Allow the user to select multiple packets, and
* add the same comment to all selected packets
* remove all comments from selected packets
A new comment is added to each packet, now that we support multiple
comments per packet.
This is one potential way to address #8713.
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
Singletons moved from main_window to each class's static open<NameOfClass>
method:
- RtpPlayerDialog
- RtpStreamDialog
- VoipCallsDialog
- RtpAnalysisDialog
Fixed issue with selecting RTP stream in sequence dialog. When user
selected a stream and moved mouse to Rtp Player button and pressed it,
incorrect RTP stream was sent to it.
When user press S(elect)/D(eselect) key, all RTP streams related to
selected call/calls are selected/deselected in RTP Streams window. If
window is not shown, it is opened.
Documentation updated.
Changes:
- RTP Player added to Telephony/RTP menu.
- When openning RTP Analysis or RTP Player from RTP menu, just selected
stream is added. When Ctrl is hold during opening, reverse stream is
searched and added too.
- RTP Player: Added tool to select/deselect all inaudible streams
- RTP Player: Added Prepare Filter button
- RTP Player: Added Analyze button
- RTP Analysis: Added Prepare Filter button
- documentation updated
Code changes:
- RTP Player::rescanPacket() is not fired multiple times during rate change and during dialog creation
- Error shown in RTP player is cleared after every new decode of streams
- RTP Player handles case when Qt do not emit stop stream event
- "Select" menu code unified between dialogs>
- RTP Player: Audio routing menu unified
- buttons are connected to actions by signals()
- Analyze dialog is called by list of rtpstream_id, not rtpstream_info
Changes:
- refactored main_dialog handling of telephony dialogs
- RTP Player dialog is nonmodal now and can be left open
- it is possible to issue three actions on RTP Player dialog from other
dialogs (other dialog have selected set of RTP streams before action)
- replace - removes existing streams from RTP dialog and shows new set
- add - adds new set to existing list in RTP dialog
- remove - remove streams in set from list in RTP dialog
- Sequence Dialog:
- was modified to hold rtpstream_info_t for RTP streams
- added Play button
- VoIP features (RTP Play button, select/deselect RTP stream) are
disabled after creation and must be enabled. It handles that RTP
Play button is not shown e.g. in TCP sequence show
The distinction between the different kinds of capture utility
may not warrant a special subfolfer for each, and sometimes the
distinction is not be clear or some functions could stradle
multiple "categories" (like capture_ifinfo.[ch]).
Simplify by having only a generic 'capture' subfolder. The
separate CMake libraries are kept as a way to reuse object code
efficiently.
Changes:
- epan/follow.c: follow_conv_filter_func has new parameter
epan_dissect_t *edt, so filter can be generated based on decoded tree
of packet below the cursor
- menu Follow/SIP Call is enabled when sip packet is selected
- value of sip.Call-ID is used as filter for SIP call
- for sharkd it generates filter just 'sip.Call-ID' with no value
Remove the editor modeline blocks from most of the source files in ui/qt
by running
perl -i -p0e 's{ \n+ /[ *\n]+ editor \s+ modelines .* shiftwidth= .* \*/ \s+ } {\n}gsix' $( ag -g '\.(cpp|h)' )
then cleaning up the remaining files by hand.
This *shouldn't* affect anyone since
- All of the source files in ui/qt use 4 space indentation, which
matches the default in our top-level .editorconfig
- The one notable editor that's likely to be used on these files and
*doesn't* support EditorConfig (Qt Creator) defaults to 4 space
indentation.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
The fix solves issue #16952. It reverts commit 88813716 which introduced memory leak which causes the issue. The original issue with duplicating entries is solved too.
Because commit was cherry picked to 3.4.0 (might be in more branches), this patch should be cherry picked too.
Add a new top-level view that shows each packet as a series of diagrams
similar to what you'd find in a networking textook or an RFC.
Add proto_item_set_bits_offset_len so that we can display some diagram
fields correctly.
Bugs / to do:
- Make this a separate dialog instead of a main window view?
- Handle bitfields / flags
Change-Id: Iba4897a5bf1dcd73929dde6210d5483cf07f54df
Reviewed-on: https://code.wireshark.org/review/37497
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use the QT text codec support to add charset conversions for all character
encodings supported by QT to Show Packet Bytes and Follow Stream (Save As
will convert to UTF-8.) Note that this is dynamic and the exact list will
depend on the version of QT and if libicu support is enabled. This does
make the list of codecs pretty long, so hopefully it shows up well on all
the different QT styles.
This does not yet support when multibyte characters span more than one packet
in Follow Stream, though the current code doesn't do that for UTF-8 or UTF-16
already. This is probably most useful for HTTP captures.
Bug: 16137
Change-Id: I6d5cd761a5d9d914b7a787fe8eb02b07b19642e6
Ping-Bug: 16630
Reviewed-on: https://code.wireshark.org/review/37707
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Variable is only needed locally, so it can be moved to the local
entity.
Change-Id: I790c1616e27d5e85b3dabbdc327e3f54fc663d25
Reviewed-on: https://code.wireshark.org/review/36863
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
PreferencesDialog::setPane takes a preference module name. Fix a
comparison in PrefModuleTreeView::setPane and update some variable names
in order to make things a bit more obvious.
Modernize some related code while we're here.
Bug: 16250
Change-Id: I8f4c7e5261a219e3f32e6e9a71574d81b1852219
Reviewed-on: https://code.wireshark.org/review/35304
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Rename Capture Interfaces to Capture Options to match its main menu
item. "Options" also more closely matches what the dialog actually does.
Fixup a help item URL while we're here.
Change-Id: Iec8bdfc9f7ae6fc4fd9e97bb366b63cff139f3a6
Reviewed-on: https://code.wireshark.org/review/35294
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
As all frameSelect signals now transport a QList<int> of selected
frames, use this instead
Change-Id: I1888e45a4df997920aebde9706ca0ae803bdba03
Reviewed-on: https://code.wireshark.org/review/35176
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Improve the speed for selection checks in PacketList and MainWindow
Change-Id: Ic3a413624463a798b5d13102965f75c7b1347b5f
Reviewed-on: https://code.wireshark.org/review/35160
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
This implements multi-selection for the PacketList. It
allows multiple lines to be selected, and either drag/drop
them to a text editor or use Ctrl/Cmd+C to copy the content
to a clipboard.
Opening the context menu disables the selection, and it
does not change the underlying currently selection. This is
done on purpose, as multi-selection is a copy-task only
functionality at this point
Export & Print work as expected, exporting just the selected
items. Same goes for the copy menu, which has the additional
entries for copying the list elements
Bug: 14612
Change-Id: I77960aa1ab1d172a21abfa469baac0cd57f9f9d9
Reviewed-on: https://code.wireshark.org/review/35073
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Add support for automatic updates using the Sparkle framework. Add
FindSparkle.cmake and associated CMake plumbing. Add a public key and
other info to Info.plist.in. Add ui/macosx/sparkle_bridge.{h,m}, which
wraps the Sparkle API. Make code that's specific to WinSparkle
Windows-only.
Add Sparkle installation steps to the macos-setup scripts. Sparkle
prints a warning if your bundle is unsigned (which is the case during
development) so disable installing it by default.
Updating here takes a long time. We might be able to fix that by
shipping our DSYMs separately.
Change-Id: I6cc6671db5657dadc514bda6bf6e1c8bbc9468a5
Reviewed-on: https://code.wireshark.org/review/35090
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Currently push pop is propagated by a massive load of signals
which partly are also propagated through parent objects.
This moves the status handling to WiresharkApplication, also
pathlining future moves to move status to different classes or
use additional methods of status information
Change-Id: Ibcb2c98688f1adf40dce1483f336596ef992bb06
Reviewed-on: https://code.wireshark.org/review/35071
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
When using the "Create a new file automatically" feature the capture in
Wireshark will stop and start, but the extcap utility will continue run
as normal. Ensure the control channels are kept when doing this.
Rename the unused capture_session.session_started to session_will_restart
to detect this.
Bug: 16178
Change-Id: I6797c982760a1013fca2a24699befff1dc82f28c
Reviewed-on: https://code.wireshark.org/review/35013
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The QUIC transport protocol provides a stream, similar to HTTP/2. Make
it possible to look at the stream contents. This can be helpful while
HTTP/3 support is not yet complete.
Known issues that will be addressed in the future:
- If a single packet contains multiple streams, then Follow QUIC Stream
will wrongly include data from streams other than the selected one.
This is tracked by bug 16093 and affects HTTP/2 as well.
- The Substream index menu does not properly filter for available
stream numbers. If a non-existing stream is selected, then changing
to another (potentially valid) index results in the "Capture file
invalid." error. As workaround, clear the display filter first.
- Follow Stream always selects Stream ID 0 instead of the first or
currently selected stream field in a packet. Users should manually
update the stream index as needed.
Change-Id: I5866be380d58c96f0a71a29abdbd1be20ae3534a
Ping-Bug: 13881
Reviewed-on: https://code.wireshark.org/review/34694
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Show the dialogs asynchronously so no new event loops are created. This
not only simplifies stack traces (reduces the nesting level) but also
prevents hard to debug problems (eg. Bug 15743) from happening.
Change-Id: I85821a1403839a5baca504b40efce0ede2f1e0cb
Reviewed-on: https://code.wireshark.org/review/34646
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The HTTP/2 protocol multiplexes a single TCP connection into multiple
independent streams. The Follow TCP output can interleave multiple
HTTP/2 streams, making it harder to analyze a single HTTP/2 stream.
Add the ability to select HTTP/2 Streams within a TCP stream.
Internally, the HTTP/2 dissector now stores the known Stream IDs in a
set for every TCP session which allows an amortized O(n) lookup time for
the previous/next/max Stream ID.
[Peter: make the dissector responsible for clamping the HTTP/2 Stream ID
instead of the Qt code, that should permit future optimizations.]
Change-Id: I5d78f29904ae8f227ae36e1a883155c0ed719200
Reviewed-on: https://code.wireshark.org/review/32221
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Also clarify the method by which the filter can be selected. From the
main menu only selected filters from a ProtoTree can be selected,
therefore the code for PacketList handling has been removed.
Change-Id: I5e5827d763ab3b25db14a384581f283238f96d28
Reviewed-on: https://code.wireshark.org/review/34384
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
The context menu should only use information readily available
at the point of creation. Copying actions from the mainwindow
introduces a bunch of synchronization and consistency issues.
This is a first step to move away from a centralized approach
of managing actions, towards a distributed approach. As a side
effect, this also solves the old issue of having the apply
items greyed out in context menu
Bug: 16001
Bug: 15323
Change-Id: I10c6df11cbab0a89386f5bf1d27759103df2a012
Reviewed-on: https://code.wireshark.org/review/34370
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The default position for a column when "Apply as Column" is before
the Info column if this is last, else add last.
This bug was introduced in g5ae259c4.
Change-Id: I68adaec5092e0ed1c65e771f171c42000fdc83fc
Reviewed-on: https://code.wireshark.org/review/33759
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
This new tap collects credentials (username and paassword)
from the dissectors.
So far, few dissectors have been instrumented:
- http (basic auth)
- http (header auth)
- ftp
Others can be instrumented as well using the same technique.
Tshark has a new option (-z credentials) and Wireshark a new
"tools" menu: the documentation has been updated accordingly.
Change-Id: I2d0d96598c85bb3ea4fb5ec090dd8dc28b481fc9
Reviewed-on: https://code.wireshark.org/review/33453
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Add support for ".template" icons, which are masked against the current
WindowText color. Convert the edit-find icons to templates.
Reload our icon(s) when we receive a QEvent::PaletteChange in MainWindow
and in StockIconToolButton.
Clean our SVGs.
To do:
- Convert other black or mostly black icons to templates.
- Handle QEvent::PaletteChange in more places.
Ping-Bug: 15511
Change-Id: I1ce78d92e769861dc38d86a3def5116fb869e2bf
Reviewed-on: https://code.wireshark.org/review/33571
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Allows for dropping fields on the columns to add them as well as indicate
width while dragging the columns
Change-Id: Ic98ae431886e5eb2ebd9ba50390742995bf22d5a
Reviewed-on: https://code.wireshark.org/review/33573
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
tcp.stream and udp.stream are already unsigned identifiers. An upcoming
http2.hashed_stream identifier can exercise the full unsigned 32-bit
number space, so be sure not to treat the stream identifier as signed
integer.
Change-Id: Ic5d398b2bda7eba7555e385ef3fcd44b490f78c9
Reviewed-on: https://code.wireshark.org/review/32287
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexander Gryanko <xpahos@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Don't set the display filter combo's minimum size. This lets us show
more filter expression buttons.
Clear the filter expression toolbar before redrawing it. This gets rid
of a leftover artifact here on macOS.
Change-Id: Iab944e8992caf554e024521df52d0089a4501674
Reviewed-on: https://code.wireshark.org/review/30902
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
To mimic the behaviour we have with remote controls, we
hide the wireless toolbar if it cannot be used, instead
of displaying an empty toolbar with the information that
it is not supported
Change-Id: Iccb0bf78a29a2547adf2290198df8a1bf3450d82
Reviewed-on: https://code.wireshark.org/review/30455
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove MainWindow::createByteViewDialog, which was called once and
contained one line.
Change-Id: Ibe03db2c527b0a817d8b99df87d161405805bac3
Reviewed-on: https://code.wireshark.org/review/28733
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Remove all filter toolbar related stuff into a separate class
and away from MainWindow
Change-Id: I36d937be6c2686b16a8d494213dc740d8d28efcb
Reviewed-on: https://code.wireshark.org/review/28432
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
- Trivial by just doing it the C++ way
- Non-Trivial where the whole function can be put into the #ifdef instead of the variable use case
Change-Id: I034751b8a3c70211173f0c06c954def94450db46
Reviewed-on: https://code.wireshark.org/review/28311
Petri-Dish: Jörg Mayer <jmayer@loplof.de>
Tested-by: Petri Dish Buildbot
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Chuck Craft