path: root/rawshark.c
AgeCommit message (Collapse)AuthorFilesLines
2015-02-21Make FT_{U}INT64 behave more like FT_{U}INT32, add support for ↵JC Wren1-2/+9
FT_{U}INT{40,48,56} Change-Id: I57354c309ecf3a0c8f0c7cff485638027f30bb19 Reviewed-on: https://code.wireshark.org/review/5813 Reviewed-by: Michael Mann <mmann78@netscape.net> Petri-Dish: Michael Mann <mmann78@netscape.net> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-02-20Suppress a bunch of cast-qual warnings.Gerald Combs1-2/+5
Squelch warning: cast discards ‘__attribute__((const))’ qualifier from pointer target type [-Wcast-qual] similar to g630f54f. Change strtod to g_ascii_strtod to squelch a checkAPIs error. Change-Id: Ib2d26ef89f08827a5adc07e35eaf876cd7b8d14e Reviewed-on: https://code.wireshark.org/review/7269 Reviewed-by: Gerald Combs <gerald@wireshark.org>
2015-02-20Just have init_progfile_dir() take a void pointer.Guy Harris1-1/+1
dladdr() takes a void * as a code pointer; have init_progfile_dir() do so, and do the casting in the calls. We don't care about the signature of the function whose address we're passing, we just want to pass a pointer to *something* in the main program. Change-Id: I9372620a97b0eb53c2bb3c0c41a238b4408f3709 Reviewed-on: https://code.wireshark.org/review/7270 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-01-18Clean up ftype-conversion and dfilter error message string handling.Guy Harris1-2/+5
Have dfilter_compile() take an additional gchar ** argument, pointing to a gchar * item that, on error, gets set to point to a g_malloc()ed error string. That removes one bit of global state from the display filter parser, and doesn't impose a fixed limit on the error message strings. Have fvalue_from_string() and fvalue_from_unparsed() take a gchar ** argument, pointer to a gchar * item, rather than an error-reporting function, and set the gchar * item to point to a g_malloc()ed error string on an error. Allow either gchar ** argument to be null; if the argument is null, no error message is allocated or provided. Change-Id: Ibd36b8aaa9bf4234aa6efa1e7fb95f7037493b4c Reviewed-on: https://code.wireshark.org/review/6608 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2015-01-04Create BASE_DOT, BASE_DASH, and BASE_SEMICOLON types for the FT_BYTES field ↵Michael Mann1-2/+2
type. These "bases" will put a ".", "-", or ":" respectively between hexidecimal bytes in the field in packet view and display filter. FT_BYTES with BASE_NONE will have no separator in the packet view, but continue to have the ':' as a separator in the display filter. Converted the "string" hf_ entries that used tvb_fc_to_str as a string to use proto_tree_add_item with FT_BYTES/BASE_DOT type. Converted applicable tvb_bytes_to_ep_str_punct() calls to use the new BASE values. Change-Id: I2442185bb314d04a3ff2ba57883652ecd738b5f9 Reviewed-on: https://code.wireshark.org/review/6098 Reviewed-by: Michael Mann <mmann78@netscape.net>
2015-01-01Call setlocale() before getting version information.Guy Harris1-3/+3
That way, the setlocale() call used to get the current locale will get the right answer. Change-Id: Ib43e16a9d98d08e5ddaff81fd3235f5b64d7b95b Reviewed-on: https://code.wireshark.org/review/6197 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-31Don't include signal.h unless we need it.Guy Harris1-2/+0
Change-Id: I3965e0951eee919720f780b5e52732fd18fd9786 Reviewed-on: https://code.wireshark.org/review/6194 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-31Do the full string in get_{compiled,runtime}_version_info().Guy Harris1-6/+4
Have them start the string with "Compiled" or "Running on", and return the string when done. Change-Id: Ic4d290c963621fa0385dc5aab766fd4ad31d3810 Reviewed-on: https://code.wireshark.org/review/6155 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-31Move the version_info.c stuff to wsutil/ws_version_info.c.Guy Harris1-1/+0
Change-Id: I3a5c7e219974bfb924819b43b4d445eaf00e5bde Reviewed-on: https://code.wireshark.org/review/6153 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-28Removed duplicated #include linesDario Lombardo1-4/+0
Change-Id: I9cafa3cd5c74121168777d8c656e7e94e89efd3c Reviewed-on: https://code.wireshark.org/review/6065 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com> Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-12-25Check for getopt_long(), not getopt().Guy Harris1-1/+1
We support three types of platforms: 1) UN*Xes that have both getopt() and getopt_long(); 2) UN*Xes that have getopt() but not getopt_long(); 3) Windows, which has neither. Checking for getopt_long() lets us distinguish between 1) and 2) and build getopt_long() for them. Change-Id: Iaf0f142f9bebaa2eed2128d544ec9786711def45 Reviewed-on: https://code.wireshark.org/review/6045 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-24Move twelve show_version() functions from the varoius programs andStephen Fisher1-16/+1
Wireshark UI files into a single one in wsutil. Change-Id: I0a64f0cc8106bd681bd185289c36272c4c43baad Reviewed-on: https://code.wireshark.org/review/6026 Reviewed-by: Stephen Fisher <sfisher@sdf.org>
2014-12-18Make sure err_info is always set, and print it iff it's non-null.Guy Harris1-3/+6
Change-Id: Ib5c600c491a3d8adcfa91c00fa9445283610545b Reviewed-on: https://code.wireshark.org/review/5830 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-18WTAP_ERR_UNWRITABLE_ errors aren't returned by reads or open-for-reading.Guy Harris1-6/+0
Check for them *only* on opening for writing and writes. Change-Id: I4b537d511ec04bcfc81f69166a2b9a2ee9310067 Reviewed-on: https://code.wireshark.org/review/5827 Reviewed-by: Guy Harris <guy@alum.mit.edu>
That makes it clearer what the problem is, and that it should only be returned by the dump code path, not by the read code path. Change-Id: Icc5c9cff43be6c073f0467607555fa7138c5d074 Reviewed-on: https://code.wireshark.org/review/5797 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-12-01Add a Buffer to wtap_pkthdr to hold file-type-specific packet metadata.Guy Harris1-1/+3
For example, this can be used for pcap-ng options not mapped to file-type-independent metadata values. Change-Id: I398b324c62c1cc1cc61eb5e9631de00481b4aadc Reviewed-on: https://code.wireshark.org/review/5549 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-11-14Rename stat_cmd_args.[ch] to stat_tap_ui.[ch].Guy Harris1-1/+1
The intent is to handle more than just command-line arguments; reflect that. Change-Id: Ia10efda85a9d11c6579d1bec6f789cee30d9e825 Reviewed-on: https://code.wireshark.org/review/5304 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-17Don't use ctype.h routines.Guy Harris1-1/+0
That avoids locale dependency and handles possibly-signed chars(which we weren't always doing before). Change-Id: I89e50678abb8c3e535081c92ca25bc1bab672c68 Reviewed-on: https://code.wireshark.org/review/4798 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-08Only set err_info on an error, and use g_strdup_printf().Guy Harris1-6/+16
If the goal is to look like a libwiretap routine, we only need to set *err_info on an error, and we should set it to a g_mallocated string (or NULL). Handle WTAP_ERR_UNSUPPORTED while we're at it - we never return it, but we never return WTAP_ERR_UNSUPPORTED_ENCAP, either, but we handle it. Change-Id: I9d93c43278d22f0fa77ec1cf7f29b476c8dd0dd0 Reviewed-on: https://code.wireshark.org/review/4565 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-08Set err_info to null for errors that don't have an informaton string.Guy Harris1-1/+1
Change-Id: Ibbcf3496ebfb20c53b953db84b2ddb69083dcb86 Reviewed-on: https://code.wireshark.org/review/4556 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-10-07No need for WTAP_ERR_CANT_READ.Guy Harris1-9/+2
Unlike the standard I/O routines, the code we introduced that supports fast random seeking on gzipped files will always supply some specific error code for read errors, so we don't need WTAP_ERR_CANT_READ. Add WTAP_ERR_CANT_WRITE for writing, as we're still using the standard I/O routines for that. Set errno to WTAP_ERR_CANT_WRITE before calling fwrite() in wtap_dump_file_write(), so that it's used if fwrite() fails without setting errno. Change-Id: I6bf066a6838284a532737aa65fd0c9bb3639ad63 Reviewed-on: https://code.wireshark.org/review/4540 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-09-28Make the time stamp resolution per-packet.Guy Harris1-29/+0
Pcap-ng files don't have a per-file time stamp resolution, they have a per-interface time stamp resolution. Add new time stamp resolution types of "unknown" and "per-packet", add the time stamp resolution to struct wtap_pkthdr, have the libwiretap core initialize it to the per-file time stamp resolution, and have pcap-ng do the same thing with the resolution that it does with the packet encapsulation. Get rid of the TS_PREC_AUTO_XXX values; just have TS_PREC_AUTO, which means "use the packet's resolution to determine how many significant digits to display". Rename all the WTAP_FILE_TSPREC_XXX values to WTAP_TSPREC_XXX, as they're also used for per-packet values. Change-Id: If9fd8f799b19836a5104aaa0870a951498886c69 Reviewed-on: https://code.wireshark.org/review/4349 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-09-20Make load_cap_file() just return a success/fail indication.Guy Harris1-7/+5
We don't care *why* it fails; it's printed a message to indicate that. Just have it indicate whether it succeeded or not. Change-Id: I98160999baa5f25ea03ef803b7dbf77dff1518de Reviewed-on: https://code.wireshark.org/review/4213 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-08-24Modify includes of config.h so that out-of-tree builds, i.e. CMakeGraham Bloice1-1/+1
don't pick up the in-tree copy. Change-Id: I7ec473876cdba1a025c52362d7f6adc62d24ce71 Reviewed-on: https://code.wireshark.org/review/3798 Petri-Dish: Graham Bloice <graham.bloice@trihedral.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Roland Knall <rknall@gmail.com> Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
2014-07-27Make value_string_ext const-correct.Kevin Cox1-2/+2
There is still some const-incorrect usage of them but those can be ironed out after this change has been made. Change-Id: Iba0631c804bdab34d7c0232b49967130e3370488 Reviewed-on: https://code.wireshark.org/review/3199 Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-07-04Move utility routines for capturing into a libcaputils static library.Guy Harris1-2/+2
Some of those routines are used only in dumpcap; others are used in TShark and Wireshark as well. Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7 Reviewed-on: https://code.wireshark.org/review/2841 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-07-03Include "capture-pcap-util.h" even if we don't have libpcap.Guy Harris1-1/+2
The routines to get libpcap version information just say "no pcap here" if we don't have it, so they're called regardless of whether we were compiled with it. Change-Id: I4e58cce83f7c0e36aa6ef9b40ec7075732402f3b Reviewed-on: https://code.wireshark.org/review/2800 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-07-03Add long-option support.Guy Harris1-1/+10
That way, --help and --version, as well as -h and -v, work. Change-Id: I095e0dcef9f6181d6fbe6337f9f33e80bc44f11a Reviewed-on: https://code.wireshark.org/review/2790 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-07-03Regularize the help output of programs.Guy Harris1-18/+8
Only print to the standard output, and only give the version information, if a "print help" command-line option is specified. Otherwise, leave out the version information, and print to the standard error. Leave out the copyright information; it's extra cruft, and http://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html doesn't say anything about it (and bash, at least, doesn't print it). Change-Id: Ic5029ccf96e096453f3bd38383cc2dd355542e8a Reviewed-on: https://code.wireshark.org/review/2789 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-07-03Regularize the first line of version output.Guy Harris1-3/+3
For Wireshark, say "Wireshark", not "wireshark". For other programs, put "(Wireshark)" after the program name, as per http://www.gnu.org/prep/standards/html_node/_002d_002dversion.html ("If the program is a subsidiary part of a larger package, mention the package name in parentheses, like this"). Change-Id: I68558f64cfa6ee4423e42f3d6b120633ef1b2716 Reviewed-on: https://code.wireshark.org/review/2788 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-30Move capture_ui_utils.[ch] to libui.Guy Harris1-1/+3
Change-Id: Id0f3d4d60a1acc7aa64fd3737b8f16df5bca4e5a Reviewed-on: https://code.wireshark.org/review/2708 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-29Move some more stuff into wsutil.Guy Harris1-15/+11
Move the routines to parse numerical command-line arguments there. Make cmdarg_err() and cmdarg_err_cont() routines in wsutil that just call routines specified by a call to cmdarg_err_init(), and have programs supply the appropriate routines to it. Change-Id: Ic24fc758c0e647f4ff49eb91673529bcb9587b01 Reviewed-on: https://code.wireshark.org/review/2704 Reviewed-by: Evan Huus <eapache@gmail.com> Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22Add a routine to return a version string including VCS information.Guy Harris1-6/+8
Add a routine get_ws_vcs_version_info() that, for builds from a tree checked out from Wireshark's version control system, returns a string that includes both the Wireshark version number and an indication of what particular VCS version was checked out, and just returns Wireshark's version number for other builds. Use that routine rather than manually gluing VERSION and the Git version number together. ("vcs", not "git", just in case we do something bizarre or mercurial some day. :-)) Change-Id: Ie5c6dc83b9d3f56655eaef30fec3ec9916b6320d Reviewed-on: https://code.wireshark.org/review/2529 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-21Move get_copyright_info() to wsutil.Guy Harris1-0/+1
Change-Id: I75c1c747cd2b4a9845c659636582d54b2caecf1a Reviewed-on: https://code.wireshark.org/review/2510 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-05-25Add support for dissecting non-packet records.Guy Harris1-1/+1
Add a dissector table indexed by the file type, and, for the file-type-specific records, have the frame dissector skip the usual pseudo-header processing, as the pseudo-header has a file-type-specific record subtype in it, and call the dissector for that file type's records. Change-Id: Ibe97cf6340ffb0dabc08f355891bc346391b91f9 Reviewed-on: https://code.wireshark.org/review/1782 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-05-09Revert "Refactor Wiretap"Guy Harris1-2/+2
This reverts commit 1abeb277f5e6bd27fbaebfecc8184e37ba9d008a. This isn't building, and looks as if it requires significant work to fix. Change-Id: I622b1bb243e353e874883a302ab419532b7601f2 Reviewed-on: https://code.wireshark.org/review/1568 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-05-09Refactor WiretapMichael Mann1-2/+2
Start of refactoring Wiretap and breaking structures down into "generally useful fields for dissection" and "capture specific". Since this in intended as a "base" for Wiretap and Filetap, the "wft" prefix is used for "common" functionality. The "architectural" changes can be found in cfile.h, wtap.h, wtap-int.h and (new file) wftap-int.h. Most of the other (painstaking) changes were really just the result of compiling those new architecture changes. bug:9607 Change-Id: Ife858a61760d7a8a03be073546c0e7e582cab2ae Reviewed-on: https://code.wireshark.org/review/1485 Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-04-12Get rid of more tvb_get_nstringz* calls.Guy Harris1-1/+3
Add an FT_STRINGZPAD type, for null-padded strings (typically fixed-length fields, where the string can be up to the length of the field, and is null-padded if it's shorter than that), and use it. Use IS_FT_STRING() in more cases, so that less code needs to know what types are string types. Add a tvb_get_stringzpad() routine, which gets null-padded strings. Currently, it does the same thing that tvb_get_string_enc() does, but that might change if we don't store string values as null-terminated strings. Change-Id: I46f56e130de8f419a19b56ded914e24cc7518a66 Reviewed-on: https://code.wireshark.org/review/1082 Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-03-21Fix Bug 9903: 'Clicking reload-file ignores selected file format reader'Hadriel Kaplan1-0/+1
There's a relatively new feature in 1.11.3 to select a specific file format reader, instead of relying on magics or heuristics. If you select a file reader and open a file, open it, and then click the reload-file button or go to View->Reload or press the ctrl-R keymap, the file is reloaded but using the magic/heuristics again instead of the file format reader you previously chose. Likewise, the Lua relaod() function has the same issue (which is how I found this problem). I have tested this change by hand, using a Lua script, but I didn't add it to the testsuite because I need another change for my test script to work correctly. (an enhancement rather than a bug fix, which I'll submit separately) Change-Id: I48c2d9ea443e37fd9d41be43d6b6cd5a866d5b01 Reviewed-on: https://code.wireshark.org/review/764 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-03-04Remove all $Id$ from top of fileAlexis La Goutte1-2/+0
(Using sed : sed -i '/^ \* \$Id\$/,+1 d') Fix manually some typo (in export_object_dicom.c and crc16-plain.c) Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8 Reviewed-on: https://code.wireshark.org/review/497 Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-02-25Remove trailing whitespaceBill Meier1-1/+1
Change-Id: I8116f63ff88687c8db3fd6e8e23b22ab2f759af0 Reviewed-on: https://code.wireshark.org/review/385 Reviewed-by: Bill Meier <wmeier@newsguy.com> Tested-by: Bill Meier <wmeier@newsguy.com>
2014-02-07Replace "svn" with "git" all over the place.Gerald Combs1-3/+3
Rename "SVNPATH" to "GITBRANCH" since that seems more appropriate. Rename "svnversion.h" to "version.h" as Evan suggested. Update some URLs. In make-version.pl, make sure we don't set an improper upstream branch name. Use the number of commits + short hash from `git describe` for package names by default. Change-Id: I922bba8d83eabdf49284a119f55b4076bc469b96 Reviewed-on: https://code.wireshark.org/review/139 Reviewed-by: Gerald Combs <gerald@wireshark.org>
2013-12-23Add FT_SYSTEM_ID type and convert the dissectors that use print_system_id ↵Michael Mann1-0/+2
with FT_BYTES to now use FT_SYSTEM_ID type. svn path=/trunk/; revision=54383
2013-12-07Rename base_display_* to field_displayJakub Zawadzki1-2/+2
This is preparation to support ->display for FT_STRING values. svn path=/trunk/; revision=53820
2013-12-05Initialize the error-reporting routines before scanning for plugins, asGuy Harris1-3/+5
the code to scan for them uses those routines. This means epan_init() no longer takes those routines as arguments - which is just as well, given that the mechanism in question is no longer part of libwireshark, but is part of libwsutil. This should fix bug 9508. svn path=/trunk/; revision=53796
2013-12-02Move most of the plugin code from epan to wsutil and remove allGuy Harris1-1/+1
knowledge of particular types of plugins. Instead, let particular types of plugins register with the common plugin code, giving a name and a routine to recognize that type of plugin. In particular applications, only process the relevant plugin types. Add a Makefile.common to the codecs directory. svn path=/trunk/; revision=53710
2013-11-17Move the epan/filesystem.c routines to wsutil; they're not specific toGuy Harris1-1/+1
packet dissection, they're specific to the entire Wireshark suite of programs. svn path=/trunk/; revision=53377
2013-11-10Move struct _ftype_t + callback typedefs + free macro to ftypes-int.hJakub Zawadzki1-0/+1
svn path=/trunk/; revision=53223
2013-11-08The "file types" we have are actually combinations of types andGuy Harris1-1/+1
subtypes, e.g. Network Monitor version 1 and Network Monitor version 2 are separate "file types", even though they both come from Network Monitor. Rename various functions, #defines, and variables appropriately. svn path=/trunk/; revision=53166
2013-11-06Add support for displaying dates as year and day-of-year (1-origin).Guy Harris1-4/+16
In the process, fix various man page descriptions of the -t flag, and add support for UTC absolute times in the iousers and iostat TShark taps. svn path=/trunk/; revision=53114