Build WiresharkPortable32 or WiresharkPortable64 as appropriate for our
target platform. Add WiresharkPortable64 steps to the Win64 builder.
Update the Developer's Guide. Fixes#17260.
It's not that Wireshark only supports one copy of some block options,
it's that *the pcapng specification* only supports one instance of some
block options, and it's not that wtap_block_set_*_value() fails on
non-string values, it's that the set_XXX_option_value routines currently
only support changing the value of an existing option, not adding a new
instance of an option - the latter requires the add_XXX_option_value
routine.
ws_warning() logs the source file name, source line number, and calling
function name for the ws_warning() call; for errors reported by
REPORT_DISSECTOR_BUG() and macros that call it, the message isn't
reported directly by the macro - the macro formats the error message
into a string, saves the string, and throws a DissectorError exception,
to terminate the dissection, and the exception handler uses the
formatted string in its messages.
Thus, the location in the exception handler isn't interesting; it's not
where the error occurred, it's just where the message is logged, which i
the same for all such errors.
Don't use ws_warning(); instead, directly call ws_log() with
WS_LOG_DOMAIN and LOG_LEVEL_WARNING, which doesn't log the location of
the ws_log() call.
Currently we are not filtering the unset (NULL) domain, on
the assumption that every log call should belong to a defined
domain.
However there are still many places in the codebase where this isn't
true and the fact that the null/default domain name is omitted from
the output and never filtered is probably surprising and user-unfriendly.
Users might understandably assume the filtering is buggy.
Give an indication, such as (none)-MESSAGE, to make this more
obvious.
LINKTYPE_ERF pcap files are really ERF files inside a thin pcap wrapper
(don't even ask what a pcapng file with some or all interfaces being
LINKTYPE_ERF is...), so the time stamp comes from the ERF record, not
from the pcap packet header or pcapng block header.
The time stamp reslution for the record should reflect that, so set it
to WTAP_TSPREC_NSEC (ERF time stamps are fractional-power-of-2, not
fractional-power-of-10, so that's the best we can do).
Have them take error code and error information string arguments and,
for various failures, fill them in as "internal error" indications.
Check their return codes to see if they got an error.
The --log-debug and --log-noisy now accepts a '!' to invert the
match and disable the debug (noisy respectively) log level for
the listed domains.
Note this is different from --log-domains, that option
enables/disables the entire log domain itself, regardless of log
level.
Don't assume the default is correct, because there's no guarantee of
that - in fact, there's currently a guarantee that it's not, as it's
initialized to 0, which is WTAP_TSPREC_SECS.
The AUTHORS section of wireshark(1) is about half the content of the man
page. While it's important to acknowledge the people who have
contributed to the project, the goal of the man page is to tell people
how to use Wireshark.
Replace the list of authors with text that acknowledges their
contributions along with pointers to the AUTHORS file and the list on
the main web site.
The name of the block, in the pcapng specification is the systemd
Journal Export Block; add "export" after "journal" in various
variable/enum/define names.
Problem Statement:
=================
OSPFv3 authentication trailer header is not get decoded for
Database description(DD) packets.
RCA:
====
OSPFv3 supports decoding of authentication trailer header only
for Hello packets as of now. Even DD packets have options and
it can be decoded based on AT bit.
Fix:
====
In the function to check if Auth trailer is supported,
Have added a check for DD packet also.
Risk:
=====
Low - Platform independent code.
Tests Executed:
===============
Download the code from CI and test DD packet decoding.
Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
ws_log_domains.h needs to be included before wslog.h to be used
to define WS_LOG_DOMAIN. Also the definition for enum ws_log_level
needs to be exported for other APIs so move that to ws_log_domains.h
and rename the file to ws_log_defs.h to reflect the new scope.
This is intended to replace logging in dissectors that has a
debug level with #ifdef DEBUG_foo and an extra level guarded
by a #ifdef DEBUG_EXTRA_foo.
But generally it can be used as another level of granularity
for debugging output, to avoid flooding the log with too
much information with typical usage.
Rename the filter functions without the unnecessary 'str'
suffix.
Option --log-debug or WIRESHARK_LOG_DEBUG is a list
of domains that are set to a "debug" log level. This
takes precedence over the normal log level and domain
filter options.
Enviroment variable WIRESHARK_LOG_FATAL and command line
option --log-fatal set the fatal log level. Messages with
fatal or highr priority cause the program to abort. By
default the fatal level is "error", but it can be set to
"critical" or "warning" with this option.
Domain filter expressions starting with '!' invert the match.
Only domains that do not match become active. Note that '!'
must be the first character in the filter and applies to the
whole expression.
Now that it's being done in common code, we don't need to do it in the
routines to read sysdig event blocks, systemd journal export blocks, or
unknown blocks.
Add in a comment to match other comments while we're at it.
The IEEE Std 802.11ax-2021 amendment relaxes the requirements for
elements included in the Nontransmitted BSSID Profile subelement:
"Any element specific to the BSS or with content that is different
from the transmitted BSSID" can be included as a sublement.
However, it also enumerates elements that should not be included in the
Nontransmitted BSSID Profile subelement, including some extended element
IDs.
Thus, I've changed the add_tagged_field function to be more comprehensive, so that:
a) it can use the list of elements IDs to check for valid OR invalid element IDs
b) it defines necessary arguments for also checking valid OR invalid extended element IDs
The original function declaration is kept as it is, and the implementation calls the
new function, add_tagged_field_with_validation.
An alternative implementation of this change would be to have
the Multiple BSSID dissector implementation skip the check for invalid
element IDs in the Nontransmitted BSSID Profile subelement,
hence not requiring any changes to the add_tagged_field function.
However, for completeness, the add_tagged_field function should check for
valid extended element IDs in the same way it can check for valid element IDs,
and this commit provides it.