Age | Commit message (Collapse) | Author | Files | Lines |
|
Valgrind picked this up as a very large memory leak on systems with libnl,
since the GUI polls this code regularly and was leaking several nl messages
each time.
Change-Id: Ie6b32e094d90183a16fb187adea430c4b43c208c
Reviewed-on: https://code.wireshark.org/review/9502
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
previous declaration.
Change-Id: Id0c3b74ac52c427d9c1efdf749dc410bc5bb450f
Reviewed-on: https://code.wireshark.org/review/9460
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
size is '520' bytes, but '1042' bytes might be written.
Change-Id: Ic88bc977011eff9ae3c2a4a5ba717e78dbb1171c
Reviewed-on: https://code.wireshark.org/review/9452
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
[-Wdocumentation]
Change-Id: Iecd9f8820840959a2f226120cbc359977d20c757
Reviewed-on: https://code.wireshark.org/review/9009
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Add the wireless toolbar to the Qt UI.
Start adding AirPcap support to ui/80211_utils. Add FCS validation
routines to ws80211_utils.
Move a bunch of AirPcap routines that require epan from caputils to
ui/gtk. They were required for driver key management, which we'll
leave to the AirPcap Control Panel in the Qt UI.
Move frequency-utils to wsutil.
Change-Id: I44446758046621d183f5c2ba9f6526bf01e084f1
Reviewed-on: https://code.wireshark.org/review/8910
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
This patch extends the existing decryption support for WPA to also
handle rekeys by checking each decrypted packet for a 4-way-handshake.
Rekeys can be used for WPA-PSK, but are more common with WPA-Enterprise
(WPA-EAP).
For decrypting WPA-EAP secured packets the user must provide all used PMK's
of the connection (aka PSK's) as WPA-PSK 32 byte hex values to wireshark
via the existing interface.
(The capture must have all 4-way-handshakes included also, starting with
the first unencrypted one.)
Every decrypted unicast packet will habe the used PMK and TK shown in the
CCMP/TKIP section below the key index in the GUI. Group packets will display the
GTK instead.
Additionally this fixes a small issue with group rekey handling, so every packet
can be selected in the GUI in random order, removing the need to manually find
the correct group keying packets prior to that.
It was tested primary with WPA-CCMP, but TKIP is also working.
One section in the code touch bluetooth 802.1X support. It should do
exactly the same, but will now also examine all decypted packets for rekeys.
Ping-Bug: 11172
Change-Id: I19d055581fce6268df888da63485a48326046748
Reviewed-on: https://code.wireshark.org/review/8268
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Most of our sites are now HTTPS-only. Update URLs accordingly. Update
other URLs while we're at it. Remove or comment out dead links.
Change-Id: I7c4f323e6585d22760bb90bf28fc0faa6b893a33
Reviewed-on: https://code.wireshark.org/review/7621
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Part 2...
Change-Id: I47b74c81ee7b7cd8296ce9da5a60ad6aecef8c78
Reviewed-on: https://code.wireshark.org/review/7239
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
/usr/include/libnl3/netlink/types.h:25:15: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:65:9: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:81:18: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/handlers.h:113:18: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/utils.h:43:13: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/attr.h:47:16: warning: comma at end of enumerator list [-Wpedantic]
/usr/include/libnl3/netlink/route/link.h:95:23: warning: comma at end of enumerator list [-Wpedantic]
...
Change-Id: I3f14e9d4887569e5d7befe1adb77561c8793437e
Reviewed-on: https://code.wireshark.org/review/7201
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I081446fbbc242c01f8ac9dede575c3ea77421c42
Reviewed-on: https://code.wireshark.org/review/7103
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
g_string_free(str, FALSE) frees the GString container but not the
underlying g_malloc()ed string; instead, it returns a pointer to the
g_malloc()ed string.
Fix those places that didn't already get the string pointer from
g_string_free() to do so rather than manually extracting the string
themselves.
And fix one place that didn't even need to use a string - it was just
scanning a C string without even modifying it.
Change-Id: Ibbf4872bf5b9935b9907f539b6edb1013f3053a5
Reviewed-on: https://code.wireshark.org/review/6532
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Instead of always ignoring the return value, always check it, and only
report an error if it returns FALSE.
(Alternative: have it return NULL on success and a pointer to a
g_malloc()ed string on failure.)
Fix a comment while we're at it.
Change-Id: Icb72c9f47775b6552e3eb4fe5ddcc85482bfb5fb
Reviewed-on: https://code.wireshark.org/review/6528
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I009c09f25d170e5c9aaaef713eaacb3252817856
Reviewed-on: https://code.wireshark.org/review/6460
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Move capchild, caputils, codecs and wsutil into a Libs group
Move gtkui into UI group
Move update-sminmpec into tools group
Change-Id: Iaf2bfe4697265af2c3ed9c9d7de2d5d1ef3cafee
Reviewed-on: https://code.wireshark.org/review/6332
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Change-Id: I90dbf0b31fc737150a01533763a7869b34c68cb6
Reviewed-on: https://code.wireshark.org/review/6220
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I60a1f671ba313c59ca1999ab703ee11370608758
Reviewed-on: https://code.wireshark.org/review/5123
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Leftover crud before I notied that RTLD_NEXT would do what I want.
Change-Id: I5e510e74c65b211e6cc6c300e760869abb399dc8
Reviewed-on: https://code.wireshark.org/review/5121
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The latest Xcode, as of today, has only 10.9 and 10.10 SDKs, which means
that, if we build Wireshark and request a deployment minimum release of
10.6, we'll be building against an SDK in which libpcap has routines
that aren't available in 10.6 and that doesn't use weak linking for
them, so the resulting binary won't actually work on 10.6.
Use the run-time loader to find those routines (currently, only
pcap_set_tstamp_precision()) and call them only if we find them.
On other UN*Xes, we still assume that we'll be running only on the
release against which we were built and newer releases.
Change-Id: Iab20d86fe3be4b299cfb6e25c1f95dc6e1581661
Reviewed-on: https://code.wireshark.org/review/5120
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
To populate the Wireless Toolbar menu the NL80211_CMD_GET_WIPHY
command is used. Some network interfaces must use split wiphy dump
feature for this command to function properly. One such example is the
D-Link DWA-160 USB adapter that does not show up when used without.
Make use of split wiphy dump feature whenever kernel supports it
to populate the list of monitor interfaces for the Wireless Toolbar.
Bug: 10564
Change-Id: Idc28e92f91a2488fa48eeb282a0ef1e2bd40a5f0
Reviewed-on: https://code.wireshark.org/review/4611
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
C does not guarantee that char is signed (that's why there's a keyword
"signed"). Use gint8, to indicate that it's not a character, it's an
8-bit signed integer.
Change-Id: Id632df23352840cbc86a4d88f4c7dade95ab7837
Reviewed-on: https://code.wireshark.org/review/4736
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Split up the ws80211_get_phys parser callback handler function into
separate functions for each attribute parsed. This is done in
preparation for supporting split wiphy dump feature where the function
logics will need modications.
Change-Id: Ic0b497fc628f0e7453cd62eb8199f17f9a308a7f
Reviewed-on: https://code.wireshark.org/review/4610
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
HAVE_PORTAUDIO_H didn't work for Stig. Use PORTAUDIO_FOUND instead,
which is the correct name to use according to the
FIND_PACKAGE_HANDLE_STANDARD_ARGS documentation. Use xxx_FOUND in a
couple of other places.
Conditionally build caputils/airpcap_loader.c.
Change-Id: I6a134192902229a446dccf43bfb7bbfe2a55d1e2
Reviewed-on: https://code.wireshark.org/review/4291
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I6c52ea9954a4c96f525e6d064dbf3fc2c71bea68
Reviewed-on: https://code.wireshark.org/review/4136
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ia6c3e7a25615bf8e052c3bacf096d76df775c9c2
Reviewed-on: https://code.wireshark.org/review/4126
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
If the rpcap port is unreachable pcap_findalldevs_ex can write more
than PCAP_ERRBUF_SIZE bytes to errbuf. E.g. if we try to capture from
Google's all-eights public DNS server we get:
----
Can't get list of interfaces: Is the server properly installed on 8.8.8.8?
connect() failed: A connection attempt failed because the connected
party did not properly respond after a period of time, or established
connection failed because connected host has failed to respond. (code 1
----
Set the buffer to PCAP_ERRBUF_SIZE*4 bytes. Hopefully that's large enough.
Change-Id: I19f34cda16050c1ba8b9d7d6ed2d8e77b945a2af
Ping-Bug: 3554
Ping-Bug: 6922
Ping-Bug: 7021
Reviewed-on: https://code.wireshark.org/review/3880
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Extcap is a plugin interface, which allows for the usage
of external capture interfaces via pipes using a predefined
configuration language which results in a graphical gui.
This implementation seeks for a generic implementation,
which results in a seamless integration with the current
system, and does add all external interfaces as simple
interfaces.
Windows Note: Due to limitations with GTK and Windows,
a gspawn-winXX-helper.exe, respective gspawn-winXX-helper-console.exe
is needed, which is part of any GTK windows installation.
The default installation directory from the build is an extcap
subdirectory underneath the run directory. The folder used by
extcap may be viewed in the folders tab of the about dialog.
The default installation directory for extcap plugins with
a pre-build or installer version of wireshark is the extcap
subdirectory underneath the main wireshark directory.
For more information see:
http://youtu.be/Nn84T506SwU
bug #9009
Also take a look in doc/extcap_example.py for a Python-example
and in extcap.pod for the arguments grammer.
Todo:
- Integrate with Qt - currently no GUI is generated, but
the interfaces are still usable
Change-Id: I4f1239b2f1ebd8b2969f73af137915f5be1ce50f
Signed-off-by: Mike Ryan <mikeryan+wireshark@lacklustre.net>
Signed-off-by: Mike Kershaw <dragorn@kismetwireless.net>
Signed-off-by: Roland Knall <rknall@gmail.com>
Reviewed-on: https://code.wireshark.org/review/359
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I64b45dad36a3ec491aeb9de3439b4fe19b46f9d8
Reviewed-on: https://code.wireshark.org/review/3308
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It just means "pcap didn't give me any interfaces, and didn't report an
error". Hopefully, in the future, there will be pcap APIs that
distinguish between the (admittedly unlikely, these days) case of "there
really *are* no interfaces on which *anybody* can capture" and "you
don't have sufficient permission to capture", and we can report the
latter as an error. (Given that pcap supports more than just "regular
interfaces", though, there are cases where you don't have permission to
capture on those but you have permission to capture raw USB traffic, for
example, so perhaps what's really needed is per-interface indications of
permissions.)
Change-Id: I7b8abb0829e8502f5259c95e8af31655f79d36a1
Reviewed-on: https://code.wireshark.org/review/3169
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This gets rid of "MS-DOS style path detected" warnings from Cygwin.
Change-Id: Id10429669704aa371dbf56a9398947c8002260ad
Reviewed-on: https://code.wireshark.org/review/3024
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Wireshark Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
|
|
Change-Id: I2ae60c1b015a432f5df36bd623f1a4c69b02bef1
Reviewed-on: https://code.wireshark.org/review/3081
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie0d4504688602c2aa8e9788643b079930ca7d305
Reviewed-on: https://code.wireshark.org/review/3076
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Move the GTK files necessary for managing the recnet remote host from capture_dlg.c to recent.c in order to use them in QT, too.
Change-Id: I3f3fd31ce928162de08c6db7309ef2a9b1e97760
Reviewed-on: https://code.wireshark.org/review/2955
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic1a64252e913f668676a3d8b69c10cc4789156b3
Reviewed-on: https://code.wireshark.org/review/2854
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I55108e39d9d5a3fc5e1e3e0ec0040c08c92cc576
Reviewed-on: https://code.wireshark.org/review/2844
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id313fa6d0510ece7d13c6ffe941374ba0873e574
Reviewed-on: https://code.wireshark.org/review/2842
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Some of those routines are used only in dumpcap; others are used in
TShark and Wireshark as well.
Change-Id: I9d92483f2fcff57a7d8b6bf6bdf2870505d19fb7
Reviewed-on: https://code.wireshark.org/review/2841
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|