Extend sharkd_dissect_request() so that it can replace
sharkd_dissect_columns().
Have it return a status indicating success, invalid frame number, or
read error, so that the caller knows what the problem is.
Pass it pointers to the wtap_rec and Buffer to use when reading packets
from the file, so that if it's called in a loop iterating over all
frames, those structures can be initialized once, before the loop, and
cleaned up once, after the loop, rather than doing both once per loop
iteration.
Pass pointers to the read error code and additional read error
information string pointer, so that, on a file read error, that
information is available to the caller.
Get rid of sharkd_dissect_columns(); instead, use
sharkd_dissect_request(), with code from the loop body pulled into a
callback routine. Fix that code to correctly determine whether the
current frame has any comments, rather than just treating all frames
that have blocks as having comments.
Use _U_ to mark arguments as unused, rather than throwing in a
(void) variablename;
statement.
Move some variables used only within a loop into the for() statement or
the loop body.
epan/CMakeLists.txt set both SYSTEM PUBLIC and SYSTEM PRIVATE for
GLIB2_INCLUDE_DIRS. The PUBLIC keyword adds it to the
INTERFACE_INCLUDE_DIRECTORIES property, which is only appropriate for
includes that we ship with Wireshark, so remove that one. Make
GLIB2_LIBRARIES private as well.
Fixes#17477.
wmem has many assertions during dissection, these are assumed to have
a measurable performance impact so remove assertions with
WS_DISABLE_ASSERT, like is done elsewhere.
We don't use ws_assert() to avoid a dependency on wsutil.
g_assert_not_reached() does not have a performance impact and for
that reason should not be disabled.
This allows wsutil to depend on wmem without introducing a circular
dependency.
Although wmem is included in epan it is in many ways an independent
library and it should remain so.
Reuse the DIAMETER dissector for 3GPP-ULI for RADIUS as well.
The DIAMETER dissector for 3GPP-ULI IE is more complete than the RADIUS
version. The format of the IE is the same in RADIUS and DIAMETER.
"User" sounds as if the blocks belong to the user; at most, the current
user might have modified them directly, but they might also have, for
example, run a Lua script that, unknown to them, modified comments.
Also, a file might have "user comments" added by a previous user, who
them wrote the file and and provided it to the current user.
"Modified" seems a bit clearer than "changed".
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
This functionality has been added in d2a660d8, where its limitations
are described.
Improvements:
* the Substream index menu now properly filters for available stream numbers;
* Follow Stream selects the first stream in the current packet
Known issue (which is still there): if a packet contains multiple QUIC
streams, then we will show data also from streams other than the selected
one (see #16093)
Note that there is no way to follow a QUIC connection.
Close#17453
Clang gives a fatal warning about "explicitly assigning value of
variable of type 'int' to itself". The statement (and the `if` around
it) are redundant, so this removes both.
It is the intention to enable more precise filtering for json. 6 changes were
made for this:
- 'json.member' becomes filterable as a string field with the key of the
member. Before the key was only appended as text but was not filterable.
- Every item gets a field 'path' which allows to filter for elments
which are at a specific position within the json. To make anonymous arrays
visible (no member key) they appear as '[]' in the path. (For example arrays
in arrays)
- Every string, number, true, false, true or null item gets a field
'path_with_value' which combines the path of this element with its value. This
allows a filtering for values of elements at a specific position within the
json.
- Every string, number, true, false, true or null item gets a field
'member_with_value' which combines the key of this element with its value. This
allows a filtering for specific key-values-pairs independently of the position
within the json.
-It is possible to hide 'path', 'path_with_value', 'member_with_value' by
a preference called 'Hide extended path based filtering'.
- If the provided buffer does not start with the json object but has some
leading bytes which does not belong to the json object there is a new option to
ignore these bytes. This behaviour can be enabled by the newly introduced
preference 'Ignore leading non JSON bytes'.
Version info is an aspect of UI implementation so move it to
a more appropriate place, such as ui/. This also helps declutter
the top-level.
A static library is appropriate to encapsulate the dependencies
as private and it is better supported by CMake than object libraries.
Also version_info.h should not be installed as a public header.
Dependending on version_info is unnecessary and forces an epan
rebuild every time the git commit id changes, which can be slow,
especially with LTO enabled, and again is unnecessary.
Printing the VCS version to the TLS debug log is a minor convenience
that doesn't justify the cost to relink epan with every commit.