Age | Commit message (Collapse) | Author | Files | Lines |
|
When opening a file offline, pcapng will read initial non packet
blocks in order to try to find the first interface, to try to
support conversion to file types only support one link layer type
and need to know it to set in the initial header.
(0d2a2d3777d09fd9fe3eaa95ef924cbd769c3f22)
This means that initial NRBs and DSBs can already be processed
when the ipv4 and secrets callbacks are added. Wiretap ensures
that the callbacks are called for any NRBs (c65d5a0a80faed9c9a1d652)
and DSBs (e8f9ac33525a40aacd0a72010c2c84884ae2ccb7) that have
already been read when the callbacks are added. So far so good.
However, this means that capinfos needs to zero out the counters
*before* adding the callbacks, not afterwards.
|
|
Fix misppellings in root and ui directories.
Most of these are comments, but some are in
error messages.
|
|
We don't use the packet comments if this boolean isn't set,
and don't free them either, so don't create them.
|
|
This means that fractional parts of timestamps are generated with
format_fractional_part_nsecs().
|
|
This replaces code in both absolute_time_string(), in capinfos, and
set_abs_ymd_time(), in libwireshark. Like absolute_time_string(), it
reports, in the formatted string, an error if the seconds value in the
nstime can't be converted to a struct tm (looking at *you*, Visual
Studio C library),
Have that routine handle all time precision values from 0 (seconds) to 9
(nanoseconds).
Add a ws_gmtime_r(), matching ws_localtime_r(), for use by that routine.
|
|
Created new `-p`/`-P` flags to enable and disable the output of all
individual packets comments via `capinfos`. Output of the comments
is enabled by default.
It is possible to have multiple comment blocks on a single packet. The
output of `capinfos` will include multiple comment lines for the same
packet.
When machine-readable output is enabled via `-M`, packet comments are
escaped before being printed. Using `-M` also escapes the any file-level
comments.
|
|
|
|
Finish removing RIPEMD160 support, which was started in 2a285b75a1. As
noted in that commit, FIPS 140-2 will abort if it's enabled. It's been
deprecated by OpenSSL as well.
|
|
|
|
|
|
|
|
The reason to use wsgcrypt.h was to wrap it around DIAG_OFF()
macros and that should no longer be necessary.
|
|
When reading a packet capture with capinfos on a system with
FIPS 140-2 enabled, libgcrypt will abort for any non approved
algorithm. In this case the RIPEMD 160.
|
|
Ping #18075
|
|
|
|
Rename init_progfile_dir to configuration_init. Add an argument which
specifies our configuration namespace, which can be "Wireshark"
(default) or "Logwolf".
|
|
|
|
|
|
Use macros from inttypes.h with format strings.
|
|
Use an enum to select units and a bit flag for the other options,
currently only prefix type.
|
|
The verbiage for first/last packets and start/end times seem
to not be consistent. Changing will also require a change to
Capture File Statistics in the Wireshark Gui. Future MR.
|
|
Calculate the hashes for a file after the wtap_open_offline, to avoid
spending time calculating them for files that aren't known capture
formats. We wouldn't print the checksums in those cases anyway,
and the time savings can be considerable on large non-capture files.
|
|
This is part of the API and should also be renamed to avoid conflicts.
|
|
Besides the obvious limitation of being unavailable on Windows,
the standard is vague about getopt() and getopt_long() has many
non-portable pitfalls and buggy implementations, that increase
the maintainance cost a lot. Also the GNU libc code currently
in the tree is not suited for embedding and is unmaintainable.
Own maintainership for getopt_long() and use the musl implementation
everywhere. This way we don't need to worry if optreset is available,
or if the $OPERATING_SYSTEM version behaves in subtly different ways.
The API is under the Wireshark namespace to avoid conflicts with
system headers.
Side-note, the Mingw-w64 9.0 getopt_long() implementation is buggy
with opterr and known to crash. In my experience it's a headache to
use the embedded getopt implementation if the system provides one.
|
|
Remove "Section N:" headers from capinfos table (`-T`) output when
outputting "additional capture file information" with `-F` and/or
comments with `-k`. These headers broke the formatting of table output.
The downside to this fix is that pcapng files with multiple SHBs and/or
comments will have extra table columns that don't line up with the
header, as in:
...,hardware1,os1,application1,comment1,comment1,hardware2,os2,
application2,comment2,comment2,...
There's no real good way around this though.
|
|
|
|
Bug 17478 was caused by `wtap_rec.block` being allocated for each
packet, but not freed when it was done being used -- typically at the
end of a loop.
Rather than requiring each caller of `wtap_read()` to know to free a
member of `rec`, I added a new function `wtap_rec_reset()` for a
slightly cleaner API. Added calls to it everywhere that seemed to make
sense.
Fixes #17478
|
|
Version info is an aspect of UI implementation so move it to
a more appropriate place, such as ui/. This also helps declutter
the top-level.
A static library is appropriate to encapsulate the dependencies
as private and it is better supported by CMake than object libraries.
Also version_info.h should not be installed as a public header.
|
|
Initialiaze the cmdarg error stream earlier.
Dumpcap also needs to know earlier if it is running in capture
child mode.
|
|
Instead of receiving the program name from GLib, pass it explicitly
to ws_log_init() instead and use that to initialize the GLib program
name.
ws_log_parse_args() will now exit the program when it encounters an
argument error if exit_failure >= 0.
|
|
|
|
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
|
|
"Commonly-used" meaning "used by more than one source file".
Clean up the exit codes, combining some duplicates with different names,
and using some instead of raw numbers in some places.
|
|
Have routines to report capture-file errors, using libwireshark error
codes and strings, that call through a pointer, so they can pop up
dialogs in GUI apps, print a message to the standard error on
command-line apps, and possibly do something different on server
programs.
Have init_report_message() take a pointer to structure containing those
function pointers, rather than the function pointers themselves, as
arguments.
Make other API changes to make that work.
|
|
Add it to the default list of checks, and fix some errors it causes.
(Sadly, it doesn't work in CLang.)
|
|
The "short name" is really just the name, used to look it up. The
"name" is really a description intended solely for human consumption.
Rename the fields, and the functions that access them, to match.
The "description" maintained by Lua for file type handlers is used
*only* for one debugging message; we should probably just eliminate it.
Call it an "internal description" for now.
|
|
Put three statements, all executed iff cap_snaplen is true, into a
single if statement.
|
|
Note that reason in a comment.
|
|
In each of our executables we were calling "setlocale(LC_ALL, "")" at
startup. This told Windows that output was encoded using the current
system code page. Unless the code page was 65001 (UTF-8), this was a lie.
We write UTF-8 to stdout and stderr, so call "setlocale(LC_ALL, ".UTF-8)"
at startup on Windows. This lets the CRT translate our output correctly
in more cases.
Clarify and expand the OUTPUT section in the tshark man page.
Bug: 16649
Change-Id: If93231fe5b332c292946c7f8e5e813e2f543e799
Reviewed-on: https://code.wireshark.org/review/37560
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Make wtap_file_get_shb() take a section number argument, and update code
that called it. In most cases, we convert the code to iterate over
sections; in cases where a big code change would be required, we
temporarily pass it 0 and mark the code as "needs to be updated for
multiple sections".
Eliminate cf_read_section_comment(); in calls outside file.c, other code
directly calls the libwiretap routines it calls and, inside file.c, we
just transplant the code and then fix it not to assume a single SHB.
Change-Id: I85e94d0a4fc878e9d937088759be04cb004e019b
Reviewed-on: https://code.wireshark.org/review/37000
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Make the buffers big enough to handle the largest possible time values
you can get with a 64-bit time_t.
Don't cast the seconds value to unsigned long; it's probably signed, and
may not fit in an unsigned long (64-bit on an ILP32 or LLP64 platform),
so cast it to gint64 and print using G_GINT64_MODIFIER followed by "d".
Bug: 16519
Change-Id: I3ab79dfa086d2c4dfb6b93eba8cef3bdce731731
Reviewed-on: https://code.wireshark.org/review/36971
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <gharris@sonic.net>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Ethernet packets without the CRC are 1514 bytes long, not 1500 bytes
long; using 1514 bytes will avoid a reallocation for a full-sized
Ethernet packet.
Change-Id: Ie8da3f13bf3df07e23e4478b7dcf84f06dec6a9d
Reviewed-on: https://code.wireshark.org/review/32761
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That makes it - and the routines that implement it - work more like the
seek-read routine.
Change-Id: I0cace2d0e4c9ebfc21ac98fd1af1ec70f60a240d
Reviewed-on: https://code.wireshark.org/review/32727
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I74e50db685b378afc706215fb9f8e5294aa77f94
Reviewed-on: https://code.wireshark.org/review/32089
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Open and close the file there, as well as reading it.
Small code cleanup, add comments.
Change-Id: I895dd61c92160649fc9ee1cdcf3df45db3eabe57
Reviewed-on: https://code.wireshark.org/review/32017
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
For close to 10 years, we have defaulted not to stop processing on an
open error; default not to stop processing on a read error, either. -C
causes us to stop for both.
Bug: 15433
Change-Id: I5cd239c160d0ff85eb0425ca4b172532a4659fd3
Reviewed-on: https://code.wireshark.org/review/31710
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This makes it slightly clearer, from code inspection, what the -C flag
does. The default behavior is to continue; -C cause capinfos to stop,
rather than continue, after an open failure.
Change-Id: I8bc67ce61c5d828c7f0ed87ee397ef994ff99aa4
Reviewed-on: https://code.wireshark.org/review/31621
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit b32c8432c76ab9e86fb1fd796fa5600d181e02ae.
Reason for revert: the variable name was confusing - it describes
the behavior if the -C flag is *absent*, and -C sets it to *false*.
Change-Id: Ia4d2fb954466b710db3fd1b9897feb9f3818c3a9
Reviewed-on: https://code.wireshark.org/review/31618
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
When the -C flag was added, it meant (and still means) "[C]ontinue after
open errors", which was new behavior; the default "exit on open errors"
behavior was not changed.
Change-Id: I066c1aaef544e57efb39404e2dd61acbd9a91754
Reviewed-on: https://code.wireshark.org/review/31614
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|