Allow epan plugins to push descriptions for each individual
plugin or extension managed by the epan plugin interface.
For example a Lua or Python epan plugin can push
descriptions for each *.lua or *.py script it registers.
Update the functions that get an interface name or description
to also take the section number in the record (0 if not present.)
Store a mapping of SHB number and interface number to global
interface number, and provide a function to access it. Use the
function to display the correct interface name and description
when there are multiple SHBs.
Use this information to rewrite interface numbers when writing a
pcapng file through wtap dumper, since we don't write additional
SHBs to a file when dumping. We could, but we'd have to store
exactly when to write the extra SHB when reading the file in
sequentially (unlike the other internal blocks, IDB, NRB, and
DSBs, that we intentionally move to the start.)
Since we're changing the number of sections, perhaps we should edit
the SHB options more?
Merging handles interface numbers in its own manner, but also needs
to know about the per-SHB interface ID to global ID mapping when
doing so.
Capinfos and capture file properties still require a bit more work
for proper output.
Fix#16531, fix#18049
As of GnuTLS 3.6.2, it's possible to set FIPS mode to non-enforcing
when FIPS is enabled. That's what we want to do, for the same reasons
as gcrypt and commit d5492abc89
Related to #18441
pcapng allows simple packet blocks (which don't have timestamps),
enhanced packet blocks (which do) and custom blocks (which might
or might not have timestamps, and even if they do have timestamps,
libwiretap might not know about them), and so some records may have
timestamps while others do not.
Do not use frames without timestamps in delta time calculations.
Don't use them as reference frames for time calculations, or for
the previously displayed frame for time calculations, where the
previously displayed frame that actually has a timestamp is used.
Have the various _get_frame_ts functions return null instead of
their ts value (that is currently handled; if records without
timestamps set their abs_ts to the special "unset" value of nstime_t
that could work too, except that isn't currently handled.)
Still allow the GUI to set frames without timestamps as "Time
References", because that does still affect the "Cumulative Bytes"
column, so it's not entirely pointless; unset the reference time
so that the timestamp from the next frame that does have a timestamp
will be used as reference time.
The "previous captured frame" will show a 0 time delta when
the previous frame doeesn't have a timestamp. Perhaps a user
would also want "previous captured frame with a timestamp,"
but we'd have to store that in frame data (adding memory to
that struct.)
Fix#19397
libgcrypt 1.10 added a new control command to force disable FIPS
mode, regardless of any file or environment variable that would turn
it on.
FIPS mode makes it impossible to _decrypt_ non-NIST approved
algorithms, both old insecure ones as well as simply unapproved
ones like ChaCha20 and Poly1305. We're decrypting, not promising
security.
Related to #18441 (but doesn't help with distributions like the
one in that bug, that have gcrypt older than 1.10.0)
Save all dependent frames when there are multiple levels
of reassembly.
This is a retry of !6329, combined with the fix in !6509 which
were reverted in !6545.
epan: fix a segfault, introduced in !6329
Move all the declarations of routines that are internal and
not for use by dissectors from column-utils.h column-info.h
Move the column max length defines into column-utils.h because
dissectors might need that
Since packet.h already includes column-utils.h, dissectors don't
need to include column-utils.h anymore.
Remove or downgrade a few other column header includes that are
unnecessary.
Epan plugins init runs before proto_init() to setup for that but there
is also a need to have a routine that runs at the end of epan_init(),
which can do pretty much anything using epan, like runnning tests.
Convert our conversation protocols to a dynamic list and add
add_conversation_filter_protocol(). Use it in the Falco Bridge plugin to
add protocols with conversation filters.
Allow export PDU taps to be registered with a wiretap encapsulation
instead of always using WTAP_ENCAP_WIRESHARK_UPPER_PDU. This allows
creating normal capture files that aren't tied to wireshark without
having to do a "editcap -C -L -T", as well as creating files in
formats other than pcapng and pcap with tshark.
Provide a couple sample implementations in Ethernet (WTAP_ENCAP_ETHERNET)
and IP (v4 and v6, WTAP_ENCAP_RAW_IP) that are the most common use cases.
(I can imagine a few others; WTAP_ENCAP_MPEG_2_TS could probably be
useful, for example.) Fixes#15141
PCRE2 is the future of PCRE. The only advantage of GRegex is that
it comes bundled with GLib, which is not an advantage at all.
PCRE2 is widely available, the GRegex abstractions layer are not a
good fit and abstract things that don't need abstracting or that we
could handle better ourselves, there are open bugs (#12997) and
maintenance is spotty at best.
GRegex comes with many of the problems of bundled code, aggravated by
the fact that it completely falls outside of our control.
If a macro identifier is not defined it evaluates to zero in an
expression, so the outer #ifdef is unnecessary and should be
avoided (the less the better).
Add a missing CMake comment while here.
* introduced with 9b13c4352d
* HAVE_SMI_VERSION_STRING is always defined if libsmi found
Change-Id: I50480d37a3a6f31bcfe768f030af9176213b7366
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
This header was installed incorrectly to epan/wmem_scopes.h.
Instead of creating additional installation rules for a single
header in a subfolder (kept for backward compatibility) just
rename the standard "epan/wmem/wmem.h" include to
"epan/wmem_scopes.h" and fix the documentation.
Now the header is installed *correctly* to epan/wmem_scopes.h.
This allows wmem to be used from other libraries, namely wsutil.
It is often the case that a funtion exists in wsutil and cannot
be used with a wmem scope, requiring some code duplication or
extra memory allocations, or vice-versa, code in epan cannot be
moved to wsutil because it has a wmem dependency.
To this end wmem is moved to wsutil. Scope management remains part
of epan because those scope semantics are specific to dissection.
"User" sounds as if the blocks belong to the user; at most, the current
user might have modified them directly, but they might also have, for
example, run a Lua script that, unknown to them, modified comments.
Also, a file might have "user comments" added by a previous user, who
them wrote the file and and provided it to the current user.
"Modified" seems a bit clearer than "changed".
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
Dependending on version_info is unnecessary and forces an epan
rebuild every time the git commit id changes, which can be slow,
especially with LTO enabled, and again is unnecessary.
Printing the VCS version to the TLS debug log is a minor convenience
that doesn't justify the cost to relink epan with every commit.
Experience has shown that:
1. The current logging methods are not very reliable or practical.
A logging bitmask makes little sense as the user-facing interface (who
would want debug but not crtical messages for example?); it's
computer-friendly and user-unfriendly. More importantly the console
log level preference is initialized too late in the startup process
to be used for the logging subsystem and that fact raises a number
of annoying and hard-to-fix usability issues.
2. Coding around G_MESSAGES_DEBUG to comply with our log level mask
and not clobber the user's settings or not create unexpected log misses
is unworkable and generally follows the principle of most surprise.
The fact that G_MESSAGES_DEBUG="all" can leak to other programs using
GLib is also annoying.
3. The non-structured GLib logging API is very opinionated and lacks
configurability beyond replacing the log handler.
4. Windows GUI has some special code to attach to a console,
but it would be nice to abstract away the rest under a single
interface.
5. Using this logger seems to be noticeably faster.
Deprecate the console log level preference and extend our API to
implement a log handler in wsutil/wslog.h to provide easy-to-use,
flexible and dependable logging during all execution phases.
Log levels have a hierarchy, from most verbose to least verbose
(debug to error). When a given level is set everything above that
is also enabled.
The log level can be set with an environment variable or a command
line option (parsed as soon as possible but still later than the
environment). The default log level is "message".
Dissector logging is not included because it is not clear what log
domain they should use. An explosion to thousands of domains is
not desirable and putting everything in a single domain is probably
too coarse and noisy. For now I think it makes sense to let them do
their own thing using g_log_default_handler() and continue using the
G_MESSAGES_DEBUG mechanism with specific domains for each individual
dissector.
In the future a mechanism may be added to selectively enable these
domains at runtime while trying to avoid the problems introduced
by G_MESSAGES_DEBUG.
Instead *_register_plugin() is turned into a noop (with a warning).
The test suit is failing with ENABLE_PLUGINS=Off (it was already failing
before and this patch didn't affect that).
Closes#17202.
The decode_as_list is built at startup and contains all protocols
registered for "decode as". Do not clear this list on profile change,
only on exit.
Bug: 16635
Change-Id: I832a042327603ae0f01b10ab620fccc03d4fd3a3
Reviewed-on: https://code.wireshark.org/review/37579
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Although c-ares support was techically optional, it was either on by
default or required in all of our packaging. Go ahead and require it
globally. C-ares is widely available and synchronous name resolution can
easily result in a horrific user experience.
Change-Id: Id67c797316ed6b8a0ab5052e55a43a1b9e2a2464
Reviewed-on: https://code.wireshark.org/review/35188
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Jaap Keuter