| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
We keep our various packaging assets in the "packaging" directory. Move
the Debian assets there. dpkg-buildpackage doesn't seem appear to have a
"debian directory path" option, but symlinking worked in my test
container.
|
|
Add BASE_SHOW_UTF_8_PRINTABLE and related function tvb_utf_8_isprint
for supporting fields of bytes that are "maybe UTF-8" (default or
SHOULD be UTF-8 but could be something else, with no encoding indicator),
such as SSID fields in IEEE 802.11 (See #16208), certain OctetString
fields in Diameter or PFCP, and other places where
BASE_SHOW_ASCII_PRINTABLE is currently used. Fix #5307
|
|
Add p_set_proto_data, which either updates our entry if we have a
proto+key match or adds an entry if we don't. Use it with
p_set_proto_depth. Document it and our other proto_data routines.
|
|
|
|
|
|
Related with #17774.
|
|
Remove experimental new API.
Fix Netlink dissector to compile with normal proto tree API.
Closes #17774.
|
|
Used with the GTK GUI, not used for a long time.
|
|
|
|
Remove ws_strdup_escape_char(). I don't think it is generic enough to keep,
and it does not seem very efficient either.
Remove string_replace(). This function was used in the GTK GUI.
|
|
|
|
Move epan_memmem() and epan_strcasestr() to wsutil/str_util.
Rename to ws_memmem() and ws_strcasestr(). Add compile time
check for a system implementation and use that if available.
We invoke those functions using a wrapper to avoid exposing
_GNU_SOURCE outside of the implementation.
|
|
|
|
C is notoriously difficult to bind from other languages
without additional metadata. The C ABI does not include
enums and macros that are an essential component of the
API.
To make Wireshark instrospectable and more binding friendly
include an introspection API to export enums and integer macros.
To avoid the tedious need to manually keep the code up to date
it uses the excellent pyclibrary python package to automatically
parse C headers and extract this data.
This is not a process that should be done automatically during
the build.
This could be used for example to replace most of the wslua
make-init-lua.pl perl script, which tries to do the same thing
using regular expressions.
Besides the downside of using Perl using regular expressions
is inferior to pyclibrary in 2 ways: 1) pyclibrary understands
most of C99 grammar so it is much more powerful; 2) pyclibrary
has a specific API to extract "values" (enums and constants)
automagically. We just need to take care to use only integer
values, for our purposes.
|
|
Add result output to console log, in addition to intermediate debug
information. This allows tracing the result using the log only.
|
|
This function is unnecessary. Clients are receiving a wmem-allocated
buffer and have no need to know the length apriori.
|
|
Add uat_set_default_values, which lets us provide default values for
fields that might be missing from the end of a UAT line. Set a default
value for the I/O Graph dialog's Y Axis Factor. Fixes the backward
compatibility issue described in #17623
|
|
|
|
Do the name check in one pass only, instead of two passes, one
for all letters and a second one to exclude upper case letters.
|
|
When the user has manually registered to a port a dissector other than
the default subdissector (through Decode As, or the preferences
registered via dissector_add_uint_[range_]with_preference), try
those ports with a custom dissector first.
There's a few dissectors (e.g., GTP) that have port preferences
that haven't been migrated to use the DECODE_AS_ preferences for
various reasons; this won't change anything when their preferences
are changed from the default, though it can still work via Decode As.
Fixes #6223 and #12168.
|
|
Some enhancements and visual fixes to version 3 dissector are also included.
|
|
|
|
|
|
|
|
Implement little endian support for tvb_get_bits family of functions.
The big/little endian refers to bit numbering within an octet. In big
endian, the most significant bit is considered bit 0, while in little
endian the least significant bit is considered bit 0.
Add encoding parameters to proto tree bits format family functions.
Specify ENC_BIG_ENDIAN in all dissectors using these functions except in
USB HID that requires ENC_LITTLE_ENDIAN to work correctly.
When formatting bits values, always display most significant bit on the
leftmost position regardless of the encoding. This results in no gaps
between octets and makes the displayed value comprehensible.
Close #4478
Fix #17014
|
|
|
|
|
|
|
|
Exports (DLL) epan_set_always_visible() to make it accessible for plugins.
This enables post dissection taps to access all fields.
|
|
Allocate the root node in the same pool as the list itself, and make
that pool explicit so we can pass the pinfo scope instead of using the
global packet pool.
|
|
A few of them just needed scratch memory, so allocate and free it
manually after doing any exception-raising checks.
A few others were returning memory, and needed conversion to accept a
wmem scope argument.
|
|
- Make sure reassembly requests & errors are properly propagated from
any point in the PDU, no matter how many sub-structure levels.
- Handle the sub-dissection methods as well:
- Ensure the sub-dissection methods handle errors from previous calls.
- Reduce the error handling needed in sub-dissector implementations.
- Add missing sub-dissection methods for list, set, and map.
- Add the handling of sub-structure.
- Handle Compact protocol in addition to the existing binary protocol.
- Include and improve MR !3171
- Handle reassembly the same way as for binary protocol.
- Handle sub-dissection with the same functions.
=> Sub-dissectors only depend on .thrift files.
Additional changes:
- Use of constants instead of hard-coded values.
- Removed U64 support (never supported by thrift code generator, only
referenced in the C++ thrift library header but not supported in reality.
- Removed references to UTF-8 and UTF-16 string for the same reason.
- Replaced references to UTF-7 string with just string (same reason).
- Replaced references to byte with i8 as the documentation explicitly
states that byte is a compatibility name.
Documentation reference:
- https://thrift.apache.org/developers
- https://thrift.apache.org/docs/idl.html
- https://github.com/apache/thrift/blob/master/doc/specs/thrift-compact-protocol.md
- https://erikvanoosten.github.io/thrift-missing-specification/
- https://diwakergupta.github.io/thrift-missing-guide/
Closes #16244
Additional changes:
- Add authors and improve consistency
- Fix typo and clarify documentation
|
|
This utility function is useful outside of epan. Move it to wsutil
and export the interface.
The move isn't completely clean as it requires duplicating two small
inline functions but that was necessary to avoiding moving too much at
once.
|
|
We have two format_size()s, with and without wmem scoped memory.
Move the wmem version to wsutil and add a convenience macro to
use g_malloc()ed memory.
|
|
This allows wmem to be used from other libraries, namely wsutil.
It is often the case that a funtion exists in wsutil and cannot
be used with a wmem scope, requiring some code duplication or
extra memory allocations, or vice-versa, code in epan cannot be
moved to wsutil because it has a wmem dependency.
To this end wmem is moved to wsutil. Scope management remains part
of epan because those scope semantics are specific to dissection.
|
|
Related to #17465 and !3526
|
|
"User" sounds as if the blocks belong to the user; at most, the current
user might have modified them directly, but they might also have, for
example, run a Lua script that, unknown to them, modified comments.
Also, a file might have "user comments" added by a previous user, who
them wrote the file and and provided it to the current user.
"Modified" seems a bit clearer than "changed".
|
|
Mostly functioning proof of concept for #14329. This work is intended to
allow Wireshark to support multiple packet comments per packet.
Uses and expands upon the `wtap_block` API in `wiretap/wtap_opttypes.h`.
It attaches a `wtap_block` structure to `wtap_rec` in place of its
current `opt_comment` and `packet_verdict` members to hold OPT_COMMENT
and OPT_PKT_VERDICT option values.
|
|
This functionality has been added in d2a660d8, where its limitations
are described.
Improvements:
* the Substream index menu now properly filters for available stream numbers;
* Follow Stream selects the first stream in the current packet
Known issue (which is still there): if a packet contains multiple QUIC
streams, then we will show data also from streams other than the selected
one (see #16093)
Note that there is no way to follow a QUIC connection.
Close #17453
|
|
|
|
It is to tvb_reported_length_remaining() as
tvb_ensure_captured_length_remaining() is to
tvb_captured_length_remaining() - it throws an exception if the offset
is out of range.
(Note that an offset that's just past the end of the {reported,
captured} data is *not* out of range, it just means that there is no
data remaining. Anything *past* that is out of range and thus invalid.)
|
|
The circuit API was removed and replaced with the conversation
"_by_id" API that uses a single uint32 value by commit
800b26edbe34e135cc9be1d4395db2c13ae1213f
Remove the lingering references to circuits from the stream API,
since it's just used with conversations now.
|
|
Closes #17370
|
|
When tshark enables synchronous resolution of IP addresses to names,
forces calls to maxmind_db_lookup_ipv4()/_ipv6() to block-wait for the
maxmind response.
Proposed fix for #14691.
|
|
This merge request adds:
* Decoding of ProtocolID and PPID in Component Status Protocol dissector.
* Moved SCTP PPID list from SCTP dissector into separate file sctpppids.c,
due to reuse in Component Status Protocol dissector.
* Export of sctpppid_val_ext containing the PPID list.
|
|
This pull request includes:
* The "Follow DCCP stream" feature.
* Updated docbook documentation for the "Follow DCCP stream" feature.
* Test for the feature.
* Corresponding packet trace for the test.
|
|
|
|
Save a copy of the pathname used to open a file in the wtap structure.
This allows the BER file reader to put a pointer to it in the
pseudo-header; it also would allow file readers to attempt to read
"associated" files that have the same name as the file, but with a
different extension.
Instead of having cf_open() special-case BER files, and calling a
routine in the BER dissector to specify the file name to the dissector,
have separate dissectors for "dissect packet payload as BER" and
"dissect a file as BER", and have the latter get the pathname of the
file from the pseudo-header and determine the ASN.1 syntax from that.
(Side-effect - this means that you can now dissect a BER file, and have
the syntax be determined by the file extension, in TShark as well; the
above cf_open() special-casing was *not* done in TShark, so it didn't
work before. Now the application code doesn't need to do any of that,
so it works in TShark as well as Wireshark.)
|
|
Instead *_register_plugin() is turned into a noop (with a warning).
The test suit is failing with ENABLE_PLUGINS=Off (it was already failing
before and this patch didn't affect that).
Closes #17202.
|
|
Removed unused functions found by Martin Mathieson.
|
