Remove the major.minor version from the plugin path, i.e:
lib/plugins/X.Y/{epan,wiretap,codecs}
and use an unversioned path:
lib/plugins/{epan,wiretap,codecs}
Introduce a new naming policy for plugins that requires
name.so.ABI_VERSION.
This is a simplified filesystem layoutfor plugins some
important benefits such as:
* improves compatibility between Wireshark versions, because
a plugin that wasn't recompiled will be automatically picked
up, but only if it has a compatible ABI version in the file name.
* does not clash with Apple guidelines
* simpler for users to understand and apply
* just overall simpler and easier to maintain, removes a lot
of complexity from CMake code
It does impose more requirements on the plugin naming scheme
but this should be handled completely transparently
by the build system.
It would also be possible to add support for unversioned *.so file
extensions at the same time, although in ths case it is not possible
to support multiple Wireshark ABI versions with only *.so, of course.
This wasn't done here but it may or may not be a useful enhancement
in the future.
Follow-up to 90b16b4092.
Use JSON to serialize the machine readable interface list.
This removes any problems with embedded tabs in names and
descriptions, and makes it easier to later get the interface list
and the capabilities in one call (and possibly even a single call
that retrieves both and starts statistics.)
Related to #15082
Don't connect the QDialogButtonBox accepted() signal to the
dialog's accept() slot in the Qt Creator .ui XML only to
disconnect that connection in the constructor.
Apparently in Qt6 these things are parsed in somewhat different
order, so the disconnection wasn't happening, leading to
destroying the dialog while the FileDialog was still open.
There's a case for moving the Save As actions to ActionRole buttons
(though then the little save icon would have to be set manually.)
Fix#19529
Move the libwireshark pkgconfig file to the resource directory.
Set the various paths in our .pc files based on the `pcfiledir` variable
instead of using absolute paths. This should make it possible to install
using a DESTDIR that differs from CMAKE_INSTALL_PREFIX.
The libsinsp filtercheck categories aren't likely to change much over
time, so create a static list of them. Make them protocols as well, and
remove the "falco." field prefix where we can.
Initialize our hfids to 0.
Allow epan plugins to push descriptions for each individual
plugin or extension managed by the epan plugin interface.
For example a Lua or Python epan plugin can push
descriptions for each *.lua or *.py script it registers.
Similar to other changes to the dissection and display of UTC Time, changed
Smart Energy time fields to display both UTC text time and UTC Time as a
number with the number as the field value for t-shark. As UTC Time is used
elsewhere, broke that functionality out into the main ZCL file, but Smart
Energy applies a special meaning where the value 0 means 'now' independant
of the actual time, this is restricted to Smart Energy uses of UTC Time.
Thanks to Cole Wu <colewu9712@gmail.com> for the original implementation and
support.
Move the call to fill_in_local_interfaces to after checking for
an interface capabilities query.
We don't need to retrieve all the local interfaces if we're doing
a capabilities query and then exiting. The interfaces to query
are either specified on the command line, specified in preferences,
or picked as a default (interface "1"), none of which requires
filling in all the local interfaces and querying their capabilities
an additional time.
Part of #15082
The non-Huffman encoded QPACK bytes are added to the tree as
FT_BYTES, and they are expected to be probably printable
ASCII but treated as opaque data if not. That's
BASE_SHOW_ASCII_PRINTABLE, which makes the values a little more
useful in the tree.
Move some of the less useful messages to ws_noisy, the rest to
ws_debug. (A few of the errors could be ws_info, which isn't
displayed by default either.)
Part of #19519
Logray filters the interface list down the extcap interfaces,
so don't bother spawning dumpcap to retrieve the other interface
types. It's time consuming, and on Windows with NPcap installed
with administrator privileges, means unnecessary UAC prompts.
Since global_capture_opts is always already init'ed in
scan_local_interfaces_filtered, call the get_iface_list
callback instead of the generic capture_interface_list there.
Cached the interface list returned from capture_interface_list
and store it in the MainApplication. On subsequent calls
to the capture opts get_iface_list callback, return the cached
list if it exists.
When Refresh Local Interfaces is called (either manually by the
user, or by a notification from iface_monitor), clear the cached
interface list and set it to NULL so that a new capture_interface_list
call will happen.
This prevents multiple privileged dumpcap calls when parsing
multiple interface options, or when retrieving the entire interface
list after having already done so to parse an interface command
line option.
Related to #15082
Return the number of bytes decoded and placed in the tree and
set pinfo->desegment_offset and desegment_len so that the QUIC
disssector can desegment the HTTP3 Encoder stream.
Pass that number of bytes to the nghttp3 decoder so that we don't
end up passing the same bytes twice with reassembly.
Make it so the QUIC data stream desegmenting code puts a link
to the frame data was reassembled in for segments that begin
an MSP as well in more cases, as the TCP dissector does.
(There are a few more cases TODO to produce results similar to
TCP.)
Fix#19475
See
1. https://www.tcpdump.org/linktypes/LINKTYPE_NFLOG.html
2. The `nla_put(inst->skb, NFULA_TIMESTAMP, sizeof(ts), &ts))`
call in net/netfilter/nfnetlink_log.c in the Linux kernel source.
Add support for 16-byte and 12-byte seconds/microseconds time stamp, to
match what we already have for seconds/nanoseconds time stamps, in
`proto_tree_add_item()` etc., and use that.
Fixes#19525.
João Valverde