Guy Harris [Sun, 27 May 2012 23:50:14 +0000 (23:50 -0000)]
Clean up indentation (use spaces, not tabs).
svn path=/trunk/; revision=42870
Guy Harris [Sun, 27 May 2012 23:41:03 +0000 (23:41 -0000)]
Clean up indentation (remove tabs from one structure definition).
svn path=/trunk/; revision=42869
Guy Harris [Sun, 27 May 2012 23:32:12 +0000 (23:32 -0000)]
Clean up indentation (use spaces, not tabs).
svn path=/trunk/; revision=42868
Guy Harris [Sun, 27 May 2012 20:47:57 +0000 (20:47 -0000)]
From Evan Huus in bug 7295:
cppcheck realized that if_info is known not to be null in that code
path, and therefore that checking whether it's null in that code path is
unnecessary. Remove it.
svn path=/trunk/; revision=42867
Guy Harris [Sun, 27 May 2012 20:45:16 +0000 (20:45 -0000)]
From Evan Huus from bug 7295:
Fix an ancient copy-and-pasteo of mine ("me" here meaning Guy Harris,
not Evan Huus) - remove an unused data structure (used in the code I
copied and pasted to make this code, not used here).
svn path=/trunk/; revision=42866
Guy Harris [Sun, 27 May 2012 20:40:09 +0000 (20:40 -0000)]
vwr_read_rec_header()'s return value is used only to distinguish success
(read a record header) from failure (got an EOF or an error). Make it
just return a Boolean.
If it fails in vwr_read(), don't overwrite *err_info (yes,
vwr_read_rec_header() might have set *err_info, so don't lose - and
leak! - the value it returned) - trust vwr_read_rec_header(), or the
routines it calls, to have set it. (If there's a code path where that
doesn't happen, that code path needs to be fixed; the setting of
*err_info in vwr_read() should *not* be restored.)
Thanks to Evan Huus for finding a useless variable with cppcheck, and
reporting it in bug 7295, provoking me to look at this.
svn path=/trunk/; revision=42865
Gerald Combs [Sun, 27 May 2012 14:03:33 +0000 (14:03 -0000)]
[Automatic manuf, services and enterprise-numbers update for 2012-05-27]
svn path=/trunk/; revision=42862
Jörg Mayer [Sun, 27 May 2012 10:15:56 +0000 (10:15 -0000)]
- Update cmake, gnutls and pixman to current version
- unpack an xz file with xzcat instead of gzcat
- remove some trailing whitespace
- the update of gnutls required two changes in the gnutls
build stuff: a) gnutls.pc is now generated from gnutls.pc.in
and b) we now need to build with --without-p11-kit
svn path=/trunk/; revision=42861
Guy Harris [Sat, 26 May 2012 00:53:50 +0000 (00:53 -0000)]
I already got rid of that variable - it just mirrors cf->filename.
svn path=/trunk/; revision=42860
Guy Harris [Sat, 26 May 2012 00:44:49 +0000 (00:44 -0000)]
We can't save a live capture file with a ws_rename() on Windows, as we
have the file open. Go back to doing it with a copy on Windows.
Explain what the problem is, and give a way in which we might be able to
make it work on Windows (without using any NT native API calls...).
svn path=/trunk/; revision=42859
Guy Harris [Fri, 25 May 2012 21:58:10 +0000 (21:58 -0000)]
See if this fixes the include problem.
svn path=/trunk/; revision=42857
Guy Harris [Fri, 25 May 2012 21:52:50 +0000 (21:52 -0000)]
Fix some build problems.
svn path=/trunk/; revision=42856
Guy Harris [Fri, 25 May 2012 21:25:55 +0000 (21:25 -0000)]
Use GTK+'s GtkMessageDialog for the questions we ask in the process of
saving files, and run it modal (which we're already doing with the
GtkFileChooserDialog); this means less callback-based state machine
stuff, simplifying the code paths a bit.
If we're saving a file before closing it, don't bother reloading it
after saving it.
svn path=/trunk/; revision=42855
Guy Harris [Fri, 25 May 2012 18:50:47 +0000 (18:50 -0000)]
On a read error, always return a pointer to the merge_in_file_t for the
file from which we got the error.
On a successful read, always clear out err - wtap_read() doesn't set *err
on success.
svn path=/trunk/; revision=42854
Gerald Combs [Fri, 25 May 2012 18:25:31 +0000 (18:25 -0000)]
Add a null check to fix Coverity CID 280210. It doesn't look like we'd
run into this in the wild.
svn path=/trunk/; revision=42853
Guy Harris [Fri, 25 May 2012 09:58:42 +0000 (09:58 -0000)]
Well, "ui/gtk/capture_file_dlg.h" is needed on Win32.
svn path=/trunk/; revision=42851
Guy Harris [Fri, 25 May 2012 09:26:45 +0000 (09:26 -0000)]
ui/gtk/capture_file_dlg.h doesn't need to be included in these files.
svn path=/trunk/; revision=42850
Chris Maynard [Fri, 25 May 2012 02:51:23 +0000 (02:51 -0000)]
Fix Coverity CID 700177 Unused pointer value.
svn path=/trunk/; revision=42849
Chris Maynard [Fri, 25 May 2012 02:43:39 +0000 (02:43 -0000)]
The rest of the fix for Coverity CID's 280507 and 280508. (There were multiple occurrences grouped into the 2 CID's, but I hadn't noticed them all.)
svn path=/trunk/; revision=42848
Chris Maynard [Fri, 25 May 2012 02:18:49 +0000 (02:18 -0000)]
tvb_length_remaining() can return a negative number, so be sure to handle it. Fixes Coverity CID's 280507 and 280508.
svn path=/trunk/; revision=42847
Chris Maynard [Fri, 25 May 2012 02:04:29 +0000 (02:04 -0000)]
In ns_hrtime2nsec(), cast "val" to guint64 to fix Coverity CID 702389 Unintentional integer overflow.
svn path=/trunk/; revision=42846
Chris Maynard [Fri, 25 May 2012 01:49:49 +0000 (01:49 -0000)]
Add a "fallthrough" comment to avoid a missing break report from Coverity. Fixes Coverity CID 702382 Missing break in switch.
svn path=/trunk/; revision=42845
Chris Maynard [Fri, 25 May 2012 01:32:26 +0000 (01:32 -0000)]
In cap_pipe_open_live(), be sure to call ws_close(fd) before returning due to a couple of error condtions. Fixes Coverity CID 702395 Resource leak.
svn path=/trunk/; revision=42844
Chris Maynard [Fri, 25 May 2012 01:14:29 +0000 (01:14 -0000)]
Fix Coverity CID 701035: Dereference after null check of hfinfo.
svn path=/trunk/; revision=42843
Chris Maynard [Fri, 25 May 2012 00:54:49 +0000 (00:54 -0000)]
Fix Coverity CID 700201: Dereference after null check, by ensuring "decoder" is not NULL before passing it to ssl_decrypt_record().
svn path=/trunk/; revision=42842
Chris Maynard [Fri, 25 May 2012 00:43:32 +0000 (00:43 -0000)]
If either create_persconffile_dir() or ws_fopen() fail, then bail out. This avoids potentially dereferencing "daf" if it's NULL and fixes Coverity CID 281275.
svn path=/trunk/; revision=42841
Chris Maynard [Fri, 25 May 2012 00:29:46 +0000 (00:29 -0000)]
tvb_length_remaining() can return a negative number, so be sure to handle it. Fixes Coverity CID 281367.
svn path=/trunk/; revision=42840
Chris Maynard [Thu, 24 May 2012 23:35:23 +0000 (23:35 -0000)]
tvb_length_remaining() can return a negative number, so be sure to handle it. Fixes Coverity CID's 280233-280235.
svn path=/trunk/; revision=42839
Chris Maynard [Thu, 24 May 2012 23:31:38 +0000 (23:31 -0000)]
Update asn1-generated dissector.
svn path=/trunk/; revision=42838
Chris Maynard [Thu, 24 May 2012 23:14:30 +0000 (23:14 -0000)]
tvb_reported_length_remaining() can return a negative number. In dissect_gadu_gadu_userlist80_compressed(), bail out if it does. Fixes Coverity CID 703085. In dissect_gadu_gadu_stringz_cp1250(), be sure to compare against its return value as being only positve rather than non-zero. Also, fixed a couple of typos.
svn path=/trunk/; revision=42837
Jeff Morriss [Thu, 24 May 2012 21:38:22 +0000 (21:38 -0000)]
Don't include a Clear button in the packet- and capture-file-comment dialogs:
the user can just Ctrl-A + backspace if they want to do that.
svn path=/trunk/; revision=42836
Jeff Morriss [Thu, 24 May 2012 21:35:41 +0000 (21:35 -0000)]
Enable word wrapping for capture-file comments.
svn path=/trunk/; revision=42835
Jeff Morriss [Thu, 24 May 2012 21:33:25 +0000 (21:33 -0000)]
Get rid of the button row for the capture-file comments. Instead, turn the
whole summary dialog into an editor-like dialog with an OK and Cancel buttons
(OK sets the new capture file comment, Cancel doesn't).
In order to keep the dialog the same regardless of the file type (and avoid
having a Cancel and OK button when there's no text field to edit), allow
users to create or edit capture-file comments even if the file type is not
PCAPNG (they can add a comment via the add/edit comment UI anyway).
Don't include a Clear button: the user can just Ctrl-A + backspace if they
want to do that.
Don't set the comment text to "[None]" if there's no comment, just leave it
blank.
Don't allow the user to create more than 1 Summary dialog at a time.
svn path=/trunk/; revision=42834
Guy Harris [Thu, 24 May 2012 19:18:31 +0000 (19:18 -0000)]
Word-wrap comments in the display.
svn path=/trunk/; revision=42833
Jeff Morriss [Thu, 24 May 2012 18:59:39 +0000 (18:59 -0000)]
Use cf_update_capture_comment() to save the capture comment (instead of
summary_update_comment() which is no longer necessary).
cf_update_capture_comment() has the advantage that it doesn't mark the file
as unsaved unless the comment actually changed.
svn path=/trunk/; revision=42832
Jeff Morriss [Thu, 24 May 2012 18:55:38 +0000 (18:55 -0000)]
Free the new comment after calling gtk_text_buffer_set_text().
svn path=/trunk/; revision=42831
Jeff Morriss [Thu, 24 May 2012 18:54:03 +0000 (18:54 -0000)]
cf_update_capture_comment(): free the shb_inf when we're done with it.
svn path=/trunk/; revision=42830
Jeff Morriss [Thu, 24 May 2012 18:26:52 +0000 (18:26 -0000)]
menu_dissector_filter(): free the action_name when we're done with it.
capture_cb(): if we strrchr() didn't find a seperator, don't use
g_strdup_printf() to format the action_name (since that would have to be
freed), just set it to the action_name.
svn path=/trunk/; revision=42829
Jeff Morriss [Thu, 24 May 2012 18:11:55 +0000 (18:11 -0000)]
Free the comment after calling gtk_text_buffer_set_text().
svn path=/trunk/; revision=42828
Jeff Morriss [Thu, 24 May 2012 15:16:18 +0000 (15:16 -0000)]
Also allow the user to edit the capture-file comment if there is one (not
only if the capture file format is PCAPNG). This can happen if the user
does not have a PCAPNG file but has added a capture-file comment via the
add/edit capture file comment UI.
Replace some tabs with spaces and wrap a few long lines.
svn path=/trunk/; revision=42827
Jeff Morriss [Thu, 24 May 2012 14:52:06 +0000 (14:52 -0000)]
Followup to r42823: check for RVALS used without BASE_RANGE_STRING.
Also: identify problematic fields by hf_variable_name instead of name or
abbreviation (the variable name is sure to be unique).
svn path=/trunk/; revision=42826
Jakub Zawadzki [Thu, 24 May 2012 12:26:34 +0000 (12:26 -0000)]
Fix bug #7283
When Engine ID is 128 we should only break when we know the enterprise id.
svn path=/trunk/; revision=42825
Anders Broman [Thu, 24 May 2012 09:24:05 +0000 (09:24 -0000)]
From Stephen Donnelly:
Add frame.interface_id support for pcap DLT_ERF file format
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7281
svn path=/trunk/; revision=42824
Anders Broman [Thu, 24 May 2012 09:17:11 +0000 (09:17 -0000)]
From Martin Kaiser:
RVALS() needs BASE_RANGE_STRING
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7282
svn path=/trunk/; revision=42823
Guy Harris [Thu, 24 May 2012 07:51:39 +0000 (07:51 -0000)]
Now that cf_save_packets() can avoid doing a "fast path" save if the
source isn't compressed and the target is (or vice versa), enable the
"compressed" checkbox in the Save As and Export Specified Packets
dialog. Fix it to clear the checkbox if the selected file format
doesn't support gzipping.
svn path=/trunk/; revision=42822
Jakub Zawadzki [Thu, 24 May 2012 07:50:41 +0000 (07:50 -0000)]
Cleanup AUTHORS file.
- Merge duplicated entries for: Dominic Bechaz, Holger Hans Peter Freyther
- Remove duplicated entry for: Shiang-Ming Huang
svn path=/trunk/; revision=42821
Anders Broman [Thu, 24 May 2012 06:56:04 +0000 (06:56 -0000)]
From Mayuresh Raut.
Addition of DDMAP TLV and Downstream FEC stack change sub-TLV to DDMAP [RFC 6424]
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7006
svn path=/trunk/; revision=42820
Anders Broman [Thu, 24 May 2012 06:55:18 +0000 (06:55 -0000)]
From Mayuresh Raut.
Addition of DDMAP TLV and Downstream FEC stack change sub-TLV to DDMAP [RFC 6424]
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7006
svn path=/trunk/; revision=42819
Guy Harris [Thu, 24 May 2012 05:05:29 +0000 (05:05 -0000)]
Keep track, in Wiretap, of whether the file is compressed, and provide
an API to fetch that.
When doing "Save" on a compressed file, write it out compressed.
In the Statistics -> Summary dialog and in capinfos, report whether the
file is gzip-compressed.
svn path=/trunk/; revision=42818
Guy Harris [Thu, 24 May 2012 02:30:43 +0000 (02:30 -0000)]
We have to tell cf_save_packets() whether to save them in compressed
form; say "don't" for now.
svn path=/trunk/; revision=42817
Guy Harris [Thu, 24 May 2012 02:16:53 +0000 (02:16 -0000)]
In the "Save As" and "Export Specified Packets" code path, do a "safe
save" if the destination file exists.
Don't forbid overwriting an existing file in either of those cases (we
still forbid overwriting the current capture file) - the GUI asks the
user whether they want to do the overwrite, and allows them to cancel
out of it - and don't remove the file before writing to it (doing so
makes the save *un*safe).
Attempt to do a save of an unedited temporary file by just moving the
file on Windows as well as on UN*X - ws_rename() will remove the target
if necessary on Windows (and won't do it as a separate operation before
attempting the rename), so it behaves like ws_rename() on UN*X (which is
just a wrapper around rename()).
svn path=/trunk/; revision=42816
Pascal Quantin [Wed, 23 May 2012 20:51:38 +0000 (20:51 -0000)]
From Martin Kaiser via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7275 :
iso7816: dissect ATR (answer to reset)
svn path=/trunk/; revision=42814
Guy Harris [Wed, 23 May 2012 17:17:39 +0000 (17:17 -0000)]
Shrink the height of the "Save As" dialog, now that it no longer has
widgets to specify a range.
svn path=/trunk/; revision=42813
Jakub Zawadzki [Wed, 23 May 2012 12:20:15 +0000 (12:20 -0000)]
Fix bug #7277
Check tvb length before fetching data.
svn path=/trunk/; revision=42812
Anders Broman [Wed, 23 May 2012 10:47:52 +0000 (10:47 -0000)]
Dissect MAC and RLC for CHANNEL_FACH_FDD
svn path=/trunk/; revision=42811
Anders Broman [Wed, 23 May 2012 07:27:35 +0000 (07:27 -0000)]
Add conv_id.h
svn path=/trunk/; revision=42810
Anders Broman [Wed, 23 May 2012 07:13:43 +0000 (07:13 -0000)]
Add file missing from anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=42806
svn path=/trunk/; revision=42809
Anders Broman [Wed, 23 May 2012 06:55:31 +0000 (06:55 -0000)]
From Florent Drouin:
(Jeff Morriss, Michael Mann )
Add absolute timestamps to -z io,stat
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7207
svn path=/trunk/; revision=42808
Anders Broman [Wed, 23 May 2012 06:41:37 +0000 (06:41 -0000)]
From Stephen Donnelly:
Add frame.interface_id support for ERF file format
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7266
svn path=/trunk/; revision=42807
Anders Broman [Wed, 23 May 2012 06:36:47 +0000 (06:36 -0000)]
From Robert Bullen:
The Wireshark and tshark TCP conversations stats tables aggregate reused connections into a single line item
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7248
svn path=/trunk/; revision=42806
Anders Broman [Wed, 23 May 2012 06:26:46 +0000 (06:26 -0000)]
Fix a typo
svn path=/trunk/; revision=42805
Anders Broman [Wed, 23 May 2012 06:25:00 +0000 (06:25 -0000)]
From Jim Wright:
Enhance the DTN dissector so that it understands ECOS blocks (Extended Class of Service)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7242
svn path=/trunk/; revision=42804
Guy Harris [Wed, 23 May 2012 03:27:34 +0000 (03:27 -0000)]
Fix comparison of file extension with extensions for the file type -
compare extension with extension, not dot-plus-extension with extension.
Skip unnecesary test.
Clean up white space.
svn path=/trunk/; revision=42803
Bill Meier [Wed, 23 May 2012 03:26:35 +0000 (03:26 -0000)]
All:
- whitespace cleanup;
- Remove redundant code;
packet-ymsg.c:
- Check if bytes available before doing tvb fetch for heuristic check;
- Required tcp pdu "fixed part length" is 10 (not 8);
- Use val_to_str_const() as appropriate;
- Remove some unneeded initializations.
svn path=/trunk/; revision=42802
Bill Meier [Wed, 23 May 2012 03:22:51 +0000 (03:22 -0000)]
From Evan Huus: "Fix Potential padding issues in Yahoo dissectors"
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7276
svn path=/trunk/; revision=42801
Guy Harris [Wed, 23 May 2012 03:05:17 +0000 (03:05 -0000)]
In Windows, in the Save As and Export Selected Packets dialog, append
the default extension for the file type iff
the file type we're using has a list of extensions;
the file has no extension or it has one but it's not one of the
ones in the list.
*Don't* expect a file extension to be at most 5 characters plus the dot
- the extension for pcap-ng, our default capture file type, is "pcapng",
and that's 6 characters!
svn path=/trunk/; revision=42800
Guy Harris [Wed, 23 May 2012 01:06:51 +0000 (01:06 -0000)]
No packet range stuff for the "Save As" dialog.
svn path=/trunk/; revision=42799
Chris Maynard [Wed, 23 May 2012 00:56:15 +0000 (00:56 -0000)]
Fix Coverity CID 703086: Dereference after null check in decode_tcp_ports().
svn path=/trunk/; revision=42798
Jeff Morriss [Tue, 22 May 2012 23:59:41 +0000 (23:59 -0000)]
Fix: packet-gsm_a_gm.c:3965:6: error: comparison is always true due to limited range of data type [-Werror=type-limits]
svn path=/trunk/; revision=42797
Guy Harris [Tue, 22 May 2012 23:57:54 +0000 (23:57 -0000)]
Suppress a (legitimate) compiler warning for now, and leave a comment
indicating that we should do *something* about nanoseconds values >= 1
billion.
svn path=/trunk/; revision=42796
Guy Harris [Tue, 22 May 2012 22:57:37 +0000 (22:57 -0000)]
Separate callback to control the file type combo box in the "Export
Specified Packets" dialog.
svn path=/trunk/; revision=42795
Guy Harris [Tue, 22 May 2012 22:39:30 +0000 (22:39 -0000)]
Do the "Save As always saves the entire capture, Export Specified
Packets saves specified packets" stuff for Windows.
svn path=/trunk/; revision=42794
Jakub Zawadzki [Tue, 22 May 2012 22:34:57 +0000 (22:34 -0000)]
nflog dissector:
- dissect NFULA_TIMESTAMP as 16B time.
- fix byte_order_types (selecting BE selected little endian)
svn path=/trunk/; revision=42793
Guy Harris [Tue, 22 May 2012 22:17:57 +0000 (22:17 -0000)]
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
Anders Broman [Tue, 22 May 2012 21:12:59 +0000 (21:12 -0000)]
Fix PCH dissection
svn path=/trunk/; revision=42791
pascal [Tue, 22 May 2012 20:34:20 +0000 (20:34 -0000)]
Dissect Operator Specific Use container in Protocol Configuration Options IE
Put protocol and container ID in a subtree
svn path=/trunk/; revision=42790
Anders Broman [Tue, 22 May 2012 15:39:12 +0000 (15:39 -0000)]
Set paging indication and start fixing TFI list.
svn path=/trunk/; revision=42783
Jeff Morriss [Tue, 22 May 2012 14:00:19 +0000 (14:00 -0000)]
Get rid of non-ASCII chars. Remove a few trailing commas.
svn path=/trunk/; revision=42782
Anders Broman [Tue, 22 May 2012 12:35:49 +0000 (12:35 -0000)]
cf_save -> cf_save_as
svn path=/trunk/; revision=42781
Anders Broman [Tue, 22 May 2012 11:53:52 +0000 (11:53 -0000)]
Collect and use E-DCH data. + one file.
svn path=/trunk/; revision=42780
Anders Broman [Tue, 22 May 2012 11:53:12 +0000 (11:53 -0000)]
Collect and use E-DCH data.
svn path=/trunk/; revision=42779
Guy Harris [Tue, 22 May 2012 11:44:55 +0000 (11:44 -0000)]
Replace the File -> Export menu with separate:
File -> Export Packet Dissections
(for the "print to file", "export as CSV", "export as C array",
"export as PSML", and "export as PDML" items)
File-> Export Selected Packet Bytes
File -> Export SSL Session Keys
File -> Export Objects
(for exporting objects transferred over HTTP, DICOM, or SMB)
menu items.
The operations under Export really weren't that related - about all they
had in common was that they wrote to a file stuff other than packets
in a capture file format; the operations in the groups *under* Export
were related, so the groups are now menu items of their own.
This way, the File menu more immediately indicates what options of that
sort are available.
It also means that the Export Packet Dissections item might make it
clearer that what you get from that is *NOT* something that can just be
read back into Wireshark, as at least one user who asked "how do I get
my capture back from this?" on ask.wireshark.com thought. If that
doesn't suffice, perhaps renaming it to "Export Dissected Packets" would
help; if *that* doesn't suffice, perhaps Kevin Cullimore's suggestion
that it say "Report" rather than "Export" will do the trick:
From: Kevin Cullimore <kcullimo@runbox.com>
Subject: [Wireshark-users] Re: Should the "export as text" item be in an "Export Human-readable..." item in the File menu?
Date: May 19, 2012 8:31:23 PM PDT
To: wireshark-users <wireshark-users@wireshark.org>
Would classifying the asymmetric export (ones that lack a
corresponding "import" action) formats as "reports" help clear
up the original ambiguity/misunderstanding? It seems that most
of the gui-based network tools I'm forced to periodically
interact with rely upon that term with at least some success.
(Or perhaps some other verb would be right in some cases, e.g. "Save SSL
Session Keys".)
This also sets a pattern for another upcoming change - splitting "Save
As" into "Save As", which always saves every packet and makes the new
file the current file, and "{Verb} Specified Packets", which lets you
specify which packets to save and does *not* make the new file the
current file. That'd simplify the code a bit, and might clear up the
new only-in-the-trunk issue in bug 6640 - having "Save As" default to
saving displayed packets currently means that it acts more like the
latter of those functions.
svn path=/trunk/; revision=42778
Guy Harris [Tue, 22 May 2012 10:36:40 +0000 (10:36 -0000)]
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
Guy Harris [Tue, 22 May 2012 10:05:01 +0000 (10:05 -0000)]
Note that, given that ws_rename() is a wrapper around ws_stdio_rename()
on Windows, and that ws_stdio_rename() uses MoveFileEx() with
MOVEFILE_REPLACE_EXISTING and should therefore remove the target if it
exists, the extra "remove the target first" stuff should not be
necessary on Windows - if we remove it, it also keeps the code from
removing the target and then having the rename fail, with the result
that the target no longer exists.
svn path=/trunk/; revision=42776
Guy Harris [Tue, 22 May 2012 09:57:18 +0000 (09:57 -0000)]
Update comments to reflect that the GLib version is no longer relevant
(we require GLib 2.14 or later, and always use UTF-8 for pathnames on
Windows), to note that ws_stdio_rename() should have UN*X-style
rename semantics in that it removes the target if necessary, and to give
more details in other ways.
Clean up indetation a bit.
svn path=/trunk/; revision=42775
Ronnie Sahlberg [Tue, 22 May 2012 07:51:12 +0000 (07:51 -0000)]
TCP: Some protocols running ontop of TCP needs the PDUs to be delivered in order. for example decryption of DCERPCoverHTTP.
For such protocols, hte state gets out of sync of for example the same PDU is invoked twice in a row, which sometimes can happen if there is tcp retransmission and we see the same PDU twice. First for hte original segment and a second time for the tcp retransmission.
These protocols might lack an easy way to detect that a PDU is seen twice or out of order.
To handle this a little better, offer a TCP option that defaults to being disabled but when enabled skips invoking any subdissector for retransmitted or out of order packets.
(For some virtualization environments it sometimes becomes VERY common to see false tcp retransmissions due to segments being captured twice making this even worse)
We dont want this option to default to ON because for most cases we do want the current behaviour where the subdissector is called twice, or more, for any PDU that is retrasnmitted on the TPC layer.
For example, assume a SMB response packet is retransmitted on the TCP level.
This may result in a capture file that looks like
1 -> SMB request
2 <- SMB response to 1
... 1 second ...
3 <- SMB response to 1 TCP retransmission
For this case we definitely want packet 3 to be passed to the SMB layer so that
the request/respons ematching will detect that the response time for this transaction was > 1.0 second
We want smb.time to indicate the delta betwenn packets 1 and 3
as well as the SMB Service Response Time to indicate that this command took very long.
svn path=/trunk/; revision=42774
Ronnie Sahlberg [Tue, 22 May 2012 06:23:36 +0000 (06:23 -0000)]
HTTP: RPC/HTTP do a better detection and parsing of RPC over HTTP
From Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=42773
Ronnie Sahlberg [Tue, 22 May 2012 05:56:39 +0000 (05:56 -0000)]
packet-smb2: dissect the channel sequence in the SMB 2.2 header
From Stefan Metzmacher <metze@samba.org>
svn path=/trunk/; revision=42772
Ronnie Sahlberg [Tue, 22 May 2012 05:55:05 +0000 (05:55 -0000)]
SMB: Add dissection of TRANS2_REQUEST_TRANSPORT_ENCRYPTION messages
From Stefan Metzmacher <metze@samba.org>
svn path=/trunk/; revision=42771
Ronnie Sahlberg [Tue, 22 May 2012 05:53:28 +0000 (05:53 -0000)]
SMB: Dissect TRANS2_SET_FS_INFORMATION infolevel
From Stefan Metzmacher <metze@samba.org>
svn path=/trunk/; revision=42770
Ronnie Sahlberg [Tue, 22 May 2012 05:51:16 +0000 (05:51 -0000)]
SMB: Call dissect_nt_quota() via a new dissect_sfsi_request/response()
From Stefan Metzmacher <metze@samba.org>
svn path=/trunk/; revision=42769
Ronnie Sahlberg [Tue, 22 May 2012 05:48:55 +0000 (05:48 -0000)]
SMB2: Add dissection of the encrypted SMB2 headers
From Matthieu Patou <mat@matws.net>
svn path=/trunk/; revision=42768
Ronnie Sahlberg [Tue, 22 May 2012 05:46:47 +0000 (05:46 -0000)]
SMB2: Add support for the "encrypted" flag for shares
From Michael Adam <obnox@samba.org>
svn path=/trunk/; revision=42767
Ronnie Sahlberg [Tue, 22 May 2012 05:45:30 +0000 (05:45 -0000)]
SMB2: Fix, the flag is called PERSISTENT_HANDLES, not LARGE_MTU
From Michael Adam <obnox@samba.org>
svn path=/trunk/; revision=42766
Ronnie Sahlberg [Tue, 22 May 2012 05:44:07 +0000 (05:44 -0000)]
SMB2: Add support for SMB2_GLOBAL_CAP_ENCRYPTION flag
From Michael Adam <obnox@samba.org>
svn path=/trunk/; revision=42765
Guy Harris [Tue, 22 May 2012 03:52:12 +0000 (03:52 -0000)]
The GUI's state machine requires that, when reloading a capture after a
save, we post capture file callback events similar to the ones posted
when reading a capture - otherwise, the reload will leave the welcome
screen up.
Rename cf_cb_file_save_reload_finished to cf_cb_file_reload_finished,
add a cf_cb_file_reload_started callback, have them work similarly to
read_finished and read_started except that the reload uses "Reloading"
in the progress bar and status bar.
Clean up some indentation while we're at it.
svn path=/trunk/; revision=42764
Guy Harris [Tue, 22 May 2012 02:37:32 +0000 (02:37 -0000)]
Note that packet_range_calc() and packet_range_calc_user() can be
painfully slow with a large capture.
svn path=/trunk/; revision=42763
Jeff Morriss [Tue, 22 May 2012 01:59:34 +0000 (01:59 -0000)]
Finish fixing https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7270#c4 :
Revert r42758 as it only helps in one case; rather, fix it correctly: if
we're redissecting or refiltering, clear any frame dependencies as we go
along. (Fortunately, frame dependencies are all forward dependencies--
meaning that a given frame can only be depended upon by a later frame--
so we can do this as we rescan the packets/frames.)
svn path=/trunk/; revision=42762
pascal [Mon, 21 May 2012 21:49:11 +0000 (21:49 -0000)]
Fix indentation
svn path=/trunk/; revision=42760
pascal [Mon, 21 May 2012 20:51:22 +0000 (20:51 -0000)]
From gyanesh via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7267 :
Add dissector function for SPB link metric sub tlv (type 29)
svn path=/trunk/; revision=42759