If a display filter had been applied during the opening
of the conversation or endpoint dialog, automatically check
the entry for "Limit to display filter" to ensure that
the filtered result is being shown, as expected by the user.
Retapping can have some side-effects and was done in
an overflowing way. Reducing the number of times retapping
is required and done, and also giving control for taps
reload to TrafficTab
The current model makes it very hard to extend the traffic tables
with new functionality. For instance, having a total view column
additionally to the normal columns when filtered.
This change removes the QTreeWidget and moves to a more generic
approach using QAbstractListModel elements.
It is implemented in thtree parts:
- ATapDataModel implements the basic collection and handling of
the tap data information, as well as updating if new data is
becoming available
- EndpointDataModel / ConversationDataModel handles the display
and representation of the data
- Implementing TrafficTab as a TabWidget which will handle the
adding/removing of new protocol tabs
Set the row colors in the traffic dialogs to alternating for better
readibility and add a context menu option to resize the columns back
to content
Fixes#16189
Remote traffic_table_ui.? and move the JSON stuff into endpoint.
This is in preparation for larger work on both the conversation
table as well as the endpoint table, and to start using Qt code
in the UI where it should be used.
If name resolution is enabled in the conversations and endpoints
dialogs, sort address columns by the resolved names, not by the
addresses; sorting them by address will give *very* unexpected results,
and not make it easier to look for addresses by name.
Move WiresharkApplication.{cpp,h} to MainApplication.{cpp,h}. Add back
WiresharkApplication as a thin superclass of MainApplication, similar to
LogsharkApplication. Change all of our wsApp references to mainApp. We
will likely have to change many or most of them back, but that's a
commit for another time.
Remove the editor modeline blocks from most of the source files in ui/qt
by running
perl -i -p0e 's{ \n+ /[ *\n]+ editor \s+ modelines .* shiftwidth= .* \*/ \s+ } {\n}gsix' $( ag -g '\.(cpp|h)' )
then cleaning up the remaining files by hand.
This *shouldn't* affect anyone since
- All of the source files in ui/qt use 4 space indentation, which
matches the default in our top-level .editorconfig
- The one notable editor that's likely to be used on these files and
*doesn't* support EditorConfig (Qt Creator) defaults to 4 space
indentation.
If, for example, you run out of file descriptors, dup() can fail, and
ws_dup() is a wrapper around it on UN*X. Don't just pass the result of
ws_dup() to ws_fdopen(); instead, save its result, check against -1 and,
if it's -1, give up, otherwise pass it to ws_fdopen().
This addresses Coverity CID 1471708.
Also, if ws_fdopen() fails, close the descriptor we got from ws_dup();
this closes a possible FD leak.
The patch reintroduces WiresharkDialog::captureFileClosed() method and
calls captureFileClosing() and captureFileClosed() in right order.
Both methods call updateWidgets() at its end.
All dialogs were reviewed and captureFileClosing/Closed methods updated
when appropriate.
captureEvent() method in multiple dialogs changed to captureFileClosing/Closed
as it does same actions - looks like old style of detecting of capture
file closing.
Run
$ gsed -i -e 's/\(tr *(.*".*\)" *UTF8_HORIZONTAL_ELLIPSIS/\1…"/' $( ag -l 'tr *\(.*" *UTF8_HORIZONTAL_ELLIPSIS' )
$ gsed -i -e 's/\(tr *( *\)UTF8_HORIZONTAL_ELLIPSIS *"/\1"…/' $( ag -l 'tr *\( *UTF8_HORIZONTAL_ELLIPSIS *"' )
in ui/qt. As discussed in #16812, the UTF8_ macros were required at one
time because we only allowed ASCII in our source code. However, that
requirement has since been relaxed and Qt's translation framework
doesn't handle concatenating strings and macros very well.
At least with Qt 5.12 on Debian/testing the following needs to be changed:
- The temporary file name created for the endpoint map file needs to be
retrieved at least once when the file is open to be available later on.
- The temporary endpoint map file needs to remain on temporary storage
because the external presentation process (web browser) needs to have
access to it when it starts (asynchronously) and for as long as it needs.
Change-Id: I554110a5a3ffa48b44575b1cb45f5971baac5e9c
Reviewed-on: https://code.wireshark.org/review/36599
Reviewed-by: Anders Broman <a.broman58@gmail.com>
If tf.handle() fails, it returns -1; we shouldn't call ws_fdopen() on
its return value. (I'm not sure whether it can fail, but this code is
all a bit twisty.)
If tf.handle() succeeds, and we hand its return value to ws_fdopen(),
and we get back NULL, *that* indicates that ws_fdopen() failed.
This should fix Coverity CID 1457929, preventing a FILE leak.
Change-Id: I23bb04579d26928037f8b9284b7741affc3596f7
Reviewed-on: https://code.wireshark.org/review/35940
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Much better to use a known library than create it ourselves.
Also remove get_tempfile_path as it's not used.
Bug: 15992
Change-Id: I17b9bd879e8bdb540f79db83c6c138f8ee724764
Reviewed-on: https://code.wireshark.org/review/34420
Reviewed-by: Tomasz Moń <desowin@gmail.com>
Petri-Dish: Tomasz Moń <desowin@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Roland Knall <rknall@gmail.com>
This feature was removed in v2.5.1rc0-427-gf529ab5d0a, anticipating that
MaxMind would remove support for it in 2019. They have however changed
their mind and maintained latitude and longitude information.
They recommend displaying an accuracy radius, but the reported values
are 50, 100, 200 and 1000km. When implemented literally, a marker in
Ireland would cover the whole island plus mainland, so I have instead
opted to use a fixed radius of 1km at deeper zoom levels.
The old ipmap.html file was outdated and had broken tiles, I rewrote a
new one from scratch using the light-weight Leaflet library combined
with tiles from OpenStreetMap. This is more mobile-friendly and secure
(https, SRI). To improve handling of nearby or overlapping nodes,
clustering is used (individual nodes can still be inspected).
Browser compatibility results: IE8 is unusable, IE9 partially works
(tooltips sometimes disappear and the cluster radius control is gone),
IE11 works. Of course Firefox 65 and Chromium 72 have no issues.
The map popup description in the generated GeoJSON structure is now
split in several properties, allowing presentation to be handled by the
HTML page instead of the C code.
Bug: 14693
Change-Id: If2ec9c518f7723ac0ab27b6272463356875a0ff2
Reviewed-on: https://code.wireshark.org/review/31952
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Both functions accept an address in network byte order, but
maxmind_db_lookup_ipv4 does not accept a pointer. Add an indirection and
remove unnecessary memcpy calls. This removes some confusion for me.
Change-Id: I291c54c8c55bc8048ca011b84918c8a5d3ed1398
Reviewed-on: https://code.wireshark.org/review/31951
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move */ to a separate line below the SPDX identifier.
Change-Id: Id1032215449cfccae0933147b45e04b65e0b727f
Reviewed-on: https://code.wireshark.org/review/27211
Reviewed-by: Anders Broman <a.broman58@gmail.com>
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
Add mmdbresolve, a utility that reads IPv4 and IPv6 addresses on stdin
and prints resolved information on stdout. Place it under a liberal
license (MIT) so that we can keep libmaxminddb at arm's length. Add
epan/maxmind_db.[ch], which spawns mmdbresolve and communicates with it
via stdio.
Migrate the preferences and documentation to MaxMindDB.
Change the IPv4 and IPv6 asnum fields to FT_UINT32s. Change the
geographic coordinate fields to FT_DOUBLEs.
Bug: 10658
Change-Id: I24aeed637bea1b41d173270bda413af230f4425f
Reviewed-on: https://code.wireshark.org/review/26214
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Remove the endpoint map and its button from the Qt and GTK+ UIs. It
depends on GeoIP Legacy for coordinate information and those databases
are being deprecated in favor of MaxMind DB. We *could* upgrade the code
to use mmdbresolve, but according to
https://dev.maxmind.com/geoip/geoip2/geolite2/ they're also going to
remove coordinate information from GeoLite2:
"In addition, in 2019, latitude and longitude coordinates in the
GeoLite2 databases will be removed.* Latitude and longitude coordinates
will continue to be provided in GeoIP2 databases. Please check back for
updates."
Change-Id: I43e1593d282a0f1aae897b1f4724117d1496b21e
Reviewed-on: https://code.wireshark.org/review/26229
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
The first is deprecated, as per https://spdx.org/licenses/.
Change-Id: I8e21e1d32d09b8b94b93a2dc9fbdde5ffeba6bed
Reviewed-on: https://code.wireshark.org/review/25661
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The split isn't necessary now that epan no longer uses the capture_file
structure.
Change-Id: Ia232712a2fb5db511865805518e8d03509b2167f
Reviewed-on: https://code.wireshark.org/review/24693
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have cfile-int.h declare the structure, and use it in files that
directly access the structure.
Have cfile.h just incompletely declare the structure and include it
rather than explicitly declaring it in source files or other header
files.
Never directly refer to struct _capture_file except when typedeffing
capture_file.
Add #includes as necessary, now that cfile.h doesn't drag in a ton of
Change-Id: I7931c8039d75ff7c980b0f2a6e221f20e602a556
Reviewed-on: https://code.wireshark.org/review/24686
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Follow up to having conversions use endpoint_type instead of
port_type.
Change-Id: Ifd59a33bd8b9a013c242bce5fcceb09533f02c17
Reviewed-on: https://code.wireshark.org/review/24172
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Following the move for widgets directory, moving utils
to the utils directory. Guidelines for this directory are:
- Generic use but not a widget
- Utility functionality used by many classes
Note: additionally all includes affected by this move have been changed
to absolute path includes, instead of relative ones.
Change-Id: I019ae4b6e6f6d06a5745a63ed195edbd36fb936b
Reviewed-on: https://code.wireshark.org/review/22602
Petri-Dish: Roland Knall <rknall@gmail.com>
Reviewed-by: Roland Knall <rknall@gmail.com>
Change-Id: Ifaf25ca5a7974f1d398ceebbb4c6733d4d3e001a
Reviewed-on: https://code.wireshark.org/review/20006
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Set Close as default button in some statistics dialogs.
Change-Id: I82e17d27de256aabaec1633bb973c554eec907c3
Reviewed-on: https://code.wireshark.org/review/17685
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
g_array_index() returns an index into an array: we're sure to find
something at that index (whether that something is in bounds is
a-whole-nother question).
This fixes CIDs 1362829 and 1362890/1362830. There were other CIDs like
this but they've already been fixed.
Change-Id: I94af0931b9adf3abd3bedc969e399cda98bbdd07
Reviewed-on: https://code.wireshark.org/review/16168
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Also fix some indentation and white space.
Remove a break-after-return.
Bug: 12562
Change-Id: I912ccdac62aceaabcffec8f7739da56cc6036abf
Reviewed-on: https://code.wireshark.org/review/16159
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Generate column text dynamically. This keeps us from having to iterate
over our tree items each time we receive updates.
Set the uniformRowHeights property.
Stop automatically resizing columns after 200 items.
Fixup name resolution behavior. Disable the checkbox if host name
resolution is disabled.
Change-Id: Ib2fef604d6ee9e39a8b1edd72d58d0cb02d3bb64
Reviewed-on: https://code.wireshark.org/review/16110
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Many of our dialogs can send an "apply this display filter" signal to
the main window. Applying a display filter in turn creates a nested
event loop via cf_read+update_progress_dlg. If the "apply" signal+slot
is directly connected (which is the default, and which means we're
calling into a function table) we can close the dialog while the signal
is firing, which means we return into a deleted object.
Make all of the filterAction signals+slots queued instead of direct.
Bug: 12523
Change-Id: Ica331054c0aa52a7f33bd8df1fa65ecd09fdc292
Reviewed-on: https://code.wireshark.org/review/16080
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't assume that conv_item_t or hostlist_talker_t pointers never
change. GArrays can reallocate their data, and in our case this can
happen when we have more than 10,000 items (which is the size that the
conversation table code passes to_array_sized_new).
Bug: 12288
Change-Id: I88e58be830e35dde272f81fe9250b054fb87facf
Reviewed-on: https://code.wireshark.org/review/16078
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>