| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
On Linux (and presumably other DBus-using Unix-like OSes), right-clicking on a
file on the Welcome page and choosing "Show in Folder" would only ever open the
folder, and would not highlight the chosen file.
Adding DBus support to function desktop_show_in_folder allows for the file
itself to be shown -- subject to support from the user's desktop environment...
|
|
Make sure we check our minimum macOS version when we check our Qt version
so that we don't clobber the value set by CMAKE_OSX_DEPLOYMENT_TARGET.
|
|
Merge the uninstall sections into logray.nsi, similar to wireshark.nsi.
Make a bunch of sections hidden + mandatory. Fix some miscellaneous
issues.
|
|
|
|
libssh 0.8.5 was released in October 2018, all known Linux distributions
that currently compile on the master branch with their default
packages include a more recent version, and we ship the 0.10.x series
for Windows and MacOS. (Among major Linux distributions that compile currently,
Debian Buster has 0.8.7).
It has several API changes to ssh_options_get and ssh_options_set, new features,
and a number of bugs and CVEs fixed. We can remove a workaround for a
missing API call in extcap/ssh-base
|
|
|
|
|
|
Remove the major.minor version from the plugin path, i.e:
lib/plugins/X.Y/{epan,wiretap,codecs}
and use an unversioned path:
lib/plugins/{epan,wiretap,codecs}
Introduce a new naming policy for plugins that requires
name.so.ABI_VERSION.
This is a simplified filesystem layoutfor plugins some
important benefits such as:
* improves compatibility between Wireshark versions, because
a plugin that wasn't recompiled will be automatically picked
up, but only if it has a compatible ABI version in the file name.
* does not clash with Apple guidelines
* simpler for users to understand and apply
* just overall simpler and easier to maintain, removes a lot
of complexity from CMake code
It does impose more requirements on the plugin naming scheme
but this should be handled completely transparently
by the build system.
It would also be possible to add support for unversioned *.so file
extensions at the same time, although in ths case it is not possible
to support multiple Wireshark ABI versions with only *.so, of course.
This wasn't done here but it may or may not be a useful enhancement
in the future.
Follow-up to 90b16b40921b737aadf9186685d866fd80e37ee6.
|
|
Move the libwireshark pkgconfig file to the resource directory.
Set the various paths in our .pc files based on the `pcfiledir` variable
instead of using absolute paths. This should make it possible to install
using a DESTDIR that differs from CMAKE_INSTALL_PREFIX.
|
|
dumpcap is statically linked with libwsutil and, in the main branch,
uses the JSON dumper code in that library. This means that linking with
libwsutil causes the object file for the JSON dumper to be included, and
that code calls isfinite().
As this is linking with a *static* libwsutil, and as, on most if not all
platforms, a static library, unlike a dynamic library, doesn't include
an indication of other libraries on which the library depends, linking
statically with libwsutil does not cause the code that's being linked to
link with those other libraries.
If isfinite() is in the standard system library (as it appears to be in
macOS), that's not a problem.
However, if it's in libm (as it appears to be in FreeBSD), that *is* a
problem, as it means dumpcap needs to be linked with libm. Make it so.
|
|
Remove the boilerplate and multiple symbols required
to write and load a plugin and use a simpler
interface that is also much more featureful and
extensible.
This removes the major.minor ABI check in favor of an
ABI version number that is simpler and more flexible.
In practice our 3 separate ABI versions still increase
with each major.minor version number but this may change
in the future, particularly for codecs that have a much
narrower and stable codec API.
There is a new license compatibility check. Plugins
must declare if the use GPLv2 or later, or alternatively
an FSF compliant GPLv2 compatible license. Otherwise
Wireshark refuses to load the plugin. The SPDX ID is
just an ancillary field and not enforced currently.
Adds more metadata fields during plugin registration.
These are only used for display and debugging.
There is an extra API level number in the registration API
that is reserved for future use.
|
|
Move the libwireshark pkgconfig file to the libwireshark directory
(epan).
|
|
|
|
It was a placeholder that pointed people at the download page and the
documentation page. There are plenty of references to those elsewhere.
|
|
|
|
Remove the UAT macro usage. The UAT API is nifty for dissectors
but clunky for everything else.
This allows using a hash table to store macros, that is the natural
data structure for the use case (and faster).
It also allows using the existing filter GUI dialog, adapted for
display filter macros. The difference isn't huge but it's better
and less limited than the more generic UAT dialog, with room for
improvement. Changing the UAT dialog for filter specific
use cases is difficult.
The config file is renamed to "dmacros" and uses the same format
as "dfilter", that is more amenable and forgiving for hand-editing
than the UAT storage format.
There is some logic to convert the "dfilter_macros" UAT config
file to a "dmacros" filter config file, for backward-compatibility.
The conversion is only done if there is no existing "dmacros" file
in the profile folder.
|
|
We already strongly recommend Qt version 5.12 and enforce 5.10.
Commit 06cd84a6e9f8bd0807cca35595b94b07de254b07 said "[a]lthough
build support for 5.10 and 5.11 is not being removed at this point,
it might be for 4.x at a later time."
Move to enforcing 5.11, and update macos-setup for that as well.
Remove the QT_VERSION_CHECKs for 5.10 and 5.11 (except in
qcustomplot.)
Hold off on enforcing 5.12 for now, because there isn't any code
that needs 5.12 or greater (there are two places for a workaround
for Qt 5.12.0 through 5.12.5), and because Debian Buster is on
Qt 5.11.3. There are not any known supported OS distributions on
Qt 5.10.
|
|
Add a display filter plugin with functions to test IP addresses.
This extends the display filter features with some more specialized
functions and serves as an example on how to write a display
filter plugin.
|
|
|
|
|
|
GLib's debug libraries link against pcre2-8d.lib, which means we have
to as well.
Revert some debugging in GitLab CI.
|
|
See 06cd84a6e9f8bd0807cca35595b94b07de254b07
|
|
* The QPACK decoder code has not significantly changed since the initial
nghttp3 0.1.0 release. The `user_data` field of `nghttp3_mem` was
renamed from `mem_user_data` in 0.2.0. Since we do not use it, just
remove the field to make it build on Ubuntu 22.04 with 0.1.1.
* Arch Linux, BSD, Debian, Alpine: add (lib)nghttp3.
* debian/control: add libnghttp3-dev dependency.
* brew: Install libnghttp2 instead of nghttp2, we only need the library.
* brew: libnghttp3 was just made available in Homebrew, so install it:
https://github.com/Homebrew/homebrew-core/pull/150922
|
|
Move our Falco plugin directories up one level so that we're outside the
hierarchy scanned by plugins_init. This also makes it more clear that
these are Falco plugins and that they don't conform to our plugin API.
|
|
|
|
|
|
|
|
|
|
|
|
In .gitlab-ci.yml, add spaces and emoji to the build directory name. In
CMakeLists.txt, quote a path in a wrapper script. Quote our executable
and file paths where needed in our tests.
|
|
Fix misppellings in root and ui directories.
Most of these are comments, but some are in
error messages.
|
|
[skip ci]
|
|
Quote the path name variables in -fmacro-prefix-map so that source or build
directories with spaces work when compiling with recent gcc or clang.
Fix #17487 (LocatePythonModule was removed recently so that doesn't
need fixing.)
|
|
Separate enabling assertions from WS_DEBUG. Use NDEBUG if ENABLE_ASSERT
is not defined, to conform to CMake conventions for the build type.
Misc assertion header enhancements.
This partially reverts 25d4a099f7c5578d1d43f66f8e9ea567f698cc4b.
|
|
It is annoying to have to manage two CMake flags independently
for debugging.
Instead of simply removing ENABLE_DEBUG_UTF_8 make it enabled by
default with ENABLE_DEBUG. So ENABLE_DEBUG enables everything and
ENABLE_DEBUG_UTF_8=Off can be used to disable only UTF-8 validation,
if that is desirable for some reason.
|
|
Do not define WS_DEBUG with RelWithDebInfo code. This is a release
build so it should not include debug code, unless specifically
requested with ENABLE_DEBUG=Yes.
|
|
|
|
CMake warns about an endif not matching the if. Fix a copy and paste
typo.
|
|
This is a copy of MR #9330 all code and credit to Omer Shapira.
|
|
[skip ci]
|
|
Instead of having a global init.lua in datafile_dir that may
contain library code, load the init.lua script from the plugins
directories, similar to other Lua scripts, but guaranteed to
be the first one loaded.
This is consistent with our practice and avoids overwriting the
customizable share/wireshark/init.lua with each instalation or
upgrade.
It also should allow using package.path correctly (which does
not include the configuration directory).
The init.lua in the configuration directory is still loaded for
backward compatibility. It generates a warning in the console.
|
|
Remove Lua script in preparation of moving this to the Qt UI.
|
|
Move the ipmap.html file back to datafile_dir. It was mistakenly
moved as a documentation file in 06519be2052776e4f052838905b230623e41befe.
|
|
Previously, a `download` method request for an `eo:<name>_<row>`
export object (for example, `eo:http_0` to download the HTTP export
object with row 0) would fail unless a `tap` method for `eo:<name>`
had already been run. This behavior is surprising as the other
resources downloadable via the `download` method do not work this way.
This commit addresses this issue by updating the `download` method to,
when a `eo:<name>_<row>` export object is requested, see if an
`eo:<name>` object list already exists in `sharkd_eo_list`. If it
does not exist, the `download` method first generates the object list
for `eo:<name>` and adds it to `sharkd_eo_list` using `sharkd_retap`
in the same manner that the `tap` method does. After that, the
`download` method looks for the exported object in `sharkd_eo_list`
just as it did before.
This commit also adds a `sha1` field to the list of exported objects
returned by the `tap` method for `eo` objects in
`sharkd_session_process_tap_eo_cb`.
|
|
|
|
Add Lua 5.1 support for the new IO Console Dialog. Remove the
obsolete console.lua file.
|
|
Replace our code with the upstream version, simplified to search
only for our supported Lua versions.
This allows selecting Lua versions 5.2, 5.2 or "any". The default
is 5.2 only because supporting more than one Lua versions is
generally the wrong thing to do. Allow falling back to
5.1 *explicitly*
|
|
Add `voip-calls` and `voip-convs` taps to `sharkd`, which provide the
same information as the `Telephony -> VoIP Calls` GUI menu item. The
`voip-convs` tap accepts an optional comma-separated list of call ID's
allowing the caller to limit which conversations are returned. Both a
single call ID or a `<start>-<end>` call ID range is accepted. For
example, `voip-convs:` returns all conversations, `voip-convs:123`
returns only the conversation with call ID 123 and
`voip-convs:1,5-7,9` returns conversations with call ID's 1, 5, 6, 7
and 9. The call ID for a conversation is returned in the `call`
field. The set of call ID's requested by the caller is stored in a
bit-array which, on a standard Linux amd64 machine, supports storing a
maximum of 65536 call ID's.
Because many of the taps initialized by `voip_calls_init_all_taps` are
not able to be built without it, a basic CLI-based implementation of
`simple_dialog` which prints to `stderr` has been added in
`ui/cli/simple_dialog.c`.
|
|
Add `phs` tap to `sharkd`, providing the same information as
`tshark`'s `-z io,phs` option.
Additionally, modify how `tshark -z io,phs` (and therefore `sharkd`'s
new `phs` tap) handles packet comments (aka `pkt_comment` protocol
frames). Previously, `pkt_comment` protocol frames were handled no
differently from any other protocol in `io,phs`'s `tap_packet`
callback `protohierstat_packet` but were skipped in its `tap_draw`
callback `protohierstat_draw`. This behavior seems to have been first
introduced in 80ae3708. For captures containing packet comments, this
lead to surprising `tshark -z io,phs` output with multiple root-level
`eth` trees. Below is example output of the old behavior for the
`test/captures/protohier-with-comments.pcapng` capture in this
repository with two packet comments, one on an ICMPv6 packet and
another on an SSDP packet:
# tshark -qz io,phs -r ./test/captures/protohier-with-comments.pcapng
===================================================================
Protocol Hierarchy Statistics
Filter:
eth frames:113 bytes:21809
ipv6 frames:38 bytes:7456
icmpv6 frames:35 bytes:3574
udp frames:3 bytes:3882
data frames:3 bytes:3882
ip frames:69 bytes:13993
udp frames:59 bytes:13391
mdns frames:1 bytes:138
ssdp frames:29 bytes:8561
nbns frames:20 bytes:2200
nbdgm frames:1 bytes:248
smb frames:1 bytes:248
mailslot frames:1 bytes:248
browser frames:1 bytes:248
dhcp frames:4 bytes:1864
dns frames:4 bytes:380
igmp frames:10 bytes:602
arp frames:6 bytes:360
eth frames:2 bytes:377
ipv6 frames:1 bytes:110
icmpv6 frames:1 bytes:110
ip frames:1 bytes:267
udp frames:1 bytes:267
ssdp frames:1 bytes:267
===================================================================
Despite the comment in `phs_draw` in `ui/cli/tap-protohierstat.c`,
this does not seem to match the behavior for PHS as shown in the GUI.
The GUI seems to ignore the `pkt_comment` protocol frames and merges
their children up a level. This commit tries to reproduce this
behavior in the `tshark -z io,phs` output by ignoring `pkt_comment`
protocol frames in `protohierstat_packet` instead of
`protohierstat_draw`. The result is output like the following:
# tshark -qz io,phs -r ./test/captures/protohier-with-comments.pcapng
===================================================================
Protocol Hierarchy Statistics
Filter:
eth frames:115 bytes:22186
ipv6 frames:39 bytes:7566
icmpv6 frames:36 bytes:3684
udp frames:3 bytes:3882
data frames:3 bytes:3882
ip frames:70 bytes:14260
udp frames:60 bytes:13658
mdns frames:1 bytes:138
ssdp frames:30 bytes:8828
nbns frames:20 bytes:2200
nbdgm frames:1 bytes:248
smb frames:1 bytes:248
mailslot frames:1 bytes:248
browser frames:1 bytes:248
dhcp frames:4 bytes:1864
dns frames:4 bytes:380
igmp frames:10 bytes:602
arp frames:6 bytes:360
===================================================================
Note that there are no `pkt_comment` protocols and only a single
root-level `eth` protocol. Additionally, the commented ICMPv6 and
SSDP packets have been merged into the first `eth` tree, and the frame
and byte counts have been incremented appropriately.
|
