Age | Commit message (Collapse) | Author | Files | Lines |
|
Because completed reassemblies are hashed in the reassembled_table for
all the frame numbers that contributed fragments,
fragment_get_reassembled_id() works wherever fragment_get_reassembled()
does, and also works where the fragment id is not the frame number.
However, since the reassembled_table hash key only depends on the
fragment id and the frame number, it only allows a frame to have
one reassembly with a given fragment id. Some protocols can have
more than one reassembly with a given fragment id (that differ on
addresses or other keys), such as GSM SMS, and the wrong reassembly
is retrieved on the second pass in those cases.
For this reason, we might want to add additional key elements to
reassembled_table, such as layer number. fragment_get_reassembled_id
already takes packet_info as a parameter and can accommodate that
without further changes, but fragment_get_reassembled cannot, so
remove the latter in favor of the former.
|
|
Closes #18125
|
|
It would be really nice if the PortableApps package builder exited
with an error to stdio instead of opening an dialog in a CI builder's
inaccessible UI session.
[skip ci]
|
|
Rename the wix_package target to wireshark_wix and the
portableapps_package target to wireshark_portableapps.
|
|
|
|
|
|
|
|
Use PROJECT_VERSION instead of VERSION. Prepend "PROJECT_" or
"LOG_PROJECT_" as needed to other variables. Remove the leftover unused
variables.
|
|
In commit 8c7e3f0d302200f22ea80822f47d9c7081c5f5b4, the config.nsh.in
was renamed as wireshark-config.nsh.in, and the config.nsh was renamed
as wireshark-config.nsh as well, but the wireshark-common.nsh still
includes the config.nsh, which will cause the packaging failed.
|
|
Commit 5cd591129f6ce44f2d8f511cd0d32a51a7675354 removes a number
of conversation related functions. Remove them from the debian
symbol list.
The commit also removed the implementation of conversation_hash_exact,
so remove the declaration from the header file.
|
|
Create Logwolf-specific copies of the various Wireshark NSIS config files
and modify them to install and uninstall Logwolf. There are still a bunch
of rough edges, but the installer works for a test capture I have here.
|
|
Recommend 3.6 or earlier for 32-bit users.
|
|
The NSIS project uses 2-space indentation. Make sure we conform to that.
|
|
Rename the following build targets, similar to the recent macOS target
name changes:
nsis_package_prep to wireshark_nsis_prep
nsis_package to wireshark_nsis
Rename some NSIS files to reflect that they're specific to Wireshark.
Update the documentation and CI configurations.
|
|
|
|
Rename the following build targets:
app_bundle to wireshark_app_bundle
dmg_package_prep to wireshark_dmg_prep
dmg_package to wireshark_dmg
Add logwolf_app_bundle, logwolf_dmg_prep, and logwolf_dmg targets and
packaging assets. Update the documentation.
We need to add a set of Logwolf version variables to CMake and
make-version.pl. Add a static logwolf-version attribute to
attributes.adoc in the mean time.
|
|
Add conversation_new_full and find_conversation_full, which take
arbitrary element lists instead of fixed addresses and ports.
Update the comments in conversation.h to be more Doxygen-conformant.
Update README.dissector.
Use the new functionality to add initial conversation support to the
Falco Bridge dissector.
|
|
[skip ci]
|
|
Make sure we don't trigger '-e'.
[skip ci]
|
|
Users might want to download a source tarball and build an RPM
package from it.
Have git-export-release.sh use git-archive's 'export-subst' feature
so that it can detect whether it is being run from a git repository
versus run from source extracted from a tarball produced by git-archive.
In the latter case, produce a helpful console message telling the
user to copy the downloaded tarball into the binary directory so
that the rpm-package target can succeed. Also update the Developer's
Guide to suggest this as well.
We could try to create our own archive using tar, but there are
several possible gotchas, such as in-source builds, excluding a build
directory that is a subdirectory of the source dir, excluding unknown
different build directories from previous builds, dealing with different
options in different versions of tar, etc. This is good enough for
the common case, and anyone who wants something more complicated can
hopefully create their own tarball.
Fix #15167
|
|
Add get_configuration_namespace() and use it in code that writes
"generated by" comments at the top of various configuration files.
Update our Logwolf colorfilters.
|
|
Tarballs created by git archive have the commit ID stored in their
header. Only preserve a preexisting tarball if that commit ID matches
that of the current commit, even if the versions match.
Fix the creation of a temporary commit for when the working directory
does not match the tree. (When git diff-index is called without
--quiet or --exit-code, the exit code is success even when there
are differences). Use git stash create, as it is intended for scripts
like this; it creates a temporary stash not stored in the ref namespace
which does not require being popped later, and does nothing and outputs
the empty string instead of a commit ID if there are no local changes.
This helps when generating tarballs or building rpm packages repeatedly
out of a changing working tree.
|
|
|
|
Fedora now supports rpm options to build with clang as the compiler
https://docs.fedoraproject.org/en-US/packaging-guidelines/#compiler
|
|
Fix some deprecated and obsolete syntax from the rpm specfile that
modern distributions complain about:
Don't specify the BuildRoot
Don't have a %clean section
Don't remove the BuildRoot at the start of %install
Don't repeat Name in summary
Version the Obsoletes
Have a %build section
Escape macros in changelog
Remove comment about user setting _smp_mflags since rpm does that
automatically better now
Be consistent about spaces and tabs (tabs are used)
|
|
SUSE 15.1 moved to out of source builds, and sets a builddir
appropriately, but it makes some decisions about automatically
entering the build dir when building or installing that are
handled by the distribution's various Make and Ninja macros
differently than other distributions and later SUSE releases.
Work around it, so that both ninja and make builds work on
SUSE 15.1 (both OpenSUSE and SLES)
Related to #17910
|
|
Update glib and cmake requirements in the rpm spec, and also remove
some RHEL 7 conditions associated with them, since the versions of
glib and cmake in RHEL 7 are too old to be supported.
|
|
Sparkle's XPC services are only needed if we're sandboxing, so remove
them.
[skip ci]
|
|
Sign our XPCs. Add another Brotli fixup.
|
|
Update our application bundle script to handle Sparkle 2 and its assets.
|
|
Convert our conversation protocols to a dynamic list and add
add_conversation_filter_protocol(). Use it in the Falco Bridge plugin to
add protocols with conversation filters.
|
|
Add an absolute value function for ftypes.
|
|
|
|
"C:\Development\wsbuild64\Wireshark.sln" (default target) (1) ->
"C:\Development\wsbuild64\epan\dfilter\dfilter.vcxproj.metaproj" (default target) (18) ->
"C:\Development\wsbuild64\epan\dfilter\dfilter.vcxproj" (default target) (108) ->
(ClCompile target) ->
C:/Development/wireshark/epan/dfilter/scanner.l(463,54): warning C4267: '+=': conversion from 'size_t' to 'int
', possible loss of data [C:\Development\wsbuild64\epan\dfilter\dfilter.vcxproj]
C:/Development/wireshark/epan/dfilter/scanner.l(463,54): warning C4267: state->location.col_start += sta
te->location.col_len; [C:\Development\wsbuild64\epan\dfilter\dfilter.vcxproj]
C:/Development/wireshark/epan/dfilter/scanner.l(463,54): warning C4267:
^ (compiling source file C:\Development\wsbuild64\epan\dfilter\scanner.c) [C:\Development\ws
build64\epan\dfilter\dfilter.vcxproj]
|
|
|
|
In conversation_filter.h, add a separate log_conv_filter_list. Use it in
register_log_conversation_filter and add conversation_filter_from_log.
It looks like we no longer use find_conversation_filter externally, so
remove it from the API.
|
|
Add location tracking as a column offset and length from offset
to the scanner. Our input is a single line only so we don't need
to track line offset.
Record that information in the syntax tree. Return the error location
in dfilter_compile(). Use it in dftest to mark the location of the
error in the filter string. Later it would be nice to use the location
in the GUI as well.
$ dftest "ip.proto == aaaaaa and tcp.port == 123"
Filter: ip.proto == aaaaaa and tcp.port == 123
dftest: "aaaaaa" cannot be found among the possible values for ip.proto.
ip.proto == aaaaaa and tcp.port == 123
^~~~~~
|
|
|
|
|
|
Add argument to dfilter_compile_real() to save syntax tree text
representation.
Use it with dftest to print syntax tree.
Misc debug output format improvements.
|
|
|
|
Add a logwolf_app_bundle target and update osx-app.sh to handle
different application bundle names.
|
|
|
|
Rename init_progfile_dir to configuration_init. Add an argument which
specifies our configuration namespace, which can be "Wireshark"
(default) or "Logwolf".
|
|
Add a separate UI application named "Logshark". It's currently a very
thin superclass of Wireshark, but that will change over time. Based on
work by Loris Degioanni.
|
|
Rename Info.plist.in to WiresharkInfo.plist.in and copy it to
LogsharkInfo.plist.in.
|
|
|
|
This replaces the current macro reference system with
a completely different implementation. Instead of a macro a reference
is a syntax element. A reference is a constant that can be filled
in the dfilter code after compilation from an existing protocol tree.
It is best understood as a field value that can be read from a fixed
tree that is not the frame being filtered. Usually this fixed tree
is the currently selected frame when the filter is applied. This
allows comparing fields in the filtered frame with fields in the
selected frame.
Because the field reference syntax uses the same sigil notation
as a macro we have to use a heuristic to distinguish them:
if the name has a dot it is a field reference, otherwise
it is a macro name.
The reference is synctatically validated at compile time.
There are two main advantages to this implementation (and a couple of
minor ones):
The protocol tree for each selected frame is only walked if we have a
display filter and if the display filter uses references. Also only the
actual reference values are copied, intead of loading the entire tree
into a hash table (in textual form even).
The other advantage is that the reference is tested like a protocol
field against all the values in the selected frame (if there is more
than one).
Currently the reference fields are not "primed" during dissection, so
the entire tree is walked to find a particular reference (this is
similar to the previous implementation).
If the display filter contains a valid reference and the reference is
not loaded at the time the filter is run the result is the same as a
non existing field for a regular READ_TREE instruction.
Fixes #17599.
|
|
|
|
|