cmdarg_err() is for reporting errors for command-line programs and
command-line errors in GUI programs; it's not something for any of the
Wireshark libraries to use.
The various routines for parsing numerical command-line arguments are
not for general use, they're just for use when parsing arguments.
Change-Id: I100bd4a55ab8ee4497f41d9651b0c5670e6c1e7f
Reviewed-on: https://code.wireshark.org/review/31281
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I96f937ac7f0b085cd1db80b67f490193b02f9aca
Reviewed-on: https://code.wireshark.org/review/31203
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The pcapng file format specification speaks of a secion block, not
a session block. Let the function name reflect the proper name of
the block it writes.
Change-Id: Id399fae3648c93f4750fedaa297b18f95f2bb96f
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31099
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That means that code is only in one place, rather than having copies of
it in each of those programs.
CLI programs that, on Windows, should get UTF-8 arguments rather than
arguments in the local code page should:
include the top-level cli_main.h header;
define the main function as real_main();
be built with the top-level cli_main.c file.
On UN*X, cli_main.c has a main() program, and just passes the arguments
on to real_main().
On Windows, cli_main.c has a wmain() function that converts the UTF-16
arguments it's handed to UTF-8 arguments, using WideCharToMultiByte() so
that it doesn't use any functions other than those provided by the
system, and then calls real_main() with the argument count and UTF-8
arguments.
Change-Id: I8b11f01dbc5c63fce599d1bef9ad96cd92c3c01e
Reviewed-on: https://code.wireshark.org/review/31017
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make our package relocatable on Unix systems.
Linux, Solaris and FreeBSD are known to support $ORIGIN.
Change-Id: Ibcdda33d62c075bfa867d006cb6aaf5824609011
Reviewed-on: https://code.wireshark.org/review/30896
Petri-Dish: João Valverde <j@v6e.pt>
Reviewed-by: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The verbose config option has been replaced by an extcap base debug
option. Presenting verbose as an available option makes Wireshark
trying to retrieve the value of this option. As the option is not
really supported and invalid options after a recent change now
generate errors the androiddump tool does not start properly.
For reference the problem happens due the unfortunate combo of
these two patches:
v2.3.0rc0-1108-gb83ea46 ("extcap: put missed parameters into the help")
v2.9.0rc0-2431-g945d441 ("extcap: fix return value in extcap_base_parse_options().")
Fix by removing verbose as an available config option.
Change-Id: I894f599708a7160f50ca9ee1f9586022342705cb
Reviewed-on: https://code.wireshark.org/review/30716
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Already when selecting the extcap interface to use the encap type is
known. For some reason when adding packets the type is explicitly
checked for certain values and if not known type is set to
WTAP_ENCAP_WIRESHARK_UPPER_PDU.
This conversion break tcpdump function for all but ETHERNET interface
type. For example NLMON and 802.11 radiotap interfaces does not work.
This problem has probably been there since quite a while back but was not
seen (in the sense that current capture looked OK). Though when:
"3aec5e1 Catch attempts to write multiple encapsulation types if unsupported."
got applied the encap type mismatch is now detected and packet capture stops.
As encap type is known already when selecting the interface to use, fix
this by simply reusing the initial value when dumping the packets.
Change-Id: Ica9824e715c47b285c985ea48cbae0e10e18d542
Reviewed-on: https://code.wireshark.org/review/30715
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This:
1) means that we don't have to flag the compression argument with a
comment to indicate what it means (FALSE doesn't obviously say "not
compressed", WTAP_UNCOMPRESSED does);
2) leaves space in the interfaces in question for additional compression
types.
(No, this is not part 1 of an implementation of additional compression
types, it's just an API cleanup. Implementing additional compression
types involves significant work in libwiretap, as well as UI changes to
replace "compress the file" checkboxes with something to indicate *how*
to compress the file, or to always use some other form of compression).
Change-Id: I1d23dc720be10158e6b34f97baa247ba8a537abf
Reviewed-on: https://code.wireshark.org/review/30660
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Use it for all the per-file information, including the per-file
link-layer type and the per-file snapshot length.
Change-Id: Id75687c7faa6418a2bfcf7f8198206a9f95db629
Reviewed-on: https://code.wireshark.org/review/30616
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Update sshdump and ciscodump to use it.
Change-Id: I5fbb9e3a870ec8baa0f326ad34733743cbb981f3
Reviewed-on: https://code.wireshark.org/review/30571
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's operating system dependent, but the library takes care of it
on different operating systems.
Options are set with this precedence:
- if user-provided, use it
- if not, take the one from config file
- (username only) if none in the config file, take the current user from OS
Change-Id: I00dcc1c9a8613e6d1250b6404bf2100f6ccff7b7
Reviewed-on: https://code.wireshark.org/review/30558
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have the routines always take a parameters pointer; pass either null or
a pointer to an initialized-to-nothing structure in cases where we were
calling the non-_ng versions.
Change-Id: I23b779d87f3fbd29306ebe1df568852be113d3b2
Reviewed-on: https://code.wireshark.org/review/30590
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I15f5989f08b7e3851a7c4b949d63434fbc750020
Reviewed-on: https://code.wireshark.org/review/30557
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
sshdump and ciscodump have been updated to use it.
Change-Id: I4e1e0d35f086d76c13264939bc4f14308cc88cfb
Reviewed-on: https://code.wireshark.org/review/30496
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We need to split good options' from bad options' return value.
Change-Id: I836e58c0f05716484664f354e7332a74d6a08c20
Reviewed-on: https://code.wireshark.org/review/30503
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Switch from using WinMain in extcap to wmain.
Change-Id: I54fafad598f5ff74fe84a3ce3e993ac5a31188f7
Reviewed-on: https://code.wireshark.org/review/30094
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use a single template file for most of our program resources. Encode
our resource files as UTF-8. Add resources to extcap/*.exe.
Replace a regex with concatenation.
Change-Id: I0ed49086618127ca4fdef69272f849d8f16e4dab
Reviewed-on: https://code.wireshark.org/review/30088
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Add an sdjournal extcap, which reads journal entries using the
sd-journal API and dumps them as journal Export Format records.
Change-Id: I17ccfa88ab5d053c16c869cd26e580d84022502e
Reviewed-on: https://code.wireshark.org/review/29479
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It doesn't matter on UN*X, but it definitely matters on Windows; we're
writing a pcap file, not a text file, so every byte we write should go
down the pipe as is.
Bug: 14989
Change-Id: I26c067b8ff5dba644a579846dd97b568a81c7053
Reviewed-on: https://code.wireshark.org/review/28764
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For testing live capture mode in the Qt UI, it is useful to have a
continous capture source with some dummy packets.
Change-Id: Id76ecbf24828dd3212b208c96679524e4c25b00f
Reviewed-on: https://code.wireshark.org/review/28537
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Multi-configuration generators (such as Xcode or VS) append the current build configuration to most paths (eg. Debug/Release). Currently this results in inconsistent paths for the application bundle and the included command line tools. This commit sets the correct path information for multi-configuration generators for macOS application bundles. The standard Makefile behaviour is untouched.
One Windows specific configuration was changed, as it was conflicting with these changes. This needs to be checked before merging.
Additionally the wrapper scripts are omitted for Xcode, as the path to the binaries depends on the configuration chosen in Xcode. Therefore it is not viable to create these scripts in the cmake run.
Bug: 11816
Change-Id: Ib43d82eb04600a0e2f2b020afb44b579ffc7a7c9
Reviewed-on: https://code.wireshark.org/review/28291
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The EXTCAP_DIR must be known in the root file to be set in config.h
and it's still needed in extcap/ to install the binaries, hence we
need caching it as well.
Bug: 14724
Change-Id: I58bac7de7a00e06c23fe8c8f1a7e3d299de6a560
Reviewed-on: https://code.wireshark.org/review/27776
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
androiddump determines encap type by parsing pcap global header from
tcpdump binary output. Only when libpcap is used with androiddump
this (pcap linktype) value can be used right away. Libwiretap
uses its own encap values but is feed with pcap linktype values
making the whole packet encapsulation invalid.
Fix by converting pcap linktype values into wiretap encap values
(For pcap linktype definitions see http://www.tcpdump.org/linktypes.html)
(For wtap encap defininitions see wiretap/wtap.h)
Fixes: bfef57ebb7 ("androiddump: Fix and simplify tcpdump capture")
Change-Id: I5ea86204b8e5774fd84d4007db8c2910680dbd53
Reviewed-on: https://code.wireshark.org/review/27747
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Florian Bezold <florian.bezold@esrlabs.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
caputils/ws80211_utils.c contains a re-definition of the linux kernel's
nla_for_each_nested() macro that applies the correct casts to allow
compilation with a C++ compiler.
Make this definition public by moving it into a new wsutil/netlink.h
file. Include the kernel's original definition before we overwrite it. This
way, it's not necessary for a .c file to include wsutil/netlink.h after
the system includes.
Use our nla_for_each_nested() version in extcap/dpauxmon.c to squelch the
following compiler warning:
[1664/2251] Building C object
extcap/CMakeFiles/dpauxmon.dir/dpauxmon.c.o
../extcap/dpauxmon.c: In function ‘family_handler’:
../extcap/dpauxmon.c:168:13: warning: request for implicit conversion
from ‘void *’ to ‘struct nlattr *’ not permitted in C++ [-Wc++-compat]
nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], rem_mcgrp) {
Change-Id: I6ba40ef6343c5d168c1b0c4554f13202911ded76
Reviewed-on: https://code.wireshark.org/review/27688
Reviewed-by: Anders Broman <a.broman58@gmail.com>
You either need to tell mktime() that 1) DST/Summer Time is in effect,
2) DST/Summer Time isn't in effect, or 3) we don't know whether
DST/Summer Time is in effect, you figure it out.
We set tm_isdst to -1, to choose option 3), which is what we want.
Fixes Coverity CID 1435496.
Change-Id: I0f22ef1201ee8abefb3fa75aa3432b021fb13cfd
Reviewed-on: https://code.wireshark.org/review/27408
Reviewed-by: Guy Harris <guy@alum.mit.edu>
extcap-base.c:293:43: error: cast between incompatible function types from ‘void (*)(void *)’ to ‘void (*)(void *, void *)’ [-Werror=cast-function-type]
extcap-base.c:302:45: error: cast between incompatible function types from ‘void (*)(void *)’ to ‘void (*)(void *, void *)’ [-Werror=cast-function-type]
extcap-base.c:321:42: error: cast between incompatible function types from ‘void (*)(void *)’ to ‘void (*)(void *, void *)’ [-Werror=cast-function-type]
Change-Id: Ifd9151d04412c5e29636dc14c57a327cc12d33f3
Reviewed-on: https://code.wireshark.org/review/27265
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It has been replaced by cmake.
Change-Id: I83a5eddb8645dbbf6bca9f026066d2e995d8e87a
Reviewed-on: https://code.wireshark.org/review/26969
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add an optional argument to extcap-version, which tells the utilities
the wireshark version and therefore allows them to handle different
versions differently.
If no version is provided, the utility has to assume it is dealing
with a Wireshark 2.x version (default behavior).
Change-Id: I51658300f28f503ca8050d204b73749f1a54df16
Reviewed-on: https://code.wireshark.org/review/26752
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
The code to read and skip btsnoop header was written in a way where
it reads up to PACKET_LENGTH bytes of data, skips the header, then
move rest of data back start of buffer. So far so good. The code
then resets number of bytes used in buffer making it skip rest of
all data read.
Many times this works fine but only by luck. When there's no data
transfers first recv call will always only return the header
(sender side writes header separately right after accept).
When data transfers are ongoing first recv call will return both
header and data. Then initial data is lost but more importantly
risk parsing data with invalid offset.
Fix by reading btsnoop header separately from rest of data.
Change-Id: Ie52c33f943d8b311e0cd5638ec1a7d4840e271b8
Reviewed-on: https://code.wireshark.org/review/26659
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
ps command is used to find com.android.bluetooth process. From
Android Oreo the ps command needs -A parameter for listing all
processes.
Change-Id: I1a547a0d61175c1e194823462661ec69e711ca50
Reviewed-on: https://code.wireshark.org/review/26652
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Code assumes btsnoop net port is the first tcp socket found in
/proc/<pid>/net/tcp. If it is not the port number lookup will
fail.
Fixed by searching all open tcp sockets for a match.
Change-Id: I988fe18680600b59c595f3d619d95c72c1a6966d
Reviewed-on: https://code.wireshark.org/review/26651
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
Commit 043ed1f6 enabled non-blocking connect on Windows. This seems to
break androiddump on Windows completely, since a successful connection
always returns SOCKET_ERROR on connect, with WSAGetLastError() set to
WSAEWOULDBLOCK.
Apparently, the only way to check for a real connection is to try a
write select on the socket:
https://stackoverflow.com/questions/35370239/timeout-in-connect-function-from-winsock
This fixes androiddump on Windows:
- If ADB server is running, extcap interfaces are listed
- If ADB is not running, there is no noticeable delay in Wireshark
Change-Id: I6bd772215c7b232c8fe8e840cb7ad1d54c7d8860
Reviewed-on: https://code.wireshark.org/review/25715
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1. Use "exec:" ADB command to get raw (non-PTY) tcpdump output
This is also supported on Android devices before Android 7, and is a
much easier approach than testing the new "shell,raw:" command and
falling back if unsupported. This basically undoes commit 5ebc3277.
2. Pass "-U" to tcpdump to prevent on-target buffering
Before using the "shell,raw" approach in commit 5ebc3277, I tried the
"exec:" command already, but experienced extreme buffering of the
tcpdump output, which is unacceptable for live trace viewing.
Turns out, the buffering is determined "automatically" by libpcap:
- When running in a PTY, output is flushed fast for viewing
- When _not_ in a PTY, output is not flushed and thus heavily buffered.
The "exec" command obviously doesn't use a PTY.
Fortunately, tcpdump has a "-U" option to flush the output after each
catpured packet, which is exactly what we need.
3. Ignore tcpdump stderr output
Enabling "-U" caused androiddump to fail, because it happened that the
tcpdump stderr logs were mixed with the stdout data. (We were probably
lucky this didn't happen without -U as well).
To fix this, we just ignore stderr completely by adding "2>/dev/null" to
the tcpdump command.
4. Get linktype from pcap global header
The stderr logs were previously parsed to get the textual linktype.
This is now replaced by a simpler & less fragile approach: tcpdump
prints the global pcap header, which contains precicesly the linktype
info we need.
5. Parse pcap global header magic correctly for timestamps & endianness
The previous code only supported the "classic" pcap header magic and
might also been incorrect on big-endian host machines.
Now, endian handling is simplified and we can detect the "nanosecond
timestamp" magic values as well.
This fixes the problem that extcap_dumper_dump expects *nano*second
timestamps, but the previous code supplied *micro*seconds if on-target
tcpdump outputs microseconds.
6. The parsing simplifications above allowed the main loop for tcpdump
capture to be simplified considerably.
Change-Id: Id66791e700a8943b86128f044f080bee60a9fa79
Reviewed-on: https://code.wireshark.org/review/25713
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Separate the stuff that any record could have from the stuff that only
particular record types have; put the latter into a union, and put all
that into a wtap_rec structure.
Add some record-type checks as necessary.
Change-Id: Id6b3486858f826fce4b096c59231f463e44bfaa2
Reviewed-on: https://code.wireshark.org/review/25696
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Running "tcpdump -D" on target seems to be a expensive operation in some
cases, not finishing within the 500ms timeout on several devices (~1000 ms
in one of our cases).
Change-Id: I57e4d31f12c4e393ff84e79b64cb024b74a11f0e
Reviewed-on: https://code.wireshark.org/review/24719
Reviewed-by: Michal Labedzki <michal.labedzki@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
g995812c5f1 moved wiretap plugins registration from applications to
wiretap library init function.
As we do not want to load plugins for all users of libwiretap, let's
make it configurable.
Bug: 14314
Change-Id: Id8fdcc484e2d0d31d3ab0bd357d3a6678570f700
Reviewed-on: https://code.wireshark.org/review/25194
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If there's a network interface on the device without the 'flags'
field and at the same time exist other network interfaces
with the 'flags' field present a null-dereference happens accessing
the non-matched regex flags field.
Fix crash by adding explicit null check to ensure (optional) regex
group really matched.
Fixes: 7dcf57719f ("androiddump: Support older on-target tcpdump versions")
Change-Id: Ia08dd8547c9cdda96b3c62b99d98ff1d85bd6cd2
Reviewed-on: https://code.wireshark.org/review/25198
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
The output of 'tcpdump -D' only outputs interface flags from Android 7
onwards. Since it would be sad to lose the great androiddump support for
all older devices because of this, the logic is extended so that it
lists all interfaces if no '[' and ']' is found in the output.
Also, the used regex seemed to require an interface description, which
might not exist (even with new tcpdump versions). Now, interfaces
without description are not filtered.
Change-Id: I92b550a37b9bc0d0142aed68ee98f26de79be759
Reviewed-on: https://code.wireshark.org/review/24720
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Devices running Android >= 7 have a different adb shell handling than
before:
- Before Android 7, adb always runs shell commands in a PTY
(pseudoterminal), which automatically converts all \n to \r\n
- Since Android 7, adb no longer uses a PTY if a command is directly
started (like 'tcpdump' in our case).
The original androiddump code reversed the PTY \r\n handling as for
older devices. Commit 66507b9 for bug 13510 removed that which supported
newer devices while breaking all older devices.
This fix tries to support both by first trying to use the new
"shell,raw:" adb command syntax. If that succeeds, adb/device must
support non-PTY shells and we don't reverse any \r\n.
If that fails, it's most likely an older device, and we fall back to the
original "shell:" command and enable \r\n reversal.
(To prevent misleading error popups in Wireshark, the warning log in
adb_send when the first attempt fails is changed to a debug log).
Ping-Bug: 13510
Change-Id: I7e0a4f594ebe5dde682cceb667330459337a0c9c
Reviewed-on: https://code.wireshark.org/review/24721
Reviewed-by: Mikael Kanstrup <mikael.kanstrup@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Put different types of plugins (libwiretap, libwireshark) in different
subdirectories, give libwiretap and libwireshark init routines that
load the plugins, and have them scan the appropriate subdirectories
so that we don't even *try* to, for example, load libwireshark plugins
in programs that only use libwiretap.
Compiled plugins are stored in subfolders of the plugin folders, with
the subfolder name being the Wireshark minor version number (X.Y). There is
another hierarchical level for each Wireshark library (libwireshark, libwscodecs
and libwiretap).
The folder names are respectively plugins/X.Y/{epan,codecs,wiretap}.
Currently we only distribute "epan" (libwireshark) plugins.
Change-Id: I3438787a6f45820d64ba4ca91cbe3c8864708acb
Reviewed-on: https://code.wireshark.org/review/23983
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
This looked a bit odd since the capture filter is variable length.
Removing it makes sshdump work.
Change-Id: I454c6263c04019d5e8ecbecd2490dd10185f5c67
Reviewed-on: https://code.wireshark.org/review/24531
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This sets the scope of the static build option to Wireshark support
libraries only.
Before the patch:
Static plugins don't work with CMake and autotools.
autotools static build is broken, and most likely will always be, as
building Wireshark all-static is difficult and time-consuming.
After the patch:
For CMake Wireshark will be built with static or shared libraries and
dynamic plugins. Everything just works. CMake apparently doesn't want
you building static and shared libraries at the same time.
For autotools Wireshark will be built with shared libraries by default.
--disable-shared and --enable-static options work as usual. Dlopened
plugins are not built if --disable-shared is given to configure (to
disable shared libraries). This is a limitations imposed by libtool.
Tested on Linux. This removes broken support for building plugins
statically.
Change-Id: Ib8e8176976f136eea93a2ce8f9857b6cf9bec64c
Reviewed-on: https://code.wireshark.org/review/24241
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Error checking omitted like in original code.
Change-Id: If8b4181d30ddf5717951aaf7ec61db25c0bc5322
Reviewed-on: https://code.wireshark.org/review/24309
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
Change-Id: Id3d9229f5d61390f2f4127c8dfdf445935297e85
Reviewed-on: https://code.wireshark.org/review/24300
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
According to README.extcap documentation all extcap tools must
support the --extcap-dlts option. For performance reasons support
for this option was removed by commit:
9328eb6 androiddump: Register interfaces when list interfaces
A side effect of not implementing the option is that dumpcap is
then also called to try to retrieve interface capabilities
for all androiddump interfaces. As extcap interfaces are not
local network interfaces errors like these are logged
whenever the interface list is refreshed:
Capture Dbg sync_if_capabilities_open
Capture Info sync_pipe_run_command() starts
Capture Dbg argv[0]: /usr/local/bin/wireshark/dumpcap
Capture Dbg argv[1]: -i
Capture Dbg argv[2]: android-tcpdump-wlan0...
Capture Dbg argv[3]: -L
Capture Dbg argv[4]: -Z
Capture Dbg argv[5]: none
Capture Dbg sync_pipe_open_command
Capture Dbg read 25 ok indicator: E len: 333 msg: E
Capture Dbg sync_pipe_wait_for_child: wait till child closed
Capture Dbg sync_pipe_wait_for_child: capture child closed after 0.000s
Capture Info sync_pipe_run_command() ends, taking 0.012s, result=-1
Capture Msg Capture Interface Capabilities failed. Error -1, The
capabilities of the capture device "android-tcpdump-wlan0..."
could not be obtained (android-tcpdump-wlan0...:
SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: No such device).
Please check to make sure you have sufficient permissions, and
that you have the proper interface or pipe specified. ()
To avoid error prints and to fulfil the documented equirements for extcap
tools register a fake interface with what would be the properties of such
an interface.
Change-Id: If174adbb64c66132be4225f854bbf9f66d2f5ed1
Reviewed-on: https://code.wireshark.org/review/23093
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The packet-per.c intialisation of ext_length is not really
needed - idx could be -1 with or without extension_flag
being set. But it'd be best not to have someone need to
think this through again.
Change-Id: If07f98ac7d7f2619149e35a2a0d75b765839a7ba
Reviewed-on: https://code.wireshark.org/review/23905
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
struct timeval is defined in <sys/time.h>, include it.
It should fix building with musl:
udpdump.c: In function 'setup_listener':
udpdump.c:126:9: error: variable 'timeout' has initializer but incomplete type
struct timeval timeout = { 1, 0 };
Change-Id: Id9be579e50ea2845ca609708e8ec4d1a3858ecc0
Reviewed-on: https://code.wireshark.org/review/23728
Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
For a sane plugin build environment. Include config.h as the first
header in the .c file instead.
Fix by moving required compiler attribute macros to a new
"ws_attributes.h" API header.
Change-Id: I34f58a927f68c1a0e59686c14d214825149749e1
Reviewed-on: https://code.wireshark.org/review/23400
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
Bug: 13847
Change-Id: I3a706db25204fe4c1fd1b7be3b17b8c55365dccf
Reviewed-on: https://code.wireshark.org/review/23169
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some Android devices support 802.11 monitor mode and nlmon
interfaces. Add linktype defines to be able to capture frames
from such interfaces.
Change-Id: I8b8b444ac2821542fc946694b71c8d9fb7ba1238
Reviewed-on: https://code.wireshark.org/review/23080
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Recent changes had the bt snoop capturing function stop working for
Android API versions >= 21. One of the command strings used for
detecting btsnoop server socket interface got messed up when
refactoring code. Fix by using the correct command strings again.
Fixes: faf100ec ("androiddump: Introduce adb_connect_transport helper function")
Change-Id: Id645d24cfb0cb23f36484cfd6416768c89bce51b
Reviewed-on: https://code.wireshark.org/review/23106
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Let androiddump's internal definition of encap types directly
use linktype values from libpcap/wiretap. This way back and forth
conversion between internal and public values can be avoided.
Change-Id: I67522283cc3eb15cbdb1bfdd829bb1ff0031bb82
Reviewed-on: https://code.wireshark.org/review/23079
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This function is helpful to debug the interaction between the
calling UI and the extcap itself.
All extcaps have been changed accordingly.
Change-Id: I358caf4c50797501672bf77fdd91f7276897078c
Reviewed-on: https://code.wireshark.org/review/22806
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Some more repeated code patterns identified. Reduce code duplication
by adding some helper functions.
Change-Id: I0fecd511fd56049e9eae111cdad08252dffff6cb
Reviewed-on: https://code.wireshark.org/review/22480
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix a few cases where socket is not closed on failure path.
Change-Id: Id116a8e5f14979f962fdf725c62999758b79109e
Reviewed-on: https://code.wireshark.org/review/22481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
If linktype cannot be determined from tcpdump output the
lookup function is handed a NULL which is then strcmp:ed.
Handle NULL parameter by explicit check.
Fixes Coverity CID 1413923
Change-Id: I290c116991d15cef0a1e954a9f8b76722a5f450c
Reviewed-on: https://code.wireshark.org/review/22483
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The regex matching for linktype might be performed multiple
times. Make sure string is freed before fetched again.
Change-Id: Ice7812ff4a3a8e6a1497ab2ef5aa94976502c16f
Reviewed-on: https://code.wireshark.org/review/22482
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
androiddump used to start tcpdump without specifying the interface
to capture packets on. This works when only one interface is up
but when multiple interfaces are up the output might be empty.
This change let tcpdump list all available network interfaces
and adds a unique extcap interface for each interface that is 'up'
on the device.
Change-Id: Icf0d7fa8f38320092579d4163dcdbcf2b687d8cc
Reviewed-on: https://code.wireshark.org/review/22402
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Instead of treating all output from Android tcpdump as Ethernet
data link type parse what tcpdump acually tells it to be.
This is needed as there are cases when the output is not Ethernet.
For example when starting packet capture on a device with multiple
interfaces up.
NOTE: As translation between tcpdump reported DLT and androiddump's
internal type was needed for now support is only added for types
used by network interfaces of tested devices (i.e. ETHERNET and
LINUX_SSL).
Change-Id: Ie3f9167176c336cb31f6e681f1daac6135a78883
Reviewed-on: https://code.wireshark.org/review/22401
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make the variable used for it an int; that's large enough, and, on
Windows, not so large that it provokes warnings.
Change-Id: I00600d816f69d79f7a42eb09b1290ff7708b0bfc
Reviewed-on: https://code.wireshark.org/review/22420
Reviewed-by: Guy Harris <guy@alum.mit.edu>
All strings sent to adb are prefixed with the length as a 4 byte
hex string. The length info prefix was manually hard coded into
strings. To avoid mistakes when updating code and to simplify
reading the source code instead let the various adb_send functions
calculate string lengths and generate the 4 byte hex string
prefixes.
Change-Id: I4178e9df5930a1c7904053e5a7750c943efddc84
Reviewed-on: https://code.wireshark.org/review/22399
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Same code pattern is used over and over when connecting to an adb
server. Introduce a helper function that perform the function of
connecting to specified adb server and transport.
Change-Id: Id2f72f1eb976fa0d742a6db1ef6d592264990ba1
Reviewed-on: https://code.wireshark.org/review/22398
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Comments in code claim:
"The data we are getting from the tcpdump stdoutput stream as the
stdout is the text stream it is convertinng the 0A=0D0A; So we
need to remove these extra character."
This is not true on non-Windows systems at least so avoid the filter
when not built for Windows.
NOTE: A problem with the filter is that it operates on all bytes
received on the socket, including packet data(!). Capturing
data with CR/LFs (for example an HTTP request) will fail. Ideally
the filter should be replaced with some other mechanism but as I
don't have a Windows system to verify that the comment claims are
valid, this change will at least make androiddump work on
non-Windows systems.
Bug: 13510
Change-Id: Ic00f44fa7516c0db7fc015ed8685deb365a347db
Reviewed-on: https://code.wireshark.org/review/22397
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
udpdump has local copies of the tag values from exported_pdu.h, so the
dependency isn't needed. exported_pdu.h required tv_buff.h and packet_info.h,
whose inclusion caused link errors on SPARC.
Bug: 13801
Change-Id: Icbf7b59b8af0d3a0fc73599baad6932e76dc3462
Reviewed-on: https://code.wireshark.org/review/22131
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Have a header file that defines HAVE_REMOTE if HAVE_PCAP_REMOTE is
defined, and then includes pcap.h. Replace all other includes of
pcap.h, and the definition of HAVE_REMOTE, with includes of that file.
Check for anything other than wspcap.h including pcap.h in checkAPIs.pl.
Change-Id: I3cbee8208944ad6f006f568b3fe3134e10b2a883
Reviewed-on: https://code.wireshark.org/review/21605
Reviewed-by: Guy Harris <guy@alum.mit.edu>
WinPcap made the mistake of having stuff in its public header fines
depend on a configuration #define, HAVE_REMOTE; this means that we need
to forcibly define it when building with remote capture support.
The tip of the libpcap master branch does not have that botch; hopefully
future versions of libpcap-for-Windows will be based on that libpcap and
thus lack that botch as well.
Defining HAVE_REMOTE in config.h is not the right fix, as it makes it
look like a *Wireshark* configuration option that code in Wireshark
should test, rather than a *WinPcap* configuration option that the
pcap.h that ships with the WinPcap SDK should have been changed, as part
of the build process, to correctly define or not, so that users of
WinPcap don't have to define it themselves.
Change-Id: I62d1eca6d3c900d0dcc9fbc011db77f595a86313
Reviewed-on: https://code.wireshark.org/review/21593
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I1d82c62dd30497db6a88ba3d3c973799ba7631ab
Reviewed-on: https://code.wireshark.org/review/20730
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
androiddump reads data from tcpdump in chunks that not necessarily
match packet sizes. Whenever a partly read packet is found in buffers
more data is read and the number of used bytes in buffer is updated.
The calculation of used_buffer_length is wrong though leading to most
packets are read and thrown away.
Problem fixed by correcting an operator precedence mistake where
used_buffer_length would only be increaded with 0 or 1 insted of
actual number of read bytes.
Change-Id: Ib5c4e1d96e7ba499f26796ffa5d7ce6a116b9a6e
Reviewed-on: https://code.wireshark.org/review/20666
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Logcat Text interfaces have now two new options:
1. Ignore log-buffer - this means you start capturing immediately
and there will no logs from buffer
2. Custom-options - pass command line parameters to logcat, like tags
For example:
adb logcat -v threadtime -b main #now custom parameters starts# -T 20 -s Ads Wireshark
Please note that some custom options are banned to avoid unexpected
behaviour (like "not working")
Change-Id: I015d1aeae35cfed712de59138288d82d3a491c38
Reviewed-on: https://code.wireshark.org/review/20358
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: Ia88d00593163b1c1e9a0e120aeff5e36f0135474
Reviewed-on: https://code.wireshark.org/review/20319
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Architecture of androiddump based on "blocking" sockets,
however for start-up it is better to use non-bloking connect()
to avoid long waiting time then fail.
Change-Id: I2bb8ea51e24db4dd1f5a6b97e1d2bc0156342d97
Reviewed-on: https://code.wireshark.org/review/20293
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 13104
Change-Id: I05248dad8e72272cf0933c766ec0bf5160075e1e
Reviewed-on: https://code.wireshark.org/review/20275
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Release as version 1.0.5:
All connects to ADB are now non-blocking.
Try to connect up to 10 times with 1ms delays,
so in worst-case it takes ~10ms (for example 14ms)
Bug: 13104
Change-Id: I791909c9c951b62195b48acd82490e1b9ebf2be0
Reviewed-on: https://code.wireshark.org/review/19968
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
The cleanup routine has been added to exit section of the applications.
Those which required a exit restyle have been patched as well.
Change-Id: I3a8787f0718ac7fef00dc58176869c7510fda7b1
Reviewed-on: https://code.wireshark.org/review/19949
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
That should squelch some warnings on Windows.
Change-Id: I55b394be12203e14af023fdcc5d46564d0fcfa34
Reviewed-on: https://code.wireshark.org/review/19797
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have a wsutil/socket.h file, for inclusion by everything that uses
sockets, that contains the UN*X-vs-Windows #includes and #defines to
hide some UN*X-sockets vs. Winsock API differences. That stuff mostly
comes from from extcap/extcap-base.h; have that file just include
wsutil/socket.h rather than defining that stuff itself.
Include it in sharkd_daemon.c. Use socklen_t for the size of things to
pass to bind() as the last argument; wsutil/socket.h defines it as int
on Windows.
Ignore sharkd in Git.
Change-Id: I3f2171b7aa613717f52305f62bfd7d43e0172dc6
Reviewed-on: https://code.wireshark.org/review/19796
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Basic installation of tcpdump (the default remote capture binary)
don't have setcap option. Give the user the option to run tcpdump
with sudo (already possible with a custom remote capture command).
Change-Id: I273798b5f7dc63b468b03eb633bfc60f53e30743
Reviewed-on: https://code.wireshark.org/review/19672
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Change-Id: If7c790c25ed24da1b1442ee86e3a2f75bd3f8856
Reviewed-on: https://code.wireshark.org/review/19658
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Commit v2.1.0rc0-2181-ga4e2263ac4 introduced a helppage parameter, but
all callers were NULL. In a later change, callers would use the
data_file_url() function, but this needs to be freed, so do that.
Fixes: v2.3.0rc0-1825-ge5596b74bd ("extcap: set help page for all extcaps.")
Change-Id: I967c0f8c6b50d9e78ac227575de24a81f97d376a
Reviewed-on: https://code.wireshark.org/review/19570
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
struct timeval requires sys/time.h. Fixes the following musl libc build error:
androiddump.c: In function 'useSndTimeout':
androiddump.c:262:18: error: variable 'socket_timeout' has initializer but incomplete type
const struct timeval socket_timeout = {
^
Change-Id: I52e204f32a012aabea2e54877e564576c072fe08
Reviewed-on: https://code.wireshark.org/review/19460
Reviewed-by: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Petri-Dish: Michal Labedzki <michal.tomasz.labedzki@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Don't narrow values until it's necessary, and then put in explicit casts
to indicate that the narrowing is intentional.
Change-Id: I8afc2a457822febbed33cee573953993013a7185
Reviewed-on: https://code.wireshark.org/review/19423
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Export pdu routines have been rewritten here on purpose.
Change-Id: If4879de4c98b6f20a75df158cae0cf9a80ffae57
Reviewed-on: https://code.wireshark.org/review/19384
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
They've been set to the manpage of the local filesystem.
Ping-Bug: 13218
Change-Id: Iacd5d2ba7ae39ee1718b59747c245d1c07785e8f
Reviewed-on: https://code.wireshark.org/review/19179
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Now "ps" command does not support process name as parameter,
use grep instead.
Change-Id: I0c35bc7d560e237e4140000e67af097744cb2c1b
Reviewed-on: https://code.wireshark.org/review/19087
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have programs that use libwiretap call that routine rather than
separately calling some or all of init_open_routines(),
wtap_register_plugin_types(), and wtap_opttypes_initialize().
Also don't have routines internal to libwiretap call those. Yes, this
means doing some initialization work when it isn't necessary, but
scattering on-demand calls throughout the code is a great way to forget
to make those calls.
Change-Id: I5828e1c5591c9d94fbb3eb0a0e54591e8fc61710
Reviewed-on: https://code.wireshark.org/review/19069
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This should avoid neverending or long time to obtain timeout
in some cases like firewall's drop rules, etc.
Bump version to 1.0.4
Bug: 13104
Ping-Bug: 13114
Change-Id: I9bef714b6d92b3516a2a95ebdbe1ba594fa60e34
Reviewed-on: https://code.wireshark.org/review/18728
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This allow to capture without any filter.
Bug: 13048
Change-Id: I29fb1a7367375b9f3d83a4f610789ae159735198
Reviewed-on: https://code.wireshark.org/review/18561
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Fix help output that describes interfaces provided by tool
to reflect reality - add missed DEVICE_ID that is part of interface.
Change-Id: Ib6374db28d8d4696ce27c5358da49d3ebfcf31e1
Reviewed-on: https://code.wireshark.org/review/18267
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Tested-by: Michael Mann <mmann78@netscape.net>
"--debug" and "--extcap-version" are part of extcap-base helper,
do not hide them.
Change-Id: I287b68dbed5344c188fede69d112ab007a6ee18b
Reviewed-on: https://code.wireshark.org/review/18279
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
This new option adds the chance to use a custom capture command.
It must produce a PCAP stream that will be read by Wireshark,
written to STDOUT.
Change-Id: I34a72465eb369194f24ecf0594df143b8ad6555f
Reviewed-on: https://code.wireshark.org/review/18037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This removes the option to specify a custom capture binary due to
incompatibilities between different binaries options. A following
change will add the chance to use a custom capture command that
will cover all the cases that the default doesn't.
Bug: 12952
Change-Id: Idbde3e27f34c28f4ce622c3a860994e25ce5f92f
Reviewed-on: https://code.wireshark.org/review/18040
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Using %lu for ssize_t throws an error. This commit change it to %zd.
Change-Id: I19ae72fe0836424bcb93e912e9b1757df4ae5fb1
Reviewed-on: https://code.wireshark.org/review/17900
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Use size_t for sizes. Do checks to make sure we don't overflow ints.
Change-Id: Id0846cc5c6348d67a23064517ad1c432cf1cb61a
Reviewed-on: https://code.wireshark.org/review/17742
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Make the reply length unsigned - there's no reason for it to be signed.
Change-Id: I5f4d1f027eeddee939547c052220efb89800f4b1
Reviewed-on: https://code.wireshark.org/review/17740
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Udpdump is a generic UDP receiver that exports datagram in PCAP format.
Change-Id: I52620a92b12530b6f9b5449c43e692663acdfc14
Reviewed-on: https://code.wireshark.org/review/17195
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Most of the actions (e.g. `androiddump --extcap-interfaces`) return
immediately without cleaning up. Fix this by adding a common exit path.
Change-Id: If02b18da49d866fb5525306e52fbf4590d98ecd2
Reviewed-on: https://code.wireshark.org/review/17634
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Change-Id: I51769e2427b0119aefe57ebcc08406434ffbfead
Reviewed-on: https://code.wireshark.org/review/16918
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This prevents the user to run
extcap_base_set_util_info(extcap, "1", NULL, "0", NULL);
that would result in version = 1.0.
Change-Id: I67532459c852bdceb16693553e90da88a1043435
Reviewed-on: https://code.wireshark.org/review/16858
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ic8e9634c9568d32fdeca8cc84a9c2f5b9757a5ae
Reviewed-on: https://code.wireshark.org/review/16806
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
ws_close just calls _close(); that doesn't close sockets. closesocket()
is the API to close a socket on Windows, and is defined as close()
on UN*X, so using closesocket() will close sockets on Windows and UN*X.
This way, we close the pipe socket correctly on Windows.
Change-Id: I6d50e26bfabac5618c74a180cbe94d444b591bd4
Reviewed-on: https://code.wireshark.org/review/16582
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I5669e2442582f899643fae4a9f86ab6d505dde07
Reviewed-on: https://code.wireshark.org/review/16505
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Check sscanf return value
2. Take large "packet" byte array off of stack and onto heap.
Change-Id: I8ade76359f1b0739ec31d7f3b688d212f21357ba
Reviewed-on: https://code.wireshark.org/review/16498
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Take large "packet" byte arrays off of stack and onto heap.
2. Cast away an shift operation that should have been identified as safe anyway.
Change-Id: I159c4a7452744763f667336cf4824d5ac3472343
Reviewed-on: https://code.wireshark.org/review/16500
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is for appeasing VS Code Analysis.
Change-Id: Ib7b3d8a3025dd764da283335051d0f77b45f6dee
Reviewed-on: https://code.wireshark.org/review/16499
Reviewed-by: Michael Mann <mmann78@netscape.net>
VS Code analysis considers them hardcoded values so the if statement is either
always true or always false.
Change-Id: Iad04add9391c515873e2e00d2c6cbd682fbf5b3f
Reviewed-on: https://code.wireshark.org/review/16419
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Now that nmake build system has been removed they are not needed anymore.
Change-Id: I88075f955bb4349185859c1af4be22e53de5850f
Reviewed-on: https://code.wireshark.org/review/16050
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
extcap_base_register_interface duplicates the memory, so there is no
need to keep it around.
Change-Id: I2bac8be519b659504c512d4eb29be8f7ef6dbd59
Reviewed-on: https://code.wireshark.org/review/15919
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Done for performance improvements.
This could probably be done in checkAPIs.pl, but this was just
a quick manual check with grepping.
Change-Id: I91ff102cb528bb00fa2f65489de53890e7e46f2d
Reviewed-on: https://code.wireshark.org/review/15751
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
This can speed up searching for interface specified to model of Android
device - in most cases it is its market name.
Change-Id: Ib5a3b96d9a2a8cf325f62614d395508b4ec58199
Reviewed-on: https://code.wireshark.org/review/15454
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use libSSH 0.7.2 compiled with MinGW(32|64) and linked with zlib and gcrypt support
Change-Id: I7c17d1ba3dd1890e2f83c119f5ea851834807e43
Reviewed-on: https://code.wireshark.org/review/12117
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
There is 68 generic error exit codes + 45 specific error codes.
Total: 113 error codes, so it is possible to have all specific
exit codes in future - max is 254 (UNIX limitation).
Change-Id: I798bf77b03031a701e90272d01e90b04e7e31940
Reviewed-on: https://code.wireshark.org/review/14763
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If extcap tool run on not existing interfaces it will fail.
There is no need to register ALL interfaces while only one is
needed. Extcap tool check it in other way (aka try to capture
but cannot for some reasons).
Change-Id: I6d60da97ce4175f19656d8c18ad8cacd25b0e99a
Reviewed-on: https://code.wireshark.org/review/14765
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Fixes a NULL-deref when no interface addresses are discovered.
Remove NULL interface from list (an empty GSList is represented by NULL
while g_slist_alloc returns a list with a single NULL data).
Change-Id: I2eded40bb697e051445a526d1f34d8a50ef9ccd4
Reviewed-on: https://code.wireshark.org/review/14888
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Wiretap require registration right now. Do it.
Change-Id: I7ec4c4a4c6d3fa6625fff970f7f39f1ab74e3ef5
Reviewed-on: https://code.wireshark.org/review/14761
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Trying to find interfaces every androiddump run use
a lot of system resources so Wireshark can hang for a while.
Back to old behaviour and register interfaces only when
list them.
Change-Id: Ib63cad05fb47722d3b9de24abf28a86e614417cd
Reviewed-on: https://code.wireshark.org/review/14764
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix mismatching emacs and vi modelines.
Change-Id: I5cab8c5b7692746a5fa731c977cef903ad19a6f6
Reviewed-on: https://code.wireshark.org/review/14688
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Fix a bunch of memory leaks, mainly because extcap_base_cleanup is not
called on most execution paths and because memory allocated for options
were not freed.
Additionally, randpkt will now fail if no option is given (it previously
returned 0 if --capture was missing). Logic using "goto" is introduced
with the idea that a program should fail (ret = EXIT_FAILURE) unless
proven otherwise.
Now none of the extcap programs are leaking:
for what in ssh cisco; do
for arg in '' --help --extcap-interfaces --extcap-interface=$what; do
extcap/${what}dump $arg; done; done
./tshark -D
Change-Id: I6df1027ed0c32bd53fe87e6c54d355bc8ddd01f5
Reviewed-on: https://code.wireshark.org/review/14671
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>
Add SOCKET_LIBS and NSL_LIBS to global LIBS variables on platforms
where it is required.
Make configure checks for getaddrinfo/gethostname unconditional,
that is handled with #ifdefs if necessary.
Change-Id: Ia874038454fb9cf3bdbf8e6fd829f319e331837e
Reviewed-on: https://code.wireshark.org/review/14560
Reviewed-by: João Valverde <j@v6e.pt>
That should squelch some warnings from the compiler on the OS X
buildbot.
Change-Id: I0da16469fb48e26677c5366d6fe290db2bf52a10
Reviewed-on: https://code.wireshark.org/review/14619
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Ciscodump is a new extcap that allows packet capture
on Cisco routers (IOS 12.4 and later) through SSH.
Change-Id: Ic9c5be01d3bd0112116f7fc9fa10e26c1552b007
Reviewed-on: https://code.wireshark.org/review/13886
Reviewed-by: Roland Knall <rknall@gmail.com>
Add pkg-config 0.29.1 macros to our distribution. This makes the
aclocal-flags script obsolete, since we are already not using GLib
autoconf macros.
ACLOCAL_AMFLAGS need only be defined on the top-level Makefile.am.
Change-Id: Idd868dcfeb8f279517970d0f96d9d53e3a7e4d5c
Reviewed-on: https://code.wireshark.org/review/14568
Reviewed-by: João Valverde <j@v6e.pt>
To comply with the procedure in README.developer.
Change-Id: If68da7b5ff27c3b250200cd17c80a005d51c631d
Reviewed-on: https://code.wireshark.org/review/14573
Reviewed-by: João Valverde <j@v6e.pt>
When no interfaces are available (as with androiddump when adb
is not running) version is not printed anymore, for a cleaner
output.
Change-Id: Ia150a58ff1c04e412ff29a540f18e1fe9612f633
Reviewed-on: https://code.wireshark.org/review/14289
Petri-Dish: Roland Knall <rknall@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Roland Knall <rknall@gmail.com>