Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
Most of the time, the return value tells us nothing useful, as we've
already decided that we're perfectly willing to live with string
truncation. Hopefully this keeps Coverity from whining that those
routines could return an error code (NARRATOR: They don't) and thus that
we're ignoring the possibility of failure (as indicated, we've already
decided that we can live with string truncation, so truncation is *NOT*
a failure).
|
|
When tshark enables synchronous resolution of IP addresses to names,
forces calls to maxmind_db_lookup_ipv4()/_ipv6() to block-wait for the
maxmind response.
Proposed fix for #14691.
|
|
It never returns a null pointer.
(At least some compilers support decorating function declarations with
indications that they never return a null pointer; hopefully at least
some of them attempt to validate that claim, and report at least a
warning, if not an error, if they can't. We should look at decorating
functions in that fashion.)
This should squelch a nullPointerRedundantCheck warning from cppcheck.
|
|
Check if profile specific file exists for ethers, ipxnets and enterprises.tsv
before falling back to personal configuration file.
Fixes: wireshark/wireshark#16878
|
|
This is roughly 10% of tshark startup time.
- Enterprise string does not need to be trimmed at the beginning
- No need to call g_hash_table_replace() as keys are just guint32
|
|
This saves around 3% time (profiling a small capture file) at startup.
parse_ether_address_fast() was returning FALSE in some cases
where it shouldn't have, i.e.
- the test for the having hex chars incorrectly discarded any case where the
msb of any address octet is set, i.e. any value from 80 to f0.
- it now allows ':' and '-' as a separator (so that many of the wka entries
also match).
|
|
1. Switch list of manually resolved names from a list to a map
(IP Address --> Custom Hostname)
2. If an address was already in the list, just update the old entry.
Previously this added a new entry anytime somebody would edit a
hostname.
3. Display the previous hostname in the GUI
4. Remove unused manually_resolve_cleanup()
Bug: 11221
Change-Id: I42d5b6267eb6613bdf7783865bc2d30d6bda1147
Reviewed-on: https://code.wireshark.org/review/36059
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Although c-ares support was techically optional, it was either on by
default or required in all of our packaging. Go ahead and require it
globally. C-ares is widely available and synchronous name resolution can
easily result in a horrific user experience.
Change-Id: Id67c797316ed6b8a0ab5052e55a43a1b9e2a2464
Reviewed-on: https://code.wireshark.org/review/35188
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
Change-Id: I9791aeba7891200f550400b317ced1b9e85200fd
Reviewed-on: https://code.wireshark.org/review/35035
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Use the C-ARES ares_set_servers() API to set a list of DNS servers to use.
The list of DNS servers is controlled through a UAT. There is also a boolean
preference to determine if the custom list should be used. The boolean preference
was added to arbitrate between the "default" list of servers that C-ARES creates
during initialization and using the "custom" list (which may be empty and we don't
want the "default" list to be overwritten)
Bug: 15960
Change-Id: I4ba071777f6bb9bc2fef313b7618908d805c0690
Reviewed-on: https://code.wireshark.org/review/34419
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Use existsing file_exists() function to check if the profile contains
a vlans file.
Change-Id: Ibc3d32b27059edd80b7c4e88ceb48fded2334909
Reviewed-on: https://code.wireshark.org/review/33384
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
If the profile directory contains a vlans file we will use it. Otherwise
fall back to normal user preferences.
Bug: 15795
Change-Id: Ie6a63a6f7a29bd83a15799875aa5883be7010039
Reviewed-on: https://code.wireshark.org/review/33378
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
That's just noise, especially if the signal is SIGINT.
Change-Id: I97df2396d60280e5978f637ec3bb8f93966674b8
Reviewed-on: https://code.wireshark.org/review/32718
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Remove name resolution from DNS packets from the tooltip because
resolving from DNS packets has it's own check box.
Change-Id: I0a4039a1639f22b51429c3771fd828d9727aca08
Reviewed-on: https://code.wireshark.org/review/31581
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Found by clang-tidy.
Change-Id: Iaf6cf84c33b03ddfcd39a333b49f4987002afa56
Reviewed-on: https://code.wireshark.org/review/31338
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
When no mask is allowed, reject addresses like "aa:bb:cc:...".
Fix the type of 'cp' to avoid reading from a negative array index.
Fix parsing, a nibble is four bits, not eight.
Bug: 15297
Change-Id: Ibb0d0c17005b1e6213c09092e4b3c888a9024304
Fixes: v2.9.0rc0-2629-g3bb32ede26 ("addr_resolv: add fast path for parsing addresses from manuf")
Reviewed-on: https://code.wireshark.org/review/30768
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The manuf file is large but has a consistent format (25.7k entries with
three octets, 9.8k entries with a mask). Add a fast path for this file
that is 20% faster (saves 20ms on an unoptimized Debug+ASAN build).
Change-Id: Ida509b0305caf4e26131dc5cf5fb04c49392ad4b
Reviewed-on: https://code.wireshark.org/review/30757
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The key for the manuf table is 24 bits of the ether addr while the key
for services table needs is a 16 bit port. Store this value directly,
saving some memory and improving startup time by a tiny bit.
Likewise for ipxnet_hash_table and vlan_hash_table. These tables seem
unused though, perhaps it should be removed.
Change-Id: Ide9ffad8e2c9af24afa82adb2e009f32a5f43d38
Reviewed-on: https://code.wireshark.org/review/30756
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
An unoptimized, Debug+ASAN `tshark --version` takes about 1 second. 17%
of the cycles are spent in addr_resolv_init and 7% within fgetline. Use
fgets instead, now fgetline only costs ~0.5% (11% for addr_resolv_init).
This limits the line length to 1K which should more than be sufficient
for all involved files (longest lines: manuf 154, services 222).
Change-Id: I8fe4dff317beaa2926c4106909b10898bcd35f21
Reviewed-on: https://code.wireshark.org/review/30755
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add a function to convert a string that contains an ethernet address
(including the colons) into a sequence of 6 bytes.
Use the existing internal functions to parse an ethernet address.
Declare the new function as local to libwireshark. It'll be used by
wslua to support ethernet addresses.
While at it, fix an incorrect comment about parse_ether_address(). If
accept_mask is false, only a complete 6-byte ethernet address is
accepted.
Change-Id: Ib03306c44866fe97d3cbff2634411b7f5ec31a79
Reviewed-on: https://code.wireshark.org/review/30162
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
IPv4 and v6 name resolution are bound to a capture file. Using a lua
script, it is possible to trigger a name resolution when no capture file
is open. This crashes Wireshark as the hash tables for name resolution
are not initialized at this time.
martin@reykholt:~/src/wireshark.git/build$ echo "print(Address.ip(\"1.1.1.1\"))" > bla.lua
martin@reykholt:~/src/wireshark.git/build$ ./run/tshark -Xlua_script:bla.lua
Segmentation fault
martin@reykholt:~/src/wireshark.git/build$ echo "print(Address.ipv6(\"::1\"))" > bla6.lua
martin@reykholt:~/src/wireshark.git/build$ ./run/tshark -Xlua_script:bla6.lua
Segmentation fault
Make sure that the hash tables are available as long as the epan library
is initialized. Add a new function host_name_lookup_reset(), call this
function every time we set up dissection for a new capture file. This
way, we keep the name resolution results separate per capture file.
Reorder the steps in init_dissection(). Host name lookup is now
available at all times, there's no need to be in file scope when it's
initialized.
Change-Id: I9599100d5f378b6a0f73dc630e4c8af3b3ffb2cc
Reviewed-on: https://code.wireshark.org/review/29398
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Petri-Dish: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
And handle comments in manuf file entries correctly.
There are entries in the manuf file where columns are
separated by two or more tab characters. These extra
tab characters are not being trimmed from the manuf name.
OUI: 00:40:96 ( Cisco Systems, Inc.)
->
OUI: 00:40:96 (Cisco Systems, Inc.)
Change-Id: Ie6545480848bb84c20bea6566a3ccf11c7ed9233
Reviewed-on: https://code.wireshark.org/review/27759
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Otherwise, the first N packets printed, for a value of N dependent on
various factors, won't get IP addresses resolved to names, even if the
user wants them resolved. Unlike Wireshark, which, when a name is
resolved in asynchronously, can go back and fix up the displayed packet
when the asynchronous operation completes, once TShark has written
packet data to the standard output, it can't go back and fix it if it
did name resolution asynchronously.
Bug: 14711
Change-Id: I8ebbd83103e5780c903b5560e01b7b92fa39c924
Reviewed-on: https://code.wireshark.org/review/27668
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We don't have add_async_dns_ipv6(), we just do the same stuff inline in
host_lookup6(); this removes an irrelevant difference between
host_lookup() and host_lookup6().
Change-Id: Ib4aa1783ddec1bc390e2a7f64c87f1c8441fa849
Reviewed-on: https://code.wireshark.org/review/27661
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I0844795597cec83dfb6752fb986d2a9957789530
Reviewed-on: https://code.wireshark.org/review/27657
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Found by valgrind. Remove unnecessary "if" guard for g_free while at it.
Change-Id: I58a18472f2c82e4c6c810d3cb3eeb2358b64f4ab
Reviewed-on: https://code.wireshark.org/review/27133
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
MaxMind is discontinuing its legacy databases in April in favor of
GeoIP2, which use a newer database format (MaxMind DB). The reference C
library (libmaxminddb) is available under the Apache 2.0 license which
isn't quite compatible with ours.
Add mmdbresolve, a utility that reads IPv4 and IPv6 addresses on stdin
and prints resolved information on stdout. Place it under a liberal
license (MIT) so that we can keep libmaxminddb at arm's length. Add
epan/maxmind_db.[ch], which spawns mmdbresolve and communicates with it
via stdio.
Migrate the preferences and documentation to MaxMindDB.
Change the IPv4 and IPv6 asnum fields to FT_UINT32s. Change the
geographic coordinate fields to FT_DOUBLEs.
Bug: 10658
Change-Id: I24aeed637bea1b41d173270bda413af230f4425f
Reviewed-on: https://code.wireshark.org/review/26214
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
We might not yet have allocated the manually-resolved address lists;
only free the if we have.
Change-Id: Iff9864e397a04cdcb613268603c073ecd1fa77fb
Reviewed-on: https://code.wireshark.org/review/26236
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Skipping dissectors dir for now.
Change-Id: I717b66bfbc7cc81b83f8c2cbc011fcad643796aa
Reviewed-on: https://code.wireshark.org/review/25694
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
We have WS_INET_ADDRSTRLEN and WS_INET6_ADDRSTRLEN; use them.
Change-Id: Idade0da9fae70d891901acd787b06d21e2ddbc5f
Reviewed-on: https://code.wireshark.org/review/24156
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That allows a parallel typedef of ws_in4_addr for guint32.
Change-Id: I03b230247065e0e3840eb87635315a8e523ef562
Reviewed-on: https://code.wireshark.org/review/24073
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
If we're building on Windows we're going to have windows.h and
winsock2.h. Don't bother checking for them.
Change-Id: I0004c44d7364ab3f41682f34b8c84cd8617c9603
Reviewed-on: https://code.wireshark.org/review/24068
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
addresses.
inet_pton(), and thus ws_inet_pton(), won't accept hex or
fewer-than-four-component IPv4 addresses, at least on Single UNIX
Specification-compliant systems - the SUSv4 explicitly says
The inet_pton() function does not accept other formats (such as
the octal numbers, hexadecimal numbers, and fewer than four
numbers that inet_addr() accepts).
so we don't need to check for "inet_atons that accept strings such as -
"130.230" as valid addresses".
That also means that, "if there are any places where this needs to
support the hex-address form for IPv4 addresses, or to support fewer
than 4 components for a network address", those places were hosed even
before we stopped using inet_aton(), so there are presumably no such
places. (Itojun's comment was probably just an expression of general
concern, rather than a note of a known problem.)
Change-Id: Id16b6ebd3550dc3bf5a0fc283898a99b7abc163c
Reviewed-on: https://code.wireshark.org/review/24057
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
We don't need a temporary IPv4 address variable in get_host_ipaddr(), we
can just use the pointer we've been handed.
Change-Id: Id7cbd0c14b2eeb3efde5a556f3414bd635411908
Reviewed-on: https://code.wireshark.org/review/24056
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Note the dropping of support for hex IPv4 addresses and addresses with
fewer than four components, and indicate that, if there are any places
where that support is expected, we should change those places (i.e.,
don't just change get_host_ipaddr() and, if there aren't any such
places, just leave everything as it is).
It's not clear that get_host_ipaddr() is "Used more in the dfilter
parser rather than in packet dissectors"; that may depend on whether
you're counting number of calls executed from those places or the number
of lines of code making those calls. Just drop the claim, which is
absent in the comment for get_host_ipaddr6().
Also ask whether we're using get_host_ipaddr{6}() in any places where it
should *only* support numeric addresses rather than names.
Change-Id: Ib5d8730ca703339342f308081a68309479f842c5
Reviewed-on: https://code.wireshark.org/review/24055
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Including where it says not to in comments. Use IPv4 dotted-decimal
notation.
Change-Id: Iafe1f6fbd2bd5867c41642dc27411f47dff8ce6a
Reviewed-on: https://code.wireshark.org/review/24044
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Comments were discarded based on a fourth column using tab separators.
Use a pound sign instead.
Change-Id: Icb5dd33c4a2c9c441eebda74bc8d813443efe1b6
Reviewed-on: https://code.wireshark.org/review/23351
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Fixes g55724db3db.
Change-Id: Idf9d5293fcd0e91698305da1cec5b8771c0a6a91
Reviewed-on: https://code.wireshark.org/review/23345
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Some places (like MAC resolution) want to keep a fixed length, but for places
that want to display "full organization name", save the long name that is
treated as a comment in the manuf file.
Have make-manuf convert companies with all caps to mixed case so we're not
screaming the company name at the user.
Convert the manuf.tmpl to be tab delimited without a comment for the "long name"
so it can match the format now created by make-manuf.
Remove uint_get_manuf_name as it was unnecessary.
Bug: 3666
Change-Id: If2af5a1ce64e2784fe3941eeae8d8093d4f1467b
Reviewed-on: https://code.wireshark.org/review/23150
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Rename range_foreach_r() to range_foreach(), getting rid of the old
range_foreach().
If your callback doesn't require an additional argument, just pass NULL
when calling range_foreach(), and declare the argument as unused.
Change-Id: I49a56f90610e39cf2ddc398c9e30ed11a6ca90db
Reviewed-on: https://code.wireshark.org/review/23025
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
to avoid mistaking it for a range function that operates on pairs.
Change-Id: If9117c195ba21d55a476c3b9deb2a2ca7a1056ed
Reviewed-on: https://code.wireshark.org/review/22994
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Remove assignee and other miscellaneous information that changes more
frequently than service name and can be consulted directly in the IANA
registry.
Allow merging identical transports into a single line for convenience
and size/speed optimization (a backward-compatible change).
Remove obsolete make-services.pl.
Change-Id: I3ecbd1a6a68d87c084d77498a0eeb44b7afdab67
Reviewed-on: https://code.wireshark.org/review/22872
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Having two distinct logical concepts (OUI and Well Known Address)
concatenated to a single "manuf" file is needlessly obfuscating
the WKA feature.
Have a distinct "wka" file instead and just skip the cat.
Change-Id: I46f53b0015a37331d65f8cfac7cbbd499dd0c5b8
Reviewed-on: https://code.wireshark.org/review/22742
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Version 1.5 was released on 21-nov-2007. RHEL, Suse, etc supported versions
are all above c-ares v1.5.
We don't bother testing for it at build time for now, because it's non-trivial
(times two build systems).
Change-Id: I9253256d8d905da0c75d80b2b0fa4527df2b1420
Reviewed-on: https://code.wireshark.org/review/22741
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Removed get_ipxnet_addr(), get_ether_addr(). If this feature is desired at
a minimum it should use an efficent data structure (and no disk-based
lookups mid-dissection).
Change-Id: Ie72449c631f21f4a3d82ec435bb5e1d7892f122c
Reviewed-on: https://code.wireshark.org/review/22729
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|