GTK and TShark should already have structure initialized to 0 because they are global variables.
Change-Id: I43a38c58f32967d201ddf78e450b2483f28f8bd6
Reviewed-on: https://code.wireshark.org/review/12847
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
g_hash_table_destroy will crash, if it is called on
non-initialized memory. For some reason, this does not happen
with other glib lists (e.g. GList seems to guard cleanly).
This change initializes at the earliest possible time the
packet counter hash with NULL
Change-Id: Ice66652fc9639d10b49d006ecbe80efe3f41e2ff
Reviewed-on: https://code.wireshark.org/review/12841
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
It was buried as a static variable in capture_info.c, and functions were refactored to allow a pointer to the info_data_t structure to be passed in. TShark and GTK will have their own single (global) copy of the structure, while it opens up Qt to have multiple instances.
Change-Id: Ic2d7a2ad574de43f457cb18b194d6bc3fffb6120
Reviewed-on: https://code.wireshark.org/review/12691
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "-Wwrite-strings" flag produces nuisance warnings. These warnings are
not useful, they're impossible to fix in a sane way and therefore are being
handled with casts of static strings to (char *).
This just moves the warning to [-Wcast-qual] and a compiler pragma is
in turn required (and used) to squelch that warning.
Remove the Wwrite-strings warning. Let that responsibility fall on the
programmer (as is done by casting).
Change-Id: I5a44dfd9decd6d80797a521a3373593074962fb5
Reviewed-on: https://code.wireshark.org/review/12162
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Have a "this is stdout" flag for a wtap_dumper, and have "open the
standard output for dumping" routines that set that flag. When closing
a wtap_dumper, do most of the work regardless of whether we're writing
to the standard output or not (so that everything gets written out) and
only skip the closing of the underlying file descriptor.
Change-Id: I9f7e4d142b3bd598055d806b7ded1cb4c378de8e
Reviewed-on: https://code.wireshark.org/review/11673
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That's a UI convention, and the GUI shouldn't honor that convention - a
user might get confused if they try to save to "-" and end up with
nothing (and with a ton of crap in a log file if programs launched from
the GUI end up with their standard output and error logged).
While we're at it, make randcap report write and close errors.
Change-Id: I9c450f0ca0320ce4c36d13d209b56d72edb43012
Reviewed-on: https://code.wireshark.org/review/11666
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have wsutil/file_util.h include them on UN*X, just as it includes io.h
on Windows, so we can have a rule of "if you do file operations, include
<wsutil/file_util.h> and use the routines in it".
Remove includes of unistd.h, fcntl.h, and sys/stat.h that aren't
necessary (whether because of the addition of them to wsutil/file_util.h
or because they weren't needed in the first place).
Change-Id: Ie241dd74deff284e39a5f690a297dbb6e1dc485f
Reviewed-on: https://code.wireshark.org/review/11619
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have epan_init() return a success/failure Boolean indication. Catch
exceptions when calling the dissector registration routines and, if we
get one, report the error and return a failure indication.
If epan_init() fails, quit, but first make sure the reported error is
displayed.
Change-Id: I0300cbb1f66a5644f857a205235124909d684c50
Reviewed-on: https://code.wireshark.org/review/11340
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Remove variadic macros restriction (c99, c++11 feature) from
README.developer. GCC, Clang, MSVC 2005 all support it.
Enable -Wno-variadic-macros in configure.ac and CMakeLists.txt when
-Wpedantic is enabled (which would enable -Wvariadic-macros).
For all files matching 'define\s*\w+[0-9]\(', replace "FOO[0-9]" by
"FOO" and adjust the macro definition accordingly. The nbap dissector
was regenerated after adjusting its template and .cnf file. The
generated code is the same since all files disabled the debug macros.
Discussed at:
https://www.wireshark.org/lists/wireshark-dev/201209/msg00142.htmlhttps://www.wireshark.org/lists/wireshark-dev/201510/msg00012.html
Change-Id: I3b2e22487db817cbbaac774a592669a4f44314b2
Reviewed-on: https://code.wireshark.org/review/10781
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
are registered.
Change-Id: I06f10d96916640cb9a782cae87898a5dd6c9c6e3
Reviewed-on: https://code.wireshark.org/review/10601
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Make pcapng decode options in an NRB during read, and store the comment
option, and write it back out as well. Also make it handle plugin handlers
for unknown options in received NRB(s).
Change-Id: I81863ef8d85cb1c8b5ba6673ba0e562efe77714f
Reviewed-on: https://code.wireshark.org/review/9723
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move the boolean flag for using captured DNS packet info for name resolution
to the Name Resolution preferences settings, as it was rather surprising to
disable Name Resolution preferences and still have names being resolved. Also
disble them all if the '-n' command line switch is used, and re-enable it for
a 'd' character in the '-N' option.
Bug: 10337
Change-Id: Ie4d47bab0100db3360cc447cd3e446b2e39aa917
Reviewed-on: https://code.wireshark.org/review/9786
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Make use of -A parameter when querying data link types supported by a given interface with dumpcap.
Ensure to pass the authentication parameters configured for a remote interface when calling capture_get_if_capabilities()
Bug: 11366
Change-Id: I4efea615084a82108e4a12a64e8c46817f30a5c6
Reviewed-on: https://code.wireshark.org/review/9690
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Future: Allow multiple protocols to be disabled in one option statement
(perhaps using a comma or colon delmited set of names in <proto_name>)
instead of having to specify --disable-protocol <proto_name> multiple times.
Change-Id: I9b8f960acf75298ebb098d9b667fca49dca52306
Reviewed-on: https://code.wireshark.org/review/9631
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows for a global place to enable/disable all heuristic dissectors. This removes the need for individual dissector preferences, but those will be removed at a later date. The more important part is the epan code to save/restore the enabled state of the heuristic dissector. The GTK dialog was more for quickly testing the feature (there was already some GTK code in place that started the heuristic dialog tab)
Change-Id: Ie10687505c27a4456c49d5c4c69a5fc5f6394275
Ping-Bug:11152
Reviewed-on: https://code.wireshark.org/review/9508
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A few sample tap/dissectors (ANSI/A, ANSI MAP) are also included to test the API. The "GUI output" is a bit raw and could use some "prettying up", but all the basic hooks are there.
Telephony "stat grouping" needs to be better alphabetized to properly populate menu (on GTK, probably Qt)
Change-Id: I98514171f69c4ab3a304dccb26c71d629703c9ab
Reviewed-on: https://code.wireshark.org/review/9110
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ib982662db6cf68730a7d121eac60d9bc5ae67429
Reviewed-on: https://code.wireshark.org/review/9195
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Immediately release memory after using it, fixes a direct memleak
warning from ASAN.
Change-Id: Icd3ff19c607da790a4a093966e1966cb0df6bb9d
Reviewed-on: https://code.wireshark.org/review/9069
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Very similar to the refactoring of SRT stats, it provides more commonality of the stats for all GUI interfaces. Currently implemented for TShark and GTK. Affected dissectors: MEGACO, MGCP, Radius
Change-Id: Icb73a7e603dc3502b39bf696227fcaae37d4ed21
Reviewed-on: https://code.wireshark.org/review/8998
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Create "common" SRT tap data collection intended for all GUIs. Refactor/merge functionality of existing dissectors that have SRT support (AFP, DCERPC, Diameter, FC, GTP, LDAP, NCP, RPC, SCIS, SMB, and SMB2) for both TShark and GTK.
SMB and DCERPC "tap packet filtering" were different between TShark and GTK, so I went with GTK filter logic.
CAMEL "tap packet filtering" was different between TShark and GTK, so GTK filtering logic was pushed to the dissector and the TShark tap was left alone.
Change-Id: I7d6eaad0673fe628ef337f9165d7ed94f4a5e1cc
Reviewed-on: https://code.wireshark.org/review/8894
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This avoids type punning; at least with Xcode 7 beta on El Capitan beta,
that produces warnings that get turned into errors.
Change-Id: I57f47455b9630f359828c07c92a190b5cb33816f
Reviewed-on: https://code.wireshark.org/review/8862
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We have a bunch of duplicated code to make those lists; make a common
routine for that. (dumpcap currently doesn't use it, as the routine in
question uses a routine in libui, which dumpcap doesn't use. We should
probably fix that.)
Change-Id: I9058bf3320d420b8713e90743618972da1d1c6ed
Reviewed-on: https://code.wireshark.org/review/7934
Reviewed-by: Guy Harris <guy@alum.mit.edu>
It can be set if either 1) this is Windows (where we're assumed to be
using WinPcap, which includes calls to set the buffer size) or 2) we
have pcap_create() (in which case we also have pcap_set_buffer_size(),
at least in a normal libpcap release).
Use that rather than testing "defined(_WIN32) ||
defined(HAVE_PCAP_CREATE)"; that makes it a bit more obvious what's
being tested.
Change-Id: Id9f8455019d19206b04dd6820a748cb97ae5ad12
Reviewed-on: https://code.wireshark.org/review/7816
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Squelch
warning: cast discards ‘__attribute__((const))’ qualifier from pointer target type [-Wcast-qual]
similar to g630f54f.
Change strtod to g_ascii_strtod to squelch a checkAPIs error.
Change-Id: Ib2d26ef89f08827a5adc07e35eaf876cd7b8d14e
Reviewed-on: https://code.wireshark.org/review/7269
Reviewed-by: Gerald Combs <gerald@wireshark.org>
dladdr() takes a void * as a code pointer; have init_progfile_dir() do
so, and do the casting in the calls. We don't care about the signature
of the function whose address we're passing, we just want to pass a
pointer to *something* in the main program.
Change-Id: I9372620a97b0eb53c2bb3c0c41a238b4408f3709
Reviewed-on: https://code.wireshark.org/review/7270
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have dfilter_compile() take an additional gchar ** argument, pointing to
a gchar * item that, on error, gets set to point to a g_malloc()ed error
string. That removes one bit of global state from the display filter
parser, and doesn't impose a fixed limit on the error message strings.
Have fvalue_from_string() and fvalue_from_unparsed() take a gchar **
argument, pointer to a gchar * item, rather than an error-reporting
function, and set the gchar * item to point to a g_malloc()ed error
string on an error.
Allow either gchar ** argument to be null; if the argument is null, no
error message is allocated or provided.
Change-Id: Ibd36b8aaa9bf4234aa6efa1e7fb95f7037493b4c
Reviewed-on: https://code.wireshark.org/review/6608
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add some missing g_free()s while we're at it.
Change-Id: Id38acc21d3c0b337e5d05baaf5ebbcd63699ff50
Reviewed-on: https://code.wireshark.org/review/6287
Reviewed-by: Guy Harris <guy@alum.mit.edu>
"stat name" has been official changed to "endpoints" for all dissectors, rather than a mixture of "host"/"endpoints" based on dissector.
Change-Id: If34bcb5165b493948e784ba038ab202803a59843
Reviewed-on: https://code.wireshark.org/review/6154
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Don't throw its declaration in file.h, as it's not defined in file.c.
Instead, include it in epan/dissectors/packet-kerberos.h and include
that wherever read_keytab_file() is called.
Yes, that means you also have to include <epan/asn1.h> and, therefore,
you have to include <epan/packet.h>. Yes, that should be cleaned up,
perhaps by splitting the Kerberos support code into "stuff that handles
encryption keys without any reference to dissection" and "stuff that
does dissection-related work".
Change-Id: Ide5c31e6d85e6011d57202f728dbc656e36138ef
Reviewed-on: https://code.wireshark.org/review/6210
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way, the setlocale() call used to get the current locale will get
the right answer.
Change-Id: Ib43e16a9d98d08e5ddaff81fd3235f5b64d7b95b
Reviewed-on: https://code.wireshark.org/review/6197
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have them start the string with "Compiled" or "Running on", and return
the string when done.
Change-Id: Ic4d290c963621fa0385dc5aab766fd4ad31d3810
Reviewed-on: https://code.wireshark.org/review/6155
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The behavior of a leading - is platform-dependent. It also means that
non-option arguments are treated in a fashion that we're not handling,
so capture filters given as non-option arguments at the end of the
command line don't work. (The Linux getopt() man page says that a
leading - "is used by programs that were written to expect options and
other argv-elements in any order and that care about the ordering of the
two." We are not such a program.)
Change-Id: I5610cf90a8218d48f7516abacc367e0affa3b549
Based-On-A-Change-From: Peter Hatina <phatina@redhat.com>
Reviewed-on: https://code.wireshark.org/review/6071
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That way:
1) we don't have to worry about the system getopt() and our
getopt_long(), on platforms that have getopt() but not
getopt_long() (Solaris prior to Solaris 10, HP-UX, AIX), not
working well together;
2) if necessary, we can handle long options in the first pass.
Switch to using getopt_long() for the *second* pass for the GTK+ version
of Wireshark.
Use the documented mechanism for resetting the argument parser for the
glibc version of getopt_long(); use the mostly-undocumented-but-at-least-
they-documented-optreset mechanism for the *BSD version.
(We should look into doing only one pass, saving away arguments that
can't fully be processed in the first pass for further processing after
initializing libwireshark.)
Change-Id: Ide5069f1c7c66a5d04acc712551eb201080ce02f
Reviewed-on: https://code.wireshark.org/review/6063
Reviewed-by: Guy Harris <guy@alum.mit.edu>
We support three types of platforms:
1) UN*Xes that have both getopt() and getopt_long();
2) UN*Xes that have getopt() but not getopt_long();
3) Windows, which has neither.
Checking for getopt_long() lets us distinguish between 1) and 2) and
build getopt_long() for them.
Change-Id: Iaf0f142f9bebaa2eed2128d544ec9786711def45
Reviewed-on: https://code.wireshark.org/review/6045
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Wireshark UI files into a single one in wsutil.
Change-Id: I0a64f0cc8106bd681bd185289c36272c4c43baad
Reviewed-on: https://code.wireshark.org/review/6026
Reviewed-by: Stephen Fisher <sfisher@sdf.org>
Michael Mann