The Ubuntu pipeline test is failing because it is expecting
something that my MR has changed.
This is a modification of the test file that accomodates
the new output.
This has been corrected using wmem_map() fucnctions.
The full method is in the comments.
HTTP: removed unused function declaration
HTTP: Ranges are used to match reqs/resps
This does NOT fix incorrect URI matching in asynchronously ordered
GETS with a status of 206.
HTTP: Request-response matching corrected
/*
* Unlike protocols such as NFS and SMB, the HTTP protocol (RFC 9110) does not
* provide an identifier with which to match requests and responses. Instead,
* matching is solely based upon the order in which responses are received.
* HTTP I/O is asynchronously ordered such that, for example, the first of four
* GET responses is matched with the first outstanding request, the next
* response with the second oldest outstanding request and so on (FIFO).
* The previous method instead matched responses with the last of several
* async requests rather than the first (LIFO), and did not handle requests
* with no responses such as the case where one or more HTTP packets were
* not captured. Whenever there were multiple outstanding requests, the SRT
* (RTT) stats were incorrect, in some cases massively so.
*
* While RFC 9110 expressly prohibits matching via byte ranges because, among
* other things, the server may return fewer bytes than requested, the first
* number of the range does not change. Unlike HTTP implementations, Wireshark
* has the problem of requests/responses missing from the capture file.
* In such cases resumption of correct matching was virtually impossible and
* all matching was incorrect from that point on.
*
* The method of matching used herein is able to recover from packet loss,
* any nummber of missing frames, and duplicate range requests. The
* method used is explaned within the comments.
HTTP: Fixed no resp_in
When a GET request has a range and the response does not,
"Response in" was not being displayed in the request.although
that frame number was available.
HTTP: Fixed error in last commit
HTTP: corrected request/response
Matching was not compliant with RFC9110 when requests were sent
asynchronously ordered fashion. A new matching method has been
added to handle cases where packets are missing from the capture.
HTTP: correct req/resp matching without comments
This is the same code with the commented out code removed.
HTTP: Fix request/reply matching
When asynchrously (yet ordered) requests and replies were matched
according to LIFO rather than FIFO. Next and previous request
and response has been eliminated because there is no use case for
them and they bloat the Packet Detail.
HTTP: Fix request/reply matching
Fixed clang errors
When asynchrously (yet ordered) requests and replies were matched
according to LIFO rather than FIFO. Next and previous request
and response has been eliminated because there is no use case for
them and they bloat the Packet Detail.
Matching was not compliant with RFC9110 when requests were sent
asynchronously ordered fashion. A new matching method has been
added to handle cases where packets are missing from the capture.
Matching of requests and responses were being done using LIFO rather than
FIFO.
The method of matching used in this change is able to recover from packet
loss, any nummber of missing frames, and duplicate range requests. The
method is explained within the comments.
/*
* Unlike protocols such as NFS and SMB, the HTTP protocol (RFC 9110) does not
* provide an identifier with which to match requests and responses. Instead,
* matching is solely based upon the order in which responses are received.
* HTTP I/O is asynchronously ordered such that, for example, the first of four
* GET responses is matched with the first outstanding request, the next
* response with the second oldest outstanding request and so on (FIFO).
* The previous method instead matched responses with the last of several
* async requests rather than the first (LIFO), and did not handle requests
* with no responses such as the case where one or more HTTP packets were
* not captured. Whenever there were multiple outstanding requests, the SRT
* (RTT) stats were incorrect, in some cases massively so.
*
* While RFC 9110 expressly prohibits matching via byte ranges because, among
* other things, the server may return fewer bytes than requested, the first
* number of the range does not change. Unlike HTTP implementations, Wireshark
* has the problem of requests/responses missing from the capture file.
* In such cases resumption of correct matching was virtually impossible and
* all matching was incorrect from that point on.
*
* The method of matching used herein is able to recover from packet loss,
* any nummber of missing frames, and duplicate range requests. The
* method used is explaned within the comments.
Initialize len if it's going to be used in the return.
In certain cases we don't enter the loop and call
dissectr_http_message at all.
Fixup 76879a480aFix#19739
Fully dissect the VMOTION-PEER message, even in a one-pass dissection or when
the VMOTION-PEER-OK message was not captured. This requires that we correlate
this Telnet conversation with the earlier one carrying the VMOTION-GOAHEAD
message, and extracting the length of the sequence number from there.
The new CE_BLOB is similar to CE_STRING, but can include zeros within its
value, is not NUL-terminated, and -- because it likely isn't printable text --
is displayed as hexadecimal.
For a VMOTION-GOAHEAD message, it is likely that we can use an earlier message
in the same conversation to determine the length of the "sequence" field,
allowing us to fully dissect that message. In a two-pass analysis, even the
length from the VMOTION-PEER-OK message allows for dissection of the preceding
VMOTION-PEER message.
For decoding the VMOTION-PEER message in one pass, it's going to require a bit
more work -- i.e. tracking the "vMotion conversation" across the two Telnet
conversations.
Changes were made to the generated packet-fix.h without making corresponding
changes to the underlying source material and scripts.
e0300eae: Changed "SYTLE" -> "STYLE", "CORRESPONDANT" -> "CORRESPONDENT"
5cd53414: Change the list terminator to "{ 0, NULL }"
Note that we have already made some modifications to the source .xml files
(in, for example, 23eac7dc and 78c05162), so I don't feel any qualms about
modifying them further here.
With these changes, the generated packet-fix.h is once again byte-for-byte
identical to the one in the repository.
Switch from an int to an int64_t for the index size (where -1
is failure) for get_io_graph_index.
This allows more room to switch to a small minimum interval
(#13682) without overflow causing unexpected results (i.e.
packet much later in time mapping back to an earlier index.)
GeometryStateDialog is used when we want to remember user-set
geometry for a window. If we want the user to be able to control
the geometry, we probably want to allow minimization and maximization.
Pass Qt::Window as the default WindowFlag to GeometryStateDialog
(which is what WiresharkDialogs already do). This on most platforms
defaults to adding minimize and maximize buttons. (On some platforms,
like recent GNOME, we're at the mercy of various settings like
gsettings get org.gnome.desktop.wm.preferences button-layout
but the user can access minimize and maximize actions via right-clicking
the window title bar. Unfortunately it won't stop user confusion.)
Fix#18980. Part of #12566.
We can read IDBs (and other non packet blocks) in the
middle of the file, so init the dump parameters after
reading all the frames. This will move the IDBs (and NRBs
and DSBs) to the start of the new output file (which might
have to happen if they're out of order.)
Note: Files with multiple Section Header Blocks probably still
aren't handled correctly, because the IDB number might need to be
rewritten (though we have some of that information after
commit 8ebde1309d)
Fix#19740
Switch from gshort to more appropriate types in the IPDC and TDS
dissectors. Remove a check for G_HAVE_GLONG_DOUBLE, which appears to
have never existed.
We don't want automatically convert glongs any more, so remove the glong
conversion in convert-glib-types.py.
Ping #19116
I don't know why it's a gshort, i.e. a short, given that it returns
either -1, 0, or 1, indicating to Goldilocks that the version is too
small, just right, or too big, respectively. Make it an int, as is used
for C library routines that perform comparisons.
It's not as if the return type matters anyway, given that we never check
it; add an XXX comment about this before all calls, asking whether the
dissection should continue if the call fails.
Add the ability to automatically switch profiles based on display
filters. Add an "Auto Switch Filter" column to the Configuration
Profiles dialog which lets the user associate a display filter with a
profile. Add a "gui.profile_switch_check_count" which determines the
number of packets or events to check.
When loading a capture file, switch to the first profile with a matching
filter.
Add a short description to the User's Guide. Hold off on updating
ws-gui-config-profiles.png until we're sure the UI is stable.
Ping #10352, #14226
Use octal escapes padded to three digits instead of hex escapes.
An octal escape is limited to three digits by definition, whereas
hex escape sequence are not limited, which causes problems if
a hex escape is followed by a (non escaped) possible hex character.
Escape double quotes and backslash. Use the simple escapes of
non printable characters too (optional, but looks nicer.)
This possibly could go in wsutil as another ws_escape method, but
the fix needs to be backported to 4.2 so let's not introduce a
new public function yet.
Fix#19735
Add a class for a QCustomPlot SI prefix axis ticker, using
format_units, and supporting both linear and log scales.
Use this for all the known IO Graph unit types (except don't
try to interpret BASE_UNIT_STRING yet.)
Use this to replace automatically scaling the data, avoiding
a lot of expensive floating point calculations for busy graphs.
This should make it easier to support smaller intervals
eventually (see #13682).
Fix#12827. Fix#14661.