We use debian-setup.sh and rpm-setup.sh to build the containers in
https://gitlab.com/wireshark/wireshark-containers/. Make sure they fail
with a nonzero exit status, otherwise we might end up with an invalid
container image.
Make sure OPTIONS is defined in all of the setup scripts that use it.
Add location tracking as a column offset and length from offset
to the scanner. Our input is a single line only so we don't need
to track line offset.
Record that information in the syntax tree. Return the error location
in dfilter_compile(). Use it in dftest to mark the location of the
error in the filter string. Later it would be nice to use the location
in the GUI as well.
$ dftest "ip.proto == aaaaaa and tcp.port == 123"
Filter: ip.proto == aaaaaa and tcp.port == 123
dftest: "aaaaaa" cannot be found among the possible values for ip.proto.
ip.proto == aaaaaa and tcp.port == 123
^~~~~~
Revert to passing a syntax node from the lexical scanner to the grammar
parser. Using a union is not having a discernible advantage and requires
duplicating a lot of properties of syntax nodes.
This removes the limitation of having only two terms in an
arithmetic expression and allows setting the precedence using
curly braces (like any basic calculator).
Our grammar currently does not allow grouping arithmetic expressions
using parenthesis, because boolean expressions and arithmetic
expressions are different and parenthesis are used with the former.
Editcap accepts '-' for stdin or stdout, document that. Also change
an incorrect statement that claims that the '-v' flag writes to
standard output; it writes to standard error.
If we're running in the Logwolf configuration namespace, look for
extcaps in a directory named "extlog". This paves the way for adding
log-specific capture utilities.
InfiniBand and RDMA over Converged Ethernet (RoCE) are handled by the
infiniband dissector. Register DRBD as a dissector for infiniband
payloads.
Not yet implemented:
* Dissection of data payloads. For P_DATA and similar packets, the data
payload is transmitted over multiple packets. Only the first packet
containing the DRBD header is dissected.
* Dissection of the InfiniBand Immediate Data. DRBD uses this for
sequence numbers and for indicating which stream the packet belongs
to.
* Any attempt to associate packets into conversations. This could be
achieved when the connection packets have been captured, but would be
very difficult otherwise.
* An association with infiniband.cm.req.serviceid.dport. When using
RoCE, this is the port that the user specifies for the connection, so
it would be useful to associate it with the DRBD conversation and show
it. Otherwise it is tricky to identify DRBD connections.
RFC 8781 shows in section 4 that the prefix field of the PREF64 option
header is always 96 bits (or 12 bytes), regardless of the prefix length
code that only specifies which parts of the prefix are significant. The
option itself thus always has a fixed length. Even if they are not used
in the significant part of the prefix itself, the unused bits are still
part of the prefix field of the PREF64 option and the offset must be
adapted accordingly.
The previous implementation would fail to correctly parse any PREF64
option with a PLC other than 0 (i.e. the full 96 bits) due to the unused
remaining bits in the option not being consumed.
Closes#18033.
Instead of saying a leading colon will make any token a literal
value, say it is part of the syntax of bytes arrays. This is
useful to write bytes without a separator, and other potentially
ambiguous formats.
The restriction in meaning to bytes and simple numeric values
should make the rules for handling a leading colon (specifically
ommiting it or not) saner without much loss of functionality.
When retrying fvalue_from_literal() we were leaking the error
message string.
Refactor the code to avoid the retry. This assumes the only
valid use of a leading ':' with a literal is for an IPv6 address.
Bytes with leading ':' are supported but the colon is skipped,
so the parser doesn't see it.
Fixes df0fc8b517.
Rework the out of order dissection to store the out of order
segments and add them to reassemblies only after the gaps are filled.
This allows reassembly of contiguous segments to be dissected when
they can, instead of having to wait for all segment gaps to be
filled. In cases where a segment has an erroneous later sequence number,
this prevents reassembly from being completely halted.
It is now guaranteed that when the subdissector is called that the
segment from the current frame is either the first segment of the
MSP or has bytes that were requested from the last call of the
subdissector. This makes it easier to split MSPs in a later commit.
MSPs now always have the first segment with the sequence number,
so MSP_FLAGS_MISSING_FIRST_SEGMENT and first_frame_with_seq are
obsolete and can be removed later.
This fixes a long standing TODO in the out of order test in
suite_dissection.py
Dissection is more consistent between the first pass and later
passes, though there is more to be done.
