and used by the GUI
for coloring the packets list.
From an architectural POV, "coloring" is part of the UI component, but
since it influences the tree, it is something for the dissection
component.
Bug: 5703
Bug: 6099
Change-Id: I73d132ec1dca7262bcb1b55c8481ca564c6161d1
Reviewed-on: https://code.wireshark.org/review/12507
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Add #defines for all the value types and use them.
Make the preference static, as it's not used outside this module.
Change-Id: I3ed715701f77d5ea6cc45c8f978d6e2da7b38671
Reviewed-on: https://code.wireshark.org/review/12988
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add #defines for all the value types and use them.
Make the preference static, as it's not used outside this module.
Change-Id: Ibd04274b4160d18a55b10f47ce866ac97a76309e
Reviewed-on: https://code.wireshark.org/review/12987
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We're not allocating colors ourselves in GTK+ (and haven't been doing so
since at least 1.12), and all color_t values are valid colors, so
we don't need any toolkit-specific processing to fill in a color_t.
While we're at it, catch read errors when reading color filter files.
Change-Id: Ieb520d141cf15e371a31a01459d466c95ba2209b
Reviewed-on: https://code.wireshark.org/review/12985
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Now that we're letting GTK+/GDK allocate colors behind the scenes, if it
allocates them at all, there's no reason to save the allocated color in
the toolkit-independent color value.
Change-Id: I99df32bd6b07924f41f3d855d2ddecb3dc8d5201
Reviewed-on: https://code.wireshark.org/review/12983
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That code's been unused since at least 1.12, so apparently it's not
needed. To the extent that it needs to be allocated at all - which is
the case only if a colormap is being used - it's apparently all done
under the covers.
Change-Id: Ib25bfba618b0af4a60ce991a974de1e3f2f89158
Reviewed-on: https://code.wireshark.org/review/12981
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WiX prefers rich text license files. Add an RTF version of the GPLv2. It
was created by converting the "standalone HTML" version of the license at
http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html
to RTF using Pandoc 1.11.
Start splitting CPackConfig.txt into Win32 and non-Win32 sections. Add
a WiX section.
Change-Id: Ifcb233053c8a2158f087b69c69de7df869af65aa
Reviewed-on: https://code.wireshark.org/review/12980
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
uat_fld_tostr_cb_t callback *out_ptr argument is g_mallocated and
is to be freed by the caller so drop constness requirement to fix
the corresponding g_free warnings.
Change-Id: I1be25fa3e2f54fb32058ac0b5c1631b193b07701
Reviewed-on: https://code.wireshark.org/review/12943
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Save a non-const pointer and use it when freeing.
Fix some indentation while we're at it.
Change-Id: Iad2451130c4d1f252ad9f63b12205cd1aae70eb7
Reviewed-on: https://code.wireshark.org/review/12978
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This also fixes a case where, if nfs_fh->len wasn't a multiple of 4, the
allocated buffer was too short, by the difference between the next lower
multiple of 4 and nfs_fh->len, so the memcpy() went past the end of the
buffer. (And, yes, an NFSv3 file handle can have a byte count that's
not a multiple of 4 - it's a variable-length opaque type - even if the
marshalled data is padded with 0s to a multiple of 4 bytes, as with
other XDR types.)
Change-Id: I689d4b365e8a1547428a1580884f66177dc5841b
Reviewed-on: https://code.wireshark.org/review/12964
Reviewed-by: Guy Harris <guy@alum.mit.edu>
display the individual bytes
the next step is to dissect the meaning of their bits
Change-Id: Id93bcdb3913886365dbd0fb3fdedc7ed0c63be93
Reviewed-on: https://code.wireshark.org/review/12957
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Looks like we need to fix a dependency.
This reverts commit 61cde08a95.
Change-Id: I490b826f20fbefbf169b63816916bfe784609610
Reviewed-on: https://code.wireshark.org/review/12956
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Michael Mann