Changes:
In nearly all cases decoding match content of capture. The exception is #2270,
where timestamps do not match recorded time which causes discrepancy in
decoding.
Decoding of audio correctly follows different soundcard rates.
RTP Player shows first sample rate in each stream in place of rate of playing.
Fixed incorrect time axis calculation
Fixes#16837Fixes#4960Fixes#2270
Changes:
- epan/follow.c: follow_conv_filter_func has new parameter
epan_dissect_t *edt, so filter can be generated based on decoded tree
of packet below the cursor
- menu Follow/SIP Call is enabled when sip packet is selected
- value of sip.Call-ID is used as filter for SIP call
- for sharkd it generates filter just 'sip.Call-ID' with no value
When RTP stream has no setup frame, but is decoded by Decode as or
with rtp_udp active, setup frame was shown as SETUP <number>, but
correct is RTP <number>.
Enable CMAKE_AUTOMOC, CMAKE_AUTOUIC, and CMAKE_AUTORCC before searching
for Qt packages. This is apparently required for CMake 3.20.0 and later.
Fixes#17314.
disabled RichText in regex text input, to prevent invisible
formatting from getting passed to the regex engine
fixed a issue where fields matched by duplicate groups would
not be parsed
Modularized the parser backend slightly to have the needed hooks
Modified the timestamp format slightly to enable arbitrary postion for
second fractions
Added a regex based seeking parser for textfiles as frontend alternative
to text_import_scanner.l
Regex is using the GLib implementation
Supported frame-data formats are bin, hex, oct and base64
Regex based importing UI
Fixed Meory-leak in ImportTextDialog::exec()
A new tab was added to the text_import ui to accomodate the new fields
Hints are available and styled accordingly
Changes:
- all waveforms has common scale therefore louder/quiter signal is visible
- when stream/streams are deleted from view, Y axis is rescaled and
waveforms are rearranged to reuse empty space
Legend and it's elements were shown only when first waveform requires it.
Patch fixes it and all legend elements are shown when required by any
waveform.
Visual waveform is derived from decoded audio. When audio is decoded
incorrectly, waveform now shows it.
E.g. on issue 14401 is now audio play aligned with waveform, but it
exhibits that decoded audio is incorrect - about two times longer than
pcap!
Changes:
- samplefile_ renamed to sample_file_
- tempfile_ is renamed to temp_file_
- decode() is separated to decodeAudio and decodeVisual
- Frame info stores frame len and frame_num for every frame. We must hold
it per frame as it may change in time. Info is stored in separate temp file
as waveform samples.
Give details on what happens when running Wireshark from a GUI on
UN*Xes, or, at least, on {macOS,Ubuntu+GNOME,Ubuntu+KDE}, although
it's probably similar on other UN*Xes and on other desktop environments.
Have routines to report capture-file errors, using libwireshark error
codes and strings, that call through a pointer, so they can pop up
dialogs in GUI apps, print a message to the standard error on
command-line apps, and possibly do something different on server
programs.
Have init_report_message() take a pointer to structure containing those
function pointers, rather than the function pointers themselves, as
arguments.
Make other API changes to make that work.
Only a tiny amount of code outside libwiretap needs to know about
pcap/pcapng LINKTYPE_ values, and all that code needs to know is, for a
given LINKTYPE_ value, what the corresponding WTAP_ENCAP_ value is.
Nothing should need to know, for a given WTAP_ENCAP_ value, what its
LINKTYPE_ value is.
Make it the case that nothing *does* need to know, for a given
WTAP_ENCAP_ value, what its LINKTYPE_ value is. Export
wtap_dump_can_write_encap() and use *that*, in the "import hex dump"
code, what formats can be written to a pcap file.
Dialogs has same order of buttons:
- dialog specific (Flow Sequence, Find Reverse, Analyze, Reset Diagram)
- common voice functions (Prepare Filter, Play Streams)
- exports (Copy, Export)
- Close of dialog
Names were unified:
- Copy really copying to clipboard
- Save/Export was unified to Export
Combine exp_pdu_file_open() is called only by do_export_pdu(); just
combine them into one routine.
Get rid of the exp_pdu_t * argument to do_export_pdu(); instead, have
the exp_pdu_t structure be a local variable in that routine. There's no
need to initialize exp_pdu_data.pkt_encap in
ExportPDUDialog::on_buttonBox_accepted() - do_export_pdu() already does
so.
The return value of do_export_pdu() isn't used; don't return anything.
Added shortcuts:
- Mute/Unmute/Invert Mute
- Play/Pause/Stop
Removed outdated help in tooltip text. It makes no sense to use it, all
actions are available in context menu.
Changes:
- It is possible to select multiple streams in list and in graph
- Select All/None/Invert implemented in list of streams and in graph
- Indication of "Selected" stream redesigned in graph
- Mouse hovering shows related row/wave
- All operations adapted to multiselection
Remove the editor modeline blocks from most of the source files in ui/qt
by running
perl -i -p0e 's{ \n+ /[ *\n]+ editor \s+ modelines .* shiftwidth= .* \*/ \s+ } {\n}gsix' $( ag -g '\.(cpp|h)' )
then cleaning up the remaining files by hand.
This *shouldn't* affect anyone since
- All of the source files in ui/qt use 4 space indentation, which
matches the default in our top-level .editorconfig
- The one notable editor that's likely to be used on these files and
*doesn't* support EditorConfig (Qt Creator) defaults to 4 space
indentation.
Have dumpcap in child mode return an error message with a primary and
secondary string, instead of using stderr. When writing to the console
log we ignore the second message to prevent flooding the log with
tutorial-like info on permissions.
Switch ui/clopts_common.c, ui/filter_files.[ch], and ui/summary.[ch] to
4 space indentation. This brings them in line with all of the other
files in that directory and with ui/qt.
Fix the modelines in ui/qt/models/filter_list_model.cpp.
Have it return WTAP_FILE_TYPE_SUBTYPE_UNKNOWN, rather than an
undecorated -1, if the hash table lookup fails.
Check for that as a return value, and pop up a "file an issue" dialog if
WTAP_FILE_TYPE_SUBTYPE_UNKNOWN is returned.
This should squelch Coverity CID 1473325; the error Coverity reports is
bogus, as negative file type/subtype values are check for before we try
to use them as suffixes, but this should catch the "this should not
happen" case that caused the error to pop up.
Register the pcap and pcapng file types/subtypes rather than hardwiring
them into the table.
Call the registration routines for them directly, rather than through a
generated table; they're always supposed to be there, as some code in
Wireshark either writes only one of those formats or defaults to writing
one of those formats. Don't run their source code through the
registration-routine-finder script.
Have the file type/subtype codes for them be directly exported to the
libwiretap core, and provide routines to return each of them, to be used
by the aforementioned code.
When reporting errors with cfile_write_failure_message(), use
wtap_dump_file_type_subtype() to get the file type/subtype value for the
wtap_dumper to which we're writing, rather than hardcoding it.
Have the "export PDU" code capable of supporting arbitrary file
types/subtypes, although we currently only use pcapng.
Get rid of declarations of now-static can_write_encap and
dump_open routines in various headers.
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
Instead of a "supports name resolution" Boolean and bitflags for types of
comments supported, provide a list of block types that the file
type/subtype supports, with each block type having a list of options
supported. Indicate whether "supported" means "one instance" or
"multiple instances".
"Supports" doesn't just mean "can be written", it also means "could be
read".
Rename WTAP_BLOCK_IF_DESCRIPTION to WTAP_BLOCK_IF_ID_AND_INFO, to
indicate that it provides, in addition to information about the
interface, an ID (implicitly, in pcapng files, by its ordinal number)
that is associated with every packet in the file. Emphasize that in
comments - just because your capture file format can list the interfaces
on which a capture was done, that doesn't mean it supports this; it
doesn't do so if the file doesn't indicate, for every packet, on which
of those interfaces it was captured (I'm looking at *you*, Microsoft
Network Monitor...).
Use APIs to query that information to do what the "does this file
type/subtype support name resolution information", "does this file
type/subtype support all of these comment types", and "does this file
type/subtype support - and require - interface IDs" APIs did.
Provide backwards compatibility for Lua.
This allows us to eliminate the WTAP_FILE_TYPE_SUBTYPE_ values for IBM's
iptrace; do so.
We allocate a QMimeData object at the beginning of PacketList::mouseMoveEvent.
Usually, this object is passed to a QDrag object by calling drag->setMimeData.
In this case, the QDrag object owns the mime data object and frees it when
it's no longer required.
If the mime data object contains no data that can be dragged and dropped, we
reach the end of PacketList::mouseMoveEvent without anyone taking care of
the mime object. We have to free it ourselves in this case.
The problem can be reproduced if you add a custom column for an element that
does not exist in your capture file. Left-click onto the empty column and
drag the empty column entry somewhere. An asan build will then show the
memory leak
Indirect leak of 240 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x7f3500b79802 in QMimeData::QMimeData() (...)
Indirect leak of 32 byte(s) in 2 object(s) allocated from:
#0 0x7f351e153d30 in operator new(unsigned long) (...)
#1 0x5635156dfbc7 in PacketList::mouseMoveEvent(QMouseEvent*) ...
#2 0x7f3502eb94d7 in QWidget::event(QEvent*) (...)
For QT >5.11, stringWidth() uses horizontalAdvance, which gives different
(longer) widths than the old boundingRect().width() method.
Other locations use the boundRect().width() method directly, resulting
in underestimating line widths and clipping the last characters in
the byte view window.
Fix by forcing all width calculations to use stringWidth().
Closes#17087.
Eliminate WTAP_FILE_TYPE_SUBTYPE_ERF and
WTAP_FILE_TYPE_SUBTYPE_SYSTEMD_JOURNAL - instead, fetch the values by
name, using wtap_name_to_file_type_subtype().
This requires that wtap_init() be called before epan_init(); that's
currently the case, but put in comments to indicate why it must continue
to be the case.
Increase the minimum required version of Qt from 5.3 to 5.6. The various
Linux distribution versions that shipped with earlier Qt versions (RHEL
6, Fedora 23, openSUSE 13.2, Debian jessie, Ubuntu 16.04) have either
reached end of support or will do so soon.
The official Qt 5.6 releases for macOS require 10.8, so make that the
minimum macOS version.
Remove a bunch of no-longer-needed version checks.
The include_directories documentation at
https://cmake.org/cmake/help/latest/command/include_directories.html
says:
"Note: Prefer the target_include_directories() command to add include
directories to individual targets and optionally propagate/export them
to dependents."
Switch from include_directories to target_include_directories in a bunch
of places.
Add "SYSTEM" to the remaining external include_directories calls in
order to minimize our compiler warning blast radius.
Provide a wiretap routine to get an array of all savable file
type/subtypes, sorted with pcap and pcapng at the top, followed by the
other types, sorted either by the name or the description.
Use that routine to list options for the -F flag for various commands
Rename wtap_get_savable_file_types_subtypes() to
wtap_get_savable_file_types_subtypes_for_file(), to indicate that it
provides an array of all file type/subtypes in which a given file can be
saved. Have it sort all types, other than the default type/subtype and,
if there is one, the "other" type (both of which are put at the top), by
the name or the description.
Don't allow wtap_register_file_type_subtypes() to override any existing
registrations; have them always register a new type. In that routine,
if there are any emply slots in the table, due to an entry being
unregistered, use it rather than allocating a new slot.
Don't allow unregistration of built-in types.
Rename the "dump open table" to the "file type/subtype table", as it has
entries for all types/subtypes, even if we can't write them.
Initialize that table in a routine that pre-allocates the GArray before
filling it with built-in types/subtypes, so it doesn't keep getting
reallocated.
Get rid of wtap_num_file_types_subtypes - it's just a copy of the size
of the GArray.
Don't have wtap_file_type_subtype_description() crash if handed an
file type/subtype that isn't a valid array index - just return NULL, as
we do with wtap_file_type_subtype_name().
In wtap_name_to_file_type_subtype(), don't use WTAP_FILE_TYPE_SUBTYPE_
names for the backwards-compatibility names - map those names to the
current names, and then look them up. This reduces the number of
uses of hardwired WTAP_FILE_TYPE_SUBTYPE_ values.
Clean up the type of wtap_module_count - it has no need to be a gulong.
Have built-in wiretap file handlers register names to be used for their
file type/subtypes, rather than building the table in init.lua.
Add a new Lua C function get_wtap_filetypes() to construct the
wtap_filetypes table, based on the registered names, and use it in
init.lua.
Add a #define WSLUA_INTERNAL_FUNCTION to register functions intended
only for internal use in init.lua, so they can be made available from
Lua without being documented.
Get rid of WTAP_NUM_FILE_TYPES_SUBTYPES - most code has no need to use
it, as it can just request arrays of types, and the space of
type/subtype codes can be sparse due to registration in any case, so
code has to be careful using it.
wtap_get_num_file_types_subtypes() is no longer used, so remove it. It
returns the number of elements in the file type/subtype array, which is
not necessarily the name of known file type/subtypes, as there may have
been some deregistered types, and those types do *not* get removed from
the array, they just get cleared so that they're available for future
allocation (we don't want the indices of any registered types to changes
if another type is deregistered, as those indicates are the type/subtype
values, so we can't shrink the array).
Clean up white space and remove some comments that shouldn't have been
added.
QDateTime to/from Time_t functions are deprecated in favor of 64-bit
to/from seconds since epoch introduced in Qt 5.8.
QLayout::setMargin() is deprecated in favor of setContentsMargin().
In the proto tree, copy URLs instead of opening them.
In the export dialog, enable previews only if the advertised MIME type
*and* the contents of the file are plain text, GIF, JPEG, or PNG.
Add warnings to the wslua browser_open_url and browser_open_data_file
documentation.
Fixes#17232.
Use target_include_directories instead of include_directories in a few
places as recommended at
https://cmake.org/cmake/help/latest/command/include_directories.html
Doing so lets us mark a bunch of dependency includes SYSTEM PRIVATE, in
particular LIBXML2_INCLUDE_DIRS. On macOS this keeps us from triggering
the nullability warnings described at
https://www.wireshark.org/lists/wireshark-dev/202004/msg00056.html
(This might also keep the Visual Studio code analyzer from complaining
about various Qt headers, but I haven't tested this.)
The "short name" is really just the name, used to look it up. The
"name" is really a description intended solely for human consumption.
Rename the fields, and the functions that access them, to match.
The "description" maintained by Lua for file type handlers is used
*only* for one debugging message; we should probably just eliminate it.
Call it an "internal description" for now.
When recap is initated, list in RTP Stream dialog is cleared and new list
is read from capture so previously selected rows are deselected.
Patch solves it.
Functional changes:
Audio routing information is now stored in audio stream and not in table. It
is handled by separate utils/rtp_audio_routing.cpp class which is able to
convert it between mono/stereo etc.
There is new utils/rtp_audio_routing_filter.cpp class which is able to
route mono audio stream to any audio channel.
Sample file separated from audio stream file - sample file is generated only
during recap. So when we need new waveform, we just use existing sample file
and no recap required - it is much faster.
Audio stream exports just mono audio. Mono audio is then expanded to stereo
and correct channel by AudioRoutingFilter during play as required. So when
audio routing is changed, no recap and no audio export is required.
When audio stream is muted, no audio is produced nor played.
Most of signals between RtpPlayerDialog and RtpAudioStream were removed.
Start/Pause/Stop is processed in RtpPlayDialog (just for non muted streams).
Play possition is not received from every playing stream but from independent
silence stream.
Added Mute/Unmute function.
Optimalization:
When audio routing is changed, just graphs are updated. No retap nor audio
decoding is required.
When TOD is changed, just graphs are updated. No retap nor audio decoding is
required.
Jirka Novak