[Wireshark-dev] Pending LUA MRs

2023-01-03 Thread Anders Broman via Wireshark-dev 
Hi,
Can some one familiar with LUA please look at the LUA MRs I have tried to put 
labels on LUA related MRs. Non core developers can assist by leaving comments.
Best regards
Anders
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] MSVC gives warnings "qt_ui_utils.cpp(208, 25): warning C4996: 'QProcess::startDetached'"

2022-02-11 Thread Anders Broman via Wireshark-dev 
Hi,

Latest released one

C:\Qt\5.15.2

Regards

Anders



From: Roland Knall 
Sent: den 11 februari 2022 11:12
To: Developer support list for Wireshark 
Cc: Anders Broman 
Subject: Re: [Wireshark-dev] MSVC gives warnings "qt_ui_utils.cpp(208, 25): 
warning C4996: 'QProcess::startDetached'"



Which Qt version are you on?



Am Fr., 11. Feb. 2022 um 11:06 Uhr schrieb Anders Broman via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> >:

Hi,

Just built and got the following warning:



 ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: 
'QProcess::startDetached': Use QProcess::startDetached(const QString , 
const QStringList ) instead 
[C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

   ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: success = 
QProcess::startDetached(command); 
[C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

   ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: 
^ [C:\Development\wsbuild64\ui\qt\qtui.vcxproj]



1 Warning(s)



Regards

Anders

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
<mailto:wireshark-dev-requ...@wireshark.org> ?subject=unsubscribe



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] MSVC gives warnings "qt_ui_utils.cpp(208, 25): warning C4996: 'QProcess::startDetached'"

2022-02-11 Thread Anders Broman via Wireshark-dev 
Hi,

Just built and got the following warning:

 

 ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996:
'QProcess::startDetached': Use QProcess::startDetached(const QString
, const QStringList ) instead
[C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

   ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996: success =
QProcess::startDetached(command);
[C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

   ..\ui\qt\utils\qt_ui_utils.cpp(208,25): warning C4996:
^ [C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

 

1 Warning(s)

 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Including sharkd in the installation downloads

2022-01-06 Thread Anders Broman via Wireshark-dev 
Hi,

I guess it is just a matter of doing a section for sharkd in the Wireshark.nsi 
file similar to tshark?



:

  !insertmacro MUI_DESCRIPTION_TEXT ${SecTShark} "Text based network protocol 
analyzer."

:

Section "TShark" SecTShark

;---

SetOutPath $INSTDIR

File "${STAGING_DIR}\tshark.exe"

File "${STAGING_DIR}\tshark.html"

SectionEnd



Regards

Anders



From: Wireshark-dev  On Behalf Of Paul 
Offord
Sent: den 5 januari 2022 23:55
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] Including sharkd in the installation downloads



Hi,



There is a tremendous push for automation at work, and I'm sure other 
enterprises have the same aspirations.  Sharkd provides all the power of 
Wireshark dissection and filtering in a way that can easily be driven by an 
automation script.



It's quite difficult to get permission to instal Wireshark, and there is zero 
chance of us being allowed to build a copy from source.  I'm sure similar 
restrictions apply to many in large organisations.



Is it possible to include sharkd in the installers?



Best regards...Paul




-- 

Paul Offord



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Failed build on SLED 15

2021-12-30 Thread Anders Broman via Wireshark-dev 
Hi,

We get 

glib-compat.h:31:7: note: include '' or provide a declaration of
'memcpy'

when building on SLED 15.

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] TCP reassembly fails when ethernet tunnled over TCP

2021-11-12 Thread Anders Broman via Wireshark-dev 
Hi,

We have a proprietary protocol sending usually small frames mixed with
larger tunneled ethernet frames over TCP. If we then have a TCP segment
where the ethernet frame

Spans 2 segments reassembly fails presumably because pinfo does not have the
IP address of the TCP segment. I think we would need a way to create a new
pinfo structure

For the tunneled frame? How to do that or some other way to solve the
problem? In our case we only have ethernet and a vlan tag then our protocol
again so

We "fixed" that by dissecting those bytes in the internal dissector. But I
think it may be a generic problem for tunneling that may deserve a proper
fix.

tcp_dissect_pdus() is used

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] I have added another file to wireshark but keep getting unresolved references

2021-10-24 Thread Anders Broman via Wireshark-dev 
Hi,
Did you try to delete the build dir and re-run CMake?
Regards
Anders

-Original Message-
From: Wireshark-dev  On Behalf Of Richard 
Sharpe
Sent: den 24 oktober 2021 15:17
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] I have added another file to wireshark but keep 
getting unresolved references

Hi folks,

I have added another file to Wireshark but when I build I keep getting this:

--
[ 79%] Linking C executable run/sharkd
/usr/bin/ld: run/libwireshark.so.14.0.8: undefined reference to 
`dissect_neighbor_report'
collect2: error: ld returned 1 exit status
make[2]: *** [CMakeFiles/sharkd.dir/build.make:160: run/sharkd] Error 1
make[1]: *** [CMakeFiles/Makefile2:3630: CMakeFiles/sharkd.dir/all] Error 2
make: *** [Makefile:160: all] Error 2


The function is not static and the file has a handoff section and I have added 
the file to the files list in epan/dissectors/CMakeLists.txt.

What else should I do?

--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者)
___
Sent via:Wireshark-dev mailing list 
Archives:
https://protect2.fireeye.com/v1/url?k=7fa4649d-203f5d98-7fa42406-86959e472243-36d92ad18a6c6eb6=1=2ced34b0-e6b9-4385-b2f5-2a58860d3081=https%3A%2F%2Fwww.wireshark.org%2Flists%2Fwireshark-dev
Unsubscribe: 
https://protect2.fireeye.com/v1/url?k=fa656564-a5fe5c61-fa6525ff-86959e472243-00731add9e780d9f=1=2ced34b0-e6b9-4385-b2f5-2a58860d3081=https%3A%2F%2Fwww.wireshark.org%2Fmailman%2Foptions%2Fwireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Debianbuild fails on Ubuntu 18.04

2021-10-21 Thread Anders Broman via Wireshark-dev 
Hi,
Thanks a lot Balint!
I will try it out as soon as I can.
Regards
Anders

-Original Message-
From: Bálint Réczey  
Sent: den 21 oktober 2021 10:48
To: Developer support list for Wireshark 
Cc: Anders Broman 
Subject: Re: [Wireshark-dev] Debianbuild fails on Ubuntu 18.04

Hi Anders,

Anders Broman via Wireshark-dev  ezt írta
(időpont: 2021. okt. 20., Sze, 11:24):
>
> Hi,
>
> I can no longer create a debian package on Ubuntu 18.04...

The build fails due to a debhelper bug.
I've submitted the workaround at
https://gitlab.com/wireshark/wireshark/-/merge_requests/4755 .

Cheers,
Balint


>
>
> Best regards
>
> Anders
>
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>  mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Debianbuild fails on Ubuntu 18.04

2021-10-20 Thread Anders Broman via Wireshark-dev 
Hi,

I can no longer create a debian package on Ubuntu 18.04...

 

Best regards

Anders


# check all necessary headers are included
cc -c debian/headers-check.c -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include -Wdate-time -D_FORTIFY_SOURCE=2 -g 
-O2 -fdebug-prefix-map=/home/ericsson/wireshark=. -fstack-protector-strong 
-Wformat -Werror=format-security -Idebian/libwireshark-dev/usr/include 
-Idebian/libwireshark-dev/usr/include/wireshark 
-Idebian/libwiretap-dev/usr/include/wireshark 
-Idebian/libwsutil-dev/usr/include/wireshark -o /dev/null
make[1]: Leaving directory '/home/ericsson/wireshark'
   dh_installdocs -O--buildsystem=cmake
   dh_installchangelogs -O--buildsystem=cmake
   dh_installman -O--buildsystem=cmake
   dh_installdebconf -O--buildsystem=cmake
   dh_python3 -O--buildsystem=cmake
E: dh_python3 dh_python3:176: no package to act on (python3-foo or one with 
${python3:Depends} in Depends)
   dh_installinit -O--buildsystem=cmake
   dh_installsystemduser -O--buildsystem=cmake
   dh_lintian -O--buildsystem=cmake
   dh_icons -O--buildsystem=cmake
   dh_perl -O--buildsystem=cmake
   dh_link -O--buildsystem=cmake
   dh_strip_nondeterminism -O--buildsystem=cmake
   dh_compress -O--buildsystem=cmake
   debian/rules override_dh_fixperms
make[1]: Entering directory '/home/ericsson/wireshark'
dh_fixperms
chmod 644 debian/wireshark-dev/usr/share/pyshared/make-plugin-reg.py \
debian/wireshark-dev/usr/share/pyshared/wireshark_be.py \
debian/wireshark-dev/usr/share/pyshared/wireshark_gen.py
make[1]: Leaving directory '/home/ericsson/wireshark'
   dh_missing -O--buildsystem=cmake
dh_missing: usr/bin/sharkd exists in debian/tmp but is not installed to anywhere
dh_missing: usr/bin/idl2wrs exists in debian/tmp but is not installed to 
anywhere
dh_missing: usr/include/wireshark/file.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/ws_symbol_export.h exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/include/wireshark/globals.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/ws_diag_control.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/cli_main.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/cfile.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/ws_compiler_tests.h exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/include/wireshark/ws_attributes.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/ws_log_defs.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/ws_version.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/wiretap/secrets-types.h exists in debian/tmp 
but is not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/wtap_opttypes.h exists in debian/tmp 
but is not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/wtap.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/pcap-encap.h exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/file_wrappers.h exists in debian/tmp 
but is not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/merge.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/pcapng_module.h exists in debian/tmp 
but is not installed to anywhere
dh_missing: usr/include/wireshark/wiretap/wtap_modules.h exists in debian/tmp 
but is not installed to anywhere
dh_missing: usr/include/wireshark/epan/diam_dict.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/epan/conversation_debug.h exists in 
debian/tmp but is not installed to anywhere
dh_missing: usr/include/wireshark/epan/maxmind_db.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/epan/frame_data.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/epan/x264_prt_id.h exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/include/wireshark/epan/guid-utils.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/epan/packet.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/epan/dvb_chartbl.h exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/include/wireshark/epan/ax25_pids.h exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/include/wireshark/epan/t35.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/epan/expert.h exists in debian/tmp but is not 
installed to anywhere
dh_missing: usr/include/wireshark/epan/print.h exists in debian/tmp but is not 
installed to anywhere
dh_missing:

[Wireshark-dev] Warning message when starting wireshark "color_filters.c:658 -- read_filters_file(): Could not compile "Checksum Errors" in colorfilters "

2021-10-08 Thread Anders Broman via Wireshark-dev 
Hi,

Top of trunk I get

** (wireshark:13228) 12:52:43.789284 [Epan WARNING]
C:\Development\wireshark\epan\color_filters.c:658 -- read_filters_file():
Could not compile "Checksum Errors" in colorfilters file
"C:\Development\wsbuild-gpl\run\RelWithDebInfo\colorfilters".

"Bad" cannot be converted to Unsigned integer, 1 byte.

** (wireshark:13228) 12:52:44.177545 [Main MESSAGE] -- Wireshark is up and
ready to go, elapsed time 6,160s

 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] New Warnings on Windows builds? Related to defilter changes?

2021-10-05 Thread Anders Broman via Wireshark-dev 
Hi,

Recently these warnings started to show up

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(49,1):
warning C4005: 'INT8_MIN': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(49,1):
warning C4005: #define INT8_MIN (-127i8 - 1)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(49,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(50,1):
warning C4005: 'INT16_MIN': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(50,1):
warning C4005: #define INT16_MIN(-32767i16 - 1)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(50,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(51,1):
warning C4005: 'INT32_MIN': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(51,1):
warning C4005: #define INT32_MIN(-2147483647i32 - 1)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(51,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(53,1):
warning C4005: 'INT8_MAX': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(53,1):
warning C4005: #define INT8_MAX 127i8
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(53,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(54,1):
warning C4005: 'INT16_MAX': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(54,1):
warning C4005: #define INT16_MAX32767i16
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(54,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(55,1):
warning C4005: 'INT32_MAX': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(55,1):
warning C4005: #define INT32_MAX2147483647i32
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(55,1):
warning C4005: ^ (compiling source file
C:\Development\wsbuild-gpl\epan\dfilter\scanner.c)
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

 C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(57,1):
warning C4005: 'UINT8_MAX': macro redefinition
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual
Studio\2019\Enterprise\VC\Tools\MSVC\14.29.30133\include\stdint.h(57,1):
warning C4005: #define UINT8_MAX0xffui8
[C:\Development\wsbuild-gpl\epan\dfilter\dfilter.vcxproj]

   C:\Program Files (x86)\Microsoft Visual

[Wireshark-dev] Compilation on Windows taking a very long time?

2021-10-04 Thread Anders Broman via Wireshark-dev 
Hi,

Is it just me or is compilation time on Windows much longer now?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Edit resolved name stopped working?

2021-09-10 Thread Anders Broman via Wireshark-dev 
Hi,

Has "Edit resolved name" stopped working or what needs to be set in order
for it to work?

In a trace with no resolved IPs the menu "Edit resolved names" is greyed
out.

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Wireshark does not build on Ubunty 18.04 with LZ4 (to old version?)

2021-09-07 Thread Anders Broman via Wireshark-dev 
Hi,

Build fails complaining on  

wiretap/file_wrappers.c:199:5 error: unknown type name 'LZ4F_dctx'

 

As far as I understand in the older package it uses LZ4F_dctx_s

Should we require a higher version of the LZ4 library?

 

 

Do we need something like this:
(https://github.com/facebook/hhvm/blob/master/CMake/FindLZ4.cmake)


# fb-mysql requires LZ4F_resetDecompressionContext() which was added in
v1.8.0


if (LZ4_LIBRARY)


  include(CheckCSourceRuns)


  set(CMAKE_REQUIRED_INCLUDES ${LZ4_INCLUDE_DIR})


  set(CMAKE_REQUIRED_LIBRARIES ${LZ4_LIBRARY})


  check_c_source_runs("


#include 


int main() {


  int good = (LZ4_VERSION_MAJOR > 1) ||


((LZ4_VERSION_MAJOR == 1) && (LZ4_VERSION_MINOR >= 8));


return !good;


}" LZ4_GOOD_VERSION)


  set(CMAKE_REQUIRED_INCLUDES)


  set(CMAKE_REQUIRED_LIBRARIES)


endif()

 

Best regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] ASN.1-based dissector decoding by port number vs switch/case using 1st octet

2021-06-22 Thread Anders Broman via Wireshark-dev 
Hi,

I think you should go for 2. Wouldn’t this type of construct from the goose 
protocol work?

 

GSEMngtRequests ::= CHOICE {

   getGoReference[1] IMPLICIT 
GetReferenceRequestPdu,

   getGOOSEElementNumber [2] IMPLICIT 
GetElementRequestPdu,

   getGsReference [3] IMPLICIT 
GetReferenceRequestPdu,

   getGSSEDataOffset   [4] IMPLICIT 
GetElementRequestPdu,

   ...

}

e.g.

MyNewProtocolMessages ::= CHOICE{

   myMeasge1 [1] IMPLICIT MyMessage1,

   :

Repeated as many times as needed, MyMessage1 could have sub messages or 
whatever…

I assume the encoder will be using an ASN1 encoder to serialize the data.

Regards

Anders

 

From: Wireshark-dev  On Behalf Of Vincent 
Randal
Sent: den 22 juni 2021 08:55
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] ASN.1-based dissector decoding by port number vs 
switch/case using 1st octet

 

Hello everyone in the Wireshare-dev community,

 

The primary question in this email (but I think it requires some explanation 
below): How does one write an ASN.1-based dissector such that the generated 
code (per "make asn1") does indeed decode the first octet as the message type 
using C-style switch/case construct? 

 

In May I sat in (online) at an online Wireshark Developer Den meeting. I asked 
about encoding schemes like that in IEEE 1451.0 where the first octet is used 
to decode the message. I got a response indicating it was natural to use a 
switch/case statement in C programming to decode the messages (all of them, 
with one switch/case statement). [I gather that one switch/case statement for 
decoding all messages of a protocol implies one enumeration table for encoding 
them in the first octet.]


But I did not understand that until today. Nor did I know how to modify the 
ASN.1-based dissector “foo” to make it work with a switch/case statement. It 
had build errors from the change to cmake; I renamed it “myfoo” in my 
repository and fixed the build errors (I have been slow to make a MR, merge 
request, for it). I made the decision to base decoding entirely on port number 
and make one dissector per message per port number. Yuck, but that’s what I 
did. The current approach would add over 100 new folders to asn1 folder in 
(./epan/dissectors/asn1).  Is that acceptable? To add over 100 new folders in 
asn1 for a new protocol? [I am helping design a new protocol]. 

 

I am consider two options:

 

1. Explore the possibility of using a port-range since tcpdump and tshark 
support portrange filtering. To me that implies the possibility that people 
could indeed be implementing protocols with one dissector per message per port 
(and conceivably are using a lot ports for a single protocol in some cases). 
This new protocol allows for hundreds of unique messages. It seems, however, a 
port range of several hundred ports for one protocol is impractical and 
wasteful of port numbers. But ignoring that objection for the moment I press 
on, and ask how I might I put several hundred dissectors into a single 
source-tree under the asn1 folder (in ./epan/dissectors/asn1)? Again, assuming 
it's okay to use up several hundred UDP ports for a single protocol: What 
success might have during build step "make asn1" that it will generate 
dissectors from a source-tree of dissectors in one folder in the asn1 folder? 
For example, I am thinking I will put a group of dissectors in ./asn1/netsvc/ 
and another group in ./asn1/xdrsvc, and so on. Is anyone doing this? Is this 
supported in the current build process?

 

2. Give up on #1 above, and do something sane like use the first octet to 
encode the message type rather than waste hundreds of ports on a 
single-port-per-message-per-dissector approach describe in #1 above. This 
brings me back to the response I got in the Wireshark Developer Den in May: Use 
a C switch/case statement to decode the messages. Okay, I want to that do that. 
But I don't know how to do that for ASN.1-based dissectors. If I can learn how 
to do that then I would revise the "foo" dissector (simple ASN.1-based 
dissector) to be exactly that, get it working, and make my MR (merge-request 
for that and final give something back to this community that has been so 
helpful to me).

 

I like option #2 above, because it uses a single UDP for the entire protocol 
(again, this is a new protocol being developed as an IEEE standard). We could 
still end up using a few ports perhaps (one port per group of messages). For 
example, IEEE 1451.0 Network Services would get one UDP port, IEEE 1451.0 
Transducer Services would get another port, and so on. Then the protocol would 
need only a handful of port numbers at the most. Either way the issue remains: 
How does one even begin to write an ASN.1-based dissector such that the 
generated code (per "make asn1")

Re: [Wireshark-dev] ASN1: How to display an octet-string as UTF16 LE

2021-06-16 Thread Anders Broman via Wireshark-dev 


-Original Message-
From: Wireshark-dev  On Behalf Of Isaac 
Boukris
Sent: den 16 juni 2021 12:52
To: wireshark-dev@wireshark.org
Subject: [Wireshark-dev] ASN1: How to display an octet-string as UTF16 LE

Hello,

I'd like to add the following asn1 struct to the credssp dissector (following 
MR 3020):
TSRemoteGuardPackageCred ::= SEQUENCE {
packageName [0] OCTET STRING,
credBuffer  [1] OCTET STRING
}

It gets displayed like this:
logonCred
packageName: 4b00650072006200650072006f007300
credBuffer:
0a00020073041805200093046182046f…

Now, the package name is a UTF16 LE string (Kerberos), and I wonder if there is 
an easy way to make it display it as a string instead of HEX
- thoughts?

Thanks!

Hi,
If it's always an UTF16 string you will have to do .cnf magic and add something 
like
proto_tree_add_item(tree, hf_krb_pac_upn_upn_name, tvb, upn_offset, upn_len, 
ENC_UTF_16|ENC_LITTLE_ENDIAN);

Regards
Anders

___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] MR 2984 stuck?

2021-05-24 Thread Anders Broman via Wireshark-dev 
Hi,

Could someone have a look at

https://gitlab.com/wireshark/wireshark/-/merge_requests/2984

It seems like the pipelines are stuck?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] MR that commes up as "OK to Merge" fails pipline

2021-04-21 Thread Anders Broman via Wireshark-dev 
Hi,

This MR  
https://gitlab.com/wireshark/wireshark/-/merge_requests/2178 passed check
but failed merge at the firsts attempt - the author then amended

It passed check and came up with a green merge button. It then fails
pipeline. What should it have been done instead?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] still unclear how to build a new ASN.1-based dissector

2021-04-19 Thread Anders Broman via Wireshark-dev 
Hi,

Perhaps a misconception here, the generated files are part of the source tree 
currently so when you change any of the files in the

../asn1/foo directory you need to run make foo and check in the generated .c 
and optionally .h file.

 

So on the very first round add the directory and files in the /foo directory DO 
NOT change cmake for the generated files yet

Run cmake to have the cmake files generated needed to generate asn1 dissectors.

Run make foo

You should now have generated .c and possibly .h files in your src dir

Check them in and update the cmake files to include the f´generated .c .h files

Run make to have them built

 

Best regards

Anders

 

From: Wireshark-dev  On Behalf Of Vincent 
Randal
Sent: den 19 april 2021 05:06
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] still unclear how to build a new ASN.1-based 
dissector

 

CORRECTION:  I omitted the troublesome steps (underlined) when describing the 
problem:

git clone https://   wireshark

cd wireshark

git checkout wireshark-3.4.4

cd wireshark/epan/dissectors

cp ~/myfoo.tgz . #copy dissector code into wireshark clone

tar xvf myfoo.tgz #extract the dissector code (details in previous email)

cd ../../..

mkdir build

cd build

cmake ../wireshark #this step worked previously but not on a fresh wireshark 
clone now

make asn1 #with relevant entries in two CMakeListsCustom files

make

 

On Sun, Apr 18, 2021 at 8:15 PM Vincent Randal mailto:vtran...@gmail.com> > wrote:

Hello Wireshark-dev community,

 

Apparently, I still don't have the correct sequence of steps necessary for 
first time generation of "packet-myfoo.c" and "packet-myfoo.h" for a new 
ASN.1-based dissector called myfoo. Details follow.

 

I would like to understand (much better than I do) how to add an ASN.1-based 
dissector to epan/dissectors/asn1 in a fresh clone of wireshark. I got a lot of 
help from a lot of people last week (for which I am grateful) but I must still 
be missing a step here:

git clone https://   wireshark

cd wireshark

git checkout wireshark-3.4.4

cd ..

mkdir build

cd build

cmake ../wireshark #this step worked previously but not on a fresh wireshark 
clone now

make asn1 #with relevant entries in two CMakeListsCustom files

make

 

When I add my dissector folder "myfoo" to epan/dissectors/asn1 here's the 
relevant error messages from cmake (with some highlighting by me):

-- Configuring done
CMake Error at epan/dissectors/CMakeLists.txt:2004 (add_library):
  Cannot find source file:

/home/vtrandal/ws1/wireshark/epan/dissectors/packet-myfoo.c

  Tried extensions .c .C .c++ .cc .cpp .cxx .cu .m .M .mm .h .hh .h++ .hm
  .hpp .hxx .in .txx

CMake Error at epan/dissectors/CMakeLists.txt:2004 (add_library):
  No SOURCES given to target: dissectors

[end of cmake error messages]

 

The point of the above cmake error messages is that the "packet-myfoo.c" and 
"packet-myfoo.h" files have not yet been generated (and I don't know how to 
generate them). I do not know how I got past the cmake step before, but I was 
lucky (and unlucky now). The ASN.1-based dissector code is in the attached .tgz 
file which I extract in epan/dissectors as follows:

tar xvf myfoo.tgz

./CMakeListsCustom.txt <== contains entry for myfoo
./asn1/CMakeListsCustom.txt <== contains entry for myfoo
./asn1/myfoo/
./asn1/myfoo/myfoo.asn
./asn1/myfoo/myfoo.cnf
./asn1/myfoo/CMakeLists.txt
./asn1/myfoo/packet-myfoo-template.h
./asn1/myfoo/packet-myfoo-template.c

 

I apologize in advance for being thick-headed about the process of adding a new 
ASN.1-based dissector to epan/dissectors/asn1 in Wireshark. With help from a 
lot of people I got it to compile previously (again for which I am grateful). 
But I cannot repeat that success starting with a fresh clone of wireshark 
regardless of the branch. Somehow I still don't have the correct sequence of 
steps necessary to generate "packet-myfoo.c" and "packet-myfoo.h" the first 
time. With my dissector code in epan/dissectors the cmake step fails and I 
cannot make  anything. 

 

Vincent

 

NOTE: The attached dissector code is based on the simple ASN.1-based dissector 
example online. 
https://www.wireshark.org/docs/wsdg_html_chunked/SimpleASN1BasedDissector.html

 



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

2021-04-13 Thread Anders Broman via Wireshark-dev 
Hi,

I don’t think they are generated what will be generated are the files needed to 
DO the generation.

On windows the next step is to run

msbuild /m /p:Configuration=RelWithDebInfo  
epan\dissectors\asn1\h248\generate_dissector-h248.vcxproj

which will the generate the .c and .h files

Regards

Anders

 

From: Wireshark-dev  On Behalf Of Vincent 
Randal
Sent: den 13 april 2021 16:40
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector 
example (foo)

 

Correct insofar as there are no generated files associated with asn1/foo 
directory. Namely, packet-foo.c and packet-foo.h did not get generated. But 
maybe that's not definitive proof that asn1/foo dissector did not get built. 
How else can I confirm the dissector was or was not built? Open Wireshark and 
attempt to apply "foo" as a display filter? It's not there.

 

On Tue, Apr 13, 2021 at 8:10 AM Anders Broman via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > wrote:

Hi,

So you are saying that if you create foo dir like

epan/dissectors/asn1/foo/

Rename and update the custom cmake file to

set(CUSTOM_ASN1_SRC_DIR

   foo

)

And place your source file and cmake.txt in the foo dir then rerun the cmake 
process

Nothing happens?

Try to delete the build dir  before rerunning cmake again?

I’m not sure on linux if the generate cmake file ends up under the build dir or 
in the source dir.

 

Regards

Anders

From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org> > On Behalf Of Vincent Randal
Sent: den 13 april 2021 15:32
To: Developer support list for Wireshark mailto:wireshark-dev@wireshark.org> >
Subject: Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector 
example (foo)

 

I tried renaming ./epan/dissectors/asn1/CMakeListsCustom.txt.example to 
CMakeListsCustom.txt with an entry as follows:

# Add a list of your custom asn1 dissectors here
set(CUSTOM_ASN1_SRC_DIR
   foo
)

 

Again, the build did not update any targets even with that change. But this is 
progress because that underscores the Step by Step instructions need to be 
updated to something that works. Any more ideas?

 

On Tue, Apr 13, 2021 at 7:12 AM John Thacker mailto:johnthac...@gmail.com> > wrote:

On Tue, Apr 13, 2021, 8:32 AM Vincent Randal mailto:vtran...@gmail.com> > wrote:

Hello everyone,

 

I need help building the simple ASN.1 UDP-based dissector example (foo); 
specifically, I need help building the generate_dissector-*proto* target (Step 
#6 below). I'm certainly missing something here.

 

 

(c) I created directory "foo" by extracting the attachment (foo.tgz) in 
epan/dissectors/asn1/

(d) There is a CMakeListsCustom.txt.example file in epan/dissectors/asn1 which 
already contains an entry for "foo". 

(e) Since I don't know what to do in Step #6, I build Wireshare (using cmake), 
but no build targets get updated.

 

If the solution to this problem belongs in the Wireshark documentation, I would 
be glad to help update the documentation. Namely, I don't understand the usage 
of the 5 (five) CMakeListsCustom.txt.example files inWireshark source code.

 

The CMakeListsCustom.txt.example files are just that, examples. You need to 
copy or rename them to CMakeListsCustom.txt (without the .example) for them to 
have any effect (and edit them appropriately to add the dissector name to the 
list, not commented out.)

 

CMake is configured to look for the files by that name.

 

John Thacker

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
<mailto:wireshark-dev-requ...@wireshark.org> ?subject=unsubscribe

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
<mailto:wireshark-dev-requ...@wireshark.org> ?subject=unsubscribe



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

2021-04-13 Thread Anders Broman via Wireshark-dev 
Hi,

So you are saying that if you create foo dir like

epan/dissectors/asn1/foo/

Rename and update the custom cmake file to

set(CUSTOM_ASN1_SRC_DIR

   foo

)

And place your source file and cmake.txt in the foo dir then rerun the cmake 
process

Nothing happens?

Try to delete the build dir  before rerunning cmake again?

I’m not sure on linux if the generate cmake file ends up under the build dir or 
in the source dir.

 

Regards

Anders

From: Wireshark-dev  On Behalf Of Vincent 
Randal
Sent: den 13 april 2021 15:32
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector 
example (foo)

 

I tried renaming ./epan/dissectors/asn1/CMakeListsCustom.txt.example to 
CMakeListsCustom.txt with an entry as follows:

# Add a list of your custom asn1 dissectors here
set(CUSTOM_ASN1_SRC_DIR
   foo
)

 

Again, the build did not update any targets even with that change. But this is 
progress because that underscores the Step by Step instructions need to be 
updated to something that works. Any more ideas?

 

On Tue, Apr 13, 2021 at 7:12 AM John Thacker mailto:johnthac...@gmail.com> > wrote:

On Tue, Apr 13, 2021, 8:32 AM Vincent Randal mailto:vtran...@gmail.com> > wrote:

Hello everyone,

 

I need help building the simple ASN.1 UDP-based dissector example (foo); 
specifically, I need help building the generate_dissector-*proto* target (Step 
#6 below). I'm certainly missing something here.

 

 

(c) I created directory "foo" by extracting the attachment (foo.tgz) in 
epan/dissectors/asn1/

(d) There is a CMakeListsCustom.txt.example file in epan/dissectors/asn1 which 
already contains an entry for "foo". 

(e) Since I don't know what to do in Step #6, I build Wireshare (using cmake), 
but no build targets get updated.

 

If the solution to this problem belongs in the Wireshark documentation, I would 
be glad to help update the documentation. Namely, I don't understand the usage 
of the 5 (five) CMakeListsCustom.txt.example files inWireshark source code.

 

The CMakeListsCustom.txt.example files are just that, examples. You need to 
copy or rename them to CMakeListsCustom.txt (without the .example) for them to 
have any effect (and edit them appropriately to add the dissector name to the 
list, not commented out.)

 

CMake is configured to look for the files by that name.

 

John Thacker

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
 ?subject=unsubscribe



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector example (foo)

2021-04-13 Thread Anders Broman via Wireshark-dev 
Hi,

On what OS are you doing this?

Regards

Anders

 

From: Wireshark-dev  On Behalf Of Vincent 
Randal
Sent: den 13 april 2021 14:32
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] How to build the simple ASN.1 UDP-based dissector 
example (foo)

 

Hello everyone,

 

I need help building the simple ASN.1 UDP-based dissector example (foo); 
specifically, I need help building the generate_dissector-*proto* target (Step 
#6 below). I'm certainly missing something here.

 

I'm following the Step by Step instructions (shown below) to create the simple 
ASN1 UDP-based dissector 

  mentioned in 14.2. ASN.1 Dissector Requirements 

  and I'm stuck on step #6. In this case *proto* = "foo" (the simple ASN1 
UDP-based dissector, attached to this email as foo.tgz).


14.7. Step By Step Instructions [Creating ASN.1 Dissectors]


1.  Create a directory for your protocol in the epan/dissectors/asn1 
directory and put your ASN.1 file there. 
2.  Copy CMakeLists.txt from another ASN.1 dissector and edit it to suit 
your needs. 
3.  Create a .cnf file either by copying an existing one and editing it or 
using the empty example above. 
4.  Create template files either by copying suitable existing ones and 
editing them or use the examples above, putting your protocol name in the 
appropriate places. 
5.  Add your dissector to epan/dissectors/asn1/CMakeLists.txt 
6.  Test generating your dissector by building the 
generate_dissector-*proto* target. <== how? using cmake?
7.  Depending on the outcome you may have to edit your .cnf file, ASN.1 
file etc… 
8.  Build Wireshark. <== with cmake

NOTES:

(a) The above Step by Step instructions come from here:

https://www.wireshark.org/docs/wsdg_html_chunked/ASN1StepByStepInstructions.html

(b) Prior to attempting any dissector development I built and installed 
wireshark-3.4.4 successfully (using cmake).

(c) I created directory "foo" by extracting the attachment (foo.tgz) in 
epan/dissectors/asn1/

(d) There is a CMakeListsCustom.txt.example file in epan/dissectors/asn1 which 
already contains an entry for "foo". 

(e) Since I don't know what to do in Step #6, I build Wireshare (using cmake), 
but no build targets get updated.

 

If the solution to this problem belongs in the Wireshark documentation, I would 
be glad to help update the documentation. Namely, I don't understand the usage 
of the 5 (five) CMakeListsCustom.txt.example files inWireshark source code.

 

Sincerely,

Vincent Randal



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] general inquiry on building dissectors for wireshark-3.4.4

2021-04-08 Thread Anders Broman via Wireshark-dev 
Hi,

If the protocol is truly described by asn1 documents there are plenty of 
examples in epan/dissectors/asn1/

Basically you need the asn1 description a template and a .cnf file. Are you 
building on Windows or Linux?

I’m not familiar with building the asn1 based dissectors on Linux. Are you 
going to submit the dissector back to the community

Or is it a private one? If it’s a public one we could guide you in an MR.

Best regards

Anders

 

 

From: Wireshark-dev  On Behalf Of Graham 
Bloice
Sent: den 7 april 2021 19:46
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] general inquiry on building dissectors for 
wireshark-3.4.4

 

 

 

On Wed, 7 Apr 2021 at 17:28, Vincent Randal mailto:vtran...@gmail.com> > wrote:

Hello,

 

Where can I find a complete "text based" dissector example that builds with the 
current Wireshark cmake build method used in wireshark-3.4.4? Does that 
question even make sense? I fear most people reading my question won't 
understand what I'm after.

 

I've watched numerous YouTube videos by Graham Bloice and Richard Sharpe that 
describe 3 primary methods for Wireshark dissector development:

1. Text based

2. Scripting Language based

3. C based

 

In the meantime I have built wireshark-2.6.20 using the older ./autogen.sh, 
configure, make build method. This gives me hope I might have some success with 
at least 1 (one) text-based dissector example that uses that build method:

https://wiki.wireshark.org/ASN1_plugin

 

 

The text based dissector in my presentation was specifically WSGD which 
provides its own runtime via a plugin DLL.  It's a bit of a grey area if an 
ASN.1 dissector is text based, as the description is fed into the dissector 
generator asn2wrs.py and out pops a C-based dissector.

 

If I were an expert with cmake (which might be easier than I think) I would 
probably update the text-based examples to build using cmake. But I don't know 
how to do that (yet).

 

Adding a dissector with CMake is easier (I think)  as it mostly handles 
platform and compiler differences.  As such the page you link to (which is the 
old wiki, not our new shiny GitLab one, 
https://gitlab.com/wireshark/wireshark/-/wikis/ASN1_plugin) is woefully out of 
date as it doesn't describe how to do that with CMake.

 

Unfortunately I've never dealt with an asn1 based dissector, either built-in or 
as a plugin so can't offer advice on that.

 

 

Vincent Randal

Longmont, CO

 

-- 

Graham Bloice



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Pipeline stuck?

2021-02-05 Thread Anders Broman via Wireshark-dev 
Hi,

In  
https://gitlab.com/wireshark/wireshark/-/merge_requests/1934

The pipeline seems stuck, how to reset?

 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissector functions and variables that could be static

2021-01-27 Thread Anders Broman via Wireshark-dev 
Hi,

Did some googling out of curiosity and found 
https://jelmer.uk/klaus/wireshark/blob/e738b556d72d4db5d7df85969c15117dedd0d063/epan/dissectors/packet-xml.c

Search for “xml_get_attrib" So it seems it was part of packet-xml.c at some 
point so perhaps safe to remove…

/Anders

 

From: Wireshark-dev  On Behalf Of Martin 
Mathieson via Wireshark-dev
Sent: den 27 januari 2021 13:27
To: Developer support list for Wireshark 
Cc: Martin Mathieson 
Subject: Re: [Wireshark-dev] Dissector functions and variables that could be 
static

 

Hi João,

 

I agree that every function / variable needs to be looked at carefully, but 
more so if they have WS_DLL_PUBLIC in a header file.

 

I will reinstate the XML functions in my change.  Hopefully, in other places I 
will find clear comments saying that they are provided for calling from private 
code or plugins, etc.

 

The few occasions I've added to debian/libwireshark0.symbols have been to 
unbreak the pipeline when linking between dissectors and GUI code.  My pdcp 
key-setting functions don't even appear there, but I don't build Windows 
plugins.

 

Martin

 

On Wed, Jan 27, 2021 at 11:48 AM João Valverde via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > wrote:

Hi Martin,

As you said some functions may only be used by third party plugins so 
indiscriminately removing every exported but not used function would be a bad 
policy. Even if they're not actually being used right now, who knows, they may 
be part of some public API for plugins, so for use as needed. The considerate 
way to remove them would be to have a deprecation period.

Unfortunately debian symbols doesn't help here. It does not say anything 
interesting not already said by the static/exported C keywords,  because 
functions that may be internal, for example exported from epan to the wireshark 
GUI application (not intended to be part of a public API), must also be 
included in debian symbols.

So really IMO the analysis must be done case by case for each function. And of 
course the risk of breaking someone elses plugin is always there, however 
small, so I think it needs to proceed with some caution.



On 27/01/21 11:06, Martin Mathieson via Wireshark-dev wrote:

My most recent MR 
(https://gitlab.com/wireshark/wireshark/-/merge_requests/1829), has come across 
some symbols that don't appear to be in used by our repo.

 

dpkg-gensymbols: error: some symbols or patterns disappeared in the symbols 
file: see diff output below

  
4934dpkg-gensymbols: warning: debian/libwireshark0/DEBIAN/symbols doesn't match 
completely debian/libwireshark0.symbols

  4935--- 
debian/libwireshark0.symbols (libwireshark0_3.5.0_amd64)

  4936+++ 
dpkg-gensymbolsUhOwDI 2021-01-27 10:38:17.0 +

  4937@@ -2124,7 
+2124,7 @@

  4938 
wsp_vals_pdu_type_ext@Base 1.9.1

  4939 
wsp_vals_status_ext@Base 1.9.1

  4940 
xml_escape@Base 1.9.1

  4941- 
xml_get_attrib@Base 1.9.1

  4942- 
xml_get_cdata@Base 1.9.1

  4943- 
xml_get_tag@Base 1.9.1

  4944+#MISSING: 
3.5.0# xml_get_attrib@Base 1.9.1

  4945+#MISSING: 
3.5.0# xml_get_cdata@Base 1.9.1

  4946+#MISSING: 
3.5.0# xml_get_tag@Base 1.9.1

  4947 
zbee_zcl_init_cluster@Base 2.5.2

 

It may be possible that someone has a private dissector that uses these xml 
accessor functions to try to pick out some interesting fields.

 

I am guessing that I should have my script read debian/libwireshark0.symbols to 
realise that these functions need to be non-static, even if there it can't find 
any actual references?

 

Martin 

 

 

 

On Tue, Jan 26, 2021 at 7:59 PM Martin Mathieson 
mailto:martin.r.mathie...@googlemail.com> > 
wrote:

I have done a bit more on this - I started picking off the ones at the end of 
the (alphabetical) list - 2nd one is 
https://gitlab.com/wireshark/wireshark/-/merge_requests/1817. Please feel free 
if anyone feels motivated to tackle some of the earlier ones.  The script is 
much tidier now, and also checks for references from the ui folder (this 
removed around 20 from the list), will take another pass through it before 
creating an MR with it. 

 

Sometimes

[Wireshark-dev] Problem with ENC_BCD_DIGITS_0_9 odd/even

2020-12-09 Thread Anders Broman via Wireshark-dev 
Hi,

There is a problem with the BCD encoded numbers as they may be padded and
unfortunately with Zero.

 

"Encoding scheme: BCD. Note: Filler H'0 (last digit) is used in case of the
odd number of digits." 

 

In order to present this properly

It would be good to be able to pass an odd/even indicator, what would be the
preferred bits to use?

#define ENC_BCD_ODD   0x1000

#define ENC_BCD_EVEN  0x2000

 

If(odd){

   proto_tree_add_item(subtree, hf_cs1plus_gen_digits, parameter_tvb,
poffset, -1, ENC_KEYPAD_BC_TBCD| ENC_BCD_ODD );

else

   proto_tree_add_item(subtree, hf_cs1plus_gen_digits, parameter_tvb,
poffset, -1, ENC_KEYPAD_BC_TBCD| ENC_BCD_EVEN);

 

Or some other solution?

 

Best regards

Anders

 



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Recent console warning from Qt?

2020-12-08 Thread Anders Broman via Wireshark-dev 


-Original Message-
From: Wireshark-dev  On Behalf Of 
Maynard, Christopher via Wireshark-dev
Sent: den 8 december 2020 16:20
To: 'Developer support list for Wireshark' 
Cc: Maynard, Christopher 
Subject: Re: [Wireshark-dev] Recent console warning from Qt?

> From: Wireshark-dev  On Behalf Of
> Anders Broman via Wireshark-dev
> Sent: Tuesday, December 8, 2020 3:55 AM
> To: wireshark-dev@wireshark.org
> Cc: Anders Broman 
> Subject: [Wireshark-dev] Recent console warning from Qt?
>
> Hi,
> Has anyone else seen this Main Warn QWinTaskbarButton: qIID_ITaskbarList4 
> was not initialized: 0x, ?
> Regards
> Anders
>

I'm not seeing that.  Here's my Wireshark information for reference:

3.5.0 (v3.5.0rc0-316-gc876b34ed103)

Compiled (64-bit) with Qt 5.15.2, with libpcap, with GLib 2.52.3, with zlib 
1.2.11, with SMI 0.4.8, with c-ares 1.17.0, with Lua 5.2.4, with GnuTLS 3.6.3 
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB 
resolver, with nghttp2 1.42.0, with brotli, with LZ4, with Zstandard, with 
Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using 
WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler).

Running on 64-bit Windows 10 (2004), build 19041, with Intel(R) Xeon(R) CPU 
E3-1505M v5 @ 2.80GHz (with SSE4.2), with 16231 MB of physical memory, with 
locale English_United States.utf8, with light display mode, without HiDPI, 
with Npcap version 1.00, based on libpcap version 1.9.1, with GnuTLS 3.6.3, 
with Gcrypt 1.8.3, with brotli 1.0.9, with AirPcap 4.1.0 build 1622, binary 
plugins supported (21 loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.28, build 29333).


I have
Wireshark 3.5.0 (v3.5.0rc0-317-g9722eaf93456)

Copyright 1998-2020 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later 
<https://www.gnu.org/licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.15.1, with libpcap, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.17.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.42.0, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using
WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler).

Running on 64-bit Windows 10 (1809), build 17763, with Intel(R) Core(TM)
i7-8650U CPU @ 1.90GHz (with SSE4.2), with 32611 MB of physical memory, with
locale Swedish_Sweden.utf8, with Npcap version 0.9996, based on libpcap 
version
1.9.1, with GnuTLS 3.6.3, with Gcrypt 1.8.3, with brotli 1.0.9, with AirPcap
4.1.0 build 1622, binary plugins supported (0 loaded).

Built using Microsoft Visual Studio 2019 (VC++ 14.28, build 29334).

Perhaps it is fixed in Qt 5.15.2...
Regards
Anders








CONFIDENTIALITY NOTICE: This message is the property of International Game 
Technology PLC and/or its subsidiaries and may contain proprietary, 
confidential or trade secret information. This message is intended solely for 
the use of the addressee. If you are not the intended recipient and have 
received this message in error, please delete this message from your system. 
Any unauthorized reading, distribution, copying, or other use of this message 
or its attachments is strictly prohibited.
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Recent console warning from Qt?

2020-12-08 Thread Anders Broman via Wireshark-dev 
Hi,

Has anyone else seen this Main Warn QWinTaskbarButton: qIID_ITaskbarList4
was not initialized: 0x, ?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Long time to merge?

2020-12-02 Thread Anders Broman via Wireshark-dev 
Hi,

What is the most efficient way to merge MRs with git-lab? Approve one
request and wait until it's merged or stage a couple?

I set up a bunch this morning and it is still not complete I think.

What buttons to press in what order? When to assign to git-lab utility?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Qt warning on Windows build.

2020-11-19 Thread Anders Broman via Wireshark-dev 
Hi,

Currently there is one Warnimg produced for the Windows build

C:\Development\ewireshark\trunk\ui\qt\widgets\byte_view_text.cpp(187,38):
warning C4996: 'QFont::ForceIntegerMetrics': was declared deprecated
[C:\Development\wsbuild64\ui\qt\qtui.vcxproj]

 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Handling malformed packet exceptions from within ASN.1 dissectors

2020-11-02 Thread Anders Broman via Wireshark-dev 
Hi,
I think a TRY CATCH block is the thing to use. Grep for CTACH and I think you 
will find a bunch of examples.
Regards
Anders

-Original Message-
From: Wireshark-dev  On Behalf Of Richard 
Sharpe
Sent: den 3 november 2020 00:26
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] Handling malformed packet exceptions from within ASN.1 
dissectors

Hi folks,

I am using some of the existing ASN.1 dissectors from within the
ieee802.11 dissector, and in some cases the frame is malformed in the
ASN.1 portion.

However, since it is within an IE where I know the length of the element, I 
would like to regain control and add an Expert Info and then keep dissecting.

How can I handle this?

--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者)
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Create dissctor groups to easily dissable unneded protocols.

2020-10-22 Thread Anders Broman via Wireshark-dev 
 

 

From: Wireshark-dev  On Behalf Of chuck c
Sent: den 21 oktober 2020 17:52
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Create dissctor groups to easily dissable unneded 
protocols.

 

>The Frame protocol (and a dozen others) can not be disabled:

> /* You can't disable dissection of "Frame", as that would be
>  tantamount to not doing any dissection whatsoever. */
>proto_set_cant_toggle(proto_frame);

> 

>Would there be a group that lists these?

 

I think it could be done – not sure what the use case would be, other than 
creating a list.

/Anders

 

On Wed, Oct 21, 2020 at 9:34 AM Anders Broman via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > wrote:

Hi,

In the developers den we discussed the possibility of disabling unneeded 
protocols and I brought up the idea of protocol groups. If there is interest in 
this feature

I would need help with the GUI part – volunteers? As a PoC I was thinking of 
something along these lines.

Turn all protocols of – enable the group “basic” which would then be the basic 
protocols you would need in most cases like

Ethernet -VLAN-IP4/IPv6-TCP UDP SCTP ICMP ICMP6 ARP more? We don’t need a 
comprehensive list here and now these might do for the PoC.

Once the basic group is there we might start to look at large groups of 
specialized protocols most people would want to turn off like

USB Bluetooth ZigeBee, telco(?) might be candidates. 

 

This would be the API to register in a group, only allowed group names(we make 
list) to be accepted at registry time, possibly

Have a register group name routine? But the poc may not have to be more 
complicated than this.

--- a/epan/proto.c

+++ b/epan/proto.c

@@ -343,21 +343,22 @@ static header_field_info hfi_text_only =

{ "Text item",  "text", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL };

int hf_text_only = -1;

 

-/* Structure for information about a protocol */

+/** Structure for information about a protocol */

struct _protocol {

-   const char *name;   /* long description */

-   const char *short_name; /* short description */

-   const char *filter_name;/* name of this protocol in filters */

-   GPtrArray  *fields; /* fields for this protocol */

-   int proto_id;   /* field ID for this protocol */

-   gbooleanis_enabled; /* TRUE if protocol is enabled */

-   gbooleanenabled_by_default; /* TRUE if protocol is enabled by 
default */

-   gbooleancan_toggle; /* TRUE if is_enabled can be changed */

-   int parent_proto_id;/* Used to identify "pino"s (Protocol 
In Name Only).

+   const char *name;   /**< long description */

+   const char *short_name; /**< short description */

+   const char *filter_name;/**< name of this protocol in filters */

+   const char* group_name; /**< name of the "group" this protocol 
belongs to */

+   GPtrArray  *fields; /**< fields for this protocol */

+   int proto_id;   /**< field ID for this protocol */

+   gbooleanis_enabled; /**< TRUE if protocol is enabled */

+   gbooleanenabled_by_default; /**< TRUE if protocol is enabled by 
default */

+   gbooleancan_toggle; /**< TRUE if is_enabled can be changed 
*/

+   int parent_proto_id;/**< Used to identify "pino"s (Protocol 
In Name Only).

For dissectors that need a protocol 
name so they

can be added to a dissector table, but 
use the

parent_proto_id for things like 
enable/disable */

-   GList  *heur_list;  /* Heuristic dissectors associated with 
this protocol */

+   GList  *heur_list;  /**< Heuristic dissectors associated 
with this protocol */

};

 

/* List of all protocols */

@@ -7208,8 +7209,14 @@ check_valid_filter_name_or_fail(const char *filter_name)

}

 

int

-proto_register_protocol(const char *name, const char *short_name,

-   const char *filter_name)

+proto_register_protocol(const char* name, const char* short_name, const char* 
filter_name)

+{

+   return proto_register_protocol_and_group(name, short_name, filter_name, 
NULL);

+}

+

+int

+proto_register_protocol_and_group(const char *name, const char *short_name,

+   const char *filter_name, const char* group_name)

{

protocol_t *protocol;

header_field_info *hfinfo;

@@ -7248,6 +7255,7 @@ proto_register_protocol(const char *name, const char 
*short_name,

   protocol->name = name;

protocol->short_name = short_name;

protocol->filter_name = filter_name;

+   protocol-

[Wireshark-dev] Create dissctor groups to easily dissable unneded protocols.

2020-10-21 Thread Anders Broman via Wireshark-dev 
Hi,

In the developers den we discussed the possibility of disabling unneeded
protocols and I brought up the idea of protocol groups. If there is interest
in this feature

I would need help with the GUI part - volunteers? As a PoC I was thinking of
something along these lines.

Turn all protocols of - enable the group "basic" which would then be the
basic protocols you would need in most cases like

Ethernet -VLAN-IP4/IPv6-TCP UDP SCTP ICMP ICMP6 ARP more? We don't need a
comprehensive list here and now these might do for the PoC.

Once the basic group is there we might start to look at large groups of
specialized protocols most people would want to turn off like

USB Bluetooth ZigeBee, telco(?) might be candidates. 

 

This would be the API to register in a group, only allowed group names(we
make list) to be accepted at registry time, possibly

Have a register group name routine? But the poc may not have to be more
complicated than this.

--- a/epan/proto.c

+++ b/epan/proto.c

@@ -343,21 +343,22 @@ static header_field_info hfi_text_only =

{ "Text item",  "text", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL
};

int hf_text_only = -1;

 

-/* Structure for information about a protocol */

+/** Structure for information about a protocol */

struct _protocol {

-   const char *name;   /* long description */

-   const char *short_name; /* short description */

-   const char *filter_name;/* name of this protocol in filters
*/

-   GPtrArray  *fields; /* fields for this protocol */

-   int proto_id;   /* field ID for this protocol */

-   gbooleanis_enabled; /* TRUE if protocol is enabled */

-   gbooleanenabled_by_default; /* TRUE if protocol is enabled by
default */

-   gbooleancan_toggle; /* TRUE if is_enabled can be changed
*/

-   int parent_proto_id;/* Used to identify "pino"s
(Protocol In Name Only).

+   const char *name;   /**< long description */

+   const char *short_name; /**< short description */

+   const char *filter_name;/**< name of this protocol in
filters */

+   const char* group_name; /**< name of the "group" this
protocol belongs to */

+   GPtrArray  *fields; /**< fields for this protocol */

+   int proto_id;   /**< field ID for this protocol */

+   gbooleanis_enabled; /**< TRUE if protocol is enabled */

+   gbooleanenabled_by_default; /**< TRUE if protocol is enabled by
default */

+   gbooleancan_toggle; /**< TRUE if is_enabled can be
changed */

+   int parent_proto_id;/**< Used to identify "pino"s
(Protocol In Name Only).

For dissectors that need a protocol
name so they

can be added to a dissector table,
but use the

parent_proto_id for things like
enable/disable */

-   GList  *heur_list;  /* Heuristic dissectors associated
with this protocol */

+   GList  *heur_list;  /**< Heuristic dissectors associated
with this protocol */

};

 

/* List of all protocols */

@@ -7208,8 +7209,14 @@ check_valid_filter_name_or_fail(const char
*filter_name)

}

 

int

-proto_register_protocol(const char *name, const char *short_name,

-   const char *filter_name)

+proto_register_protocol(const char* name, const char* short_name, const
char* filter_name)

+{

+   return proto_register_protocol_and_group(name, short_name,
filter_name, NULL);

+}

+

+int

+proto_register_protocol_and_group(const char *name, const char *short_name,

+   const char *filter_name, const char* group_name)

{

protocol_t *protocol;

header_field_info *hfinfo;

@@ -7248,6 +7255,7 @@ proto_register_protocol(const char *name, const char
*short_name,

   protocol->name = name;

protocol->short_name = short_name;

protocol->filter_name = filter_name;

+   protocol->group_name = group_name;

protocol->fields = NULL; /* Delegate until actually needed */

protocol->is_enabled = TRUE; /* protocol is enabled by default */

protocol->enabled_by_default = TRUE; /* see previous comment */

diff --git a/epan/proto.h b/epan/proto.h

index 679cb6989c..fa63c9d9de 100644

--- a/epan/proto.h

+++ b/epan/proto.h

@@ -2371,6 +2371,14 @@ proto_item_fill_label(field_info *fi, gchar
*label_str);

WS_DLL_PUBLIC int

proto_register_protocol(const char *name, const char *short_name, const char
*filter_name);

 

+/** Register a new protocol with group association.

+ @param name the full name of the new protocol

+ @param short_name abbreviated name of the new protocol

+ @param filter_name protocol name used for a display filter string

+ @param group_name the group the protocol belongs to. Grops are

Re: [Wireshark-dev] nas_eps value type change request

2020-10-05 Thread Anders Broman via Wireshark-dev 
Hi,

The proper way to request features or report bugs is through 
https://bugs.wireshark.org/bugzilla/ or start a discussion on the mailing 
lists. If I look in the 3GPP specifications

TS 23.003 Chapter 2.4

…”The TMSI consists of 4 octets. It can be coded using a full hexadecimal 
representation.”… so displaying it as decimal may be misleading?

In packet-s1ap.c we have 

M-TMSI TYPE = FT_UINT32 DISPLAY = BASE_DEC_HEX

Which will change the representation to be both decimal AND hexadecimal we 
could do that for NAS-EPS too I suppose.

 

“I’m trying to create a MATE file that will add IMSI to all packets in all 
common 3gpp core protocols.

My goal is to filter all messages related to a specific IMSI from a 
multi-subscriber and multi-protocol cap file.”

 

This would be a valuable feature I think and perhaps should be done by code 
rather than mate, perhaps you can share your mate files?

Regards

Anders

 

From: Dudi D  
Sent: den 5 oktober 2020 08:10
To: Anders Broman 
Subject: nas_eps value type change request

 

Hi Andres,

 

Sorry for this direct request, My name is Dudi and I’m a Packet Core Engineer.

I’m using WS a lot, i’m trying to create a MATE file that will add IMSI to all 
packets in all common 3gpp core protocols.

My goal is to filter all messages related to a specific IMSI from a 
multi-subscriber and multi-protocol cap file.

 

M-TMSI (under GUTI) value is in hex on nas_eps and dec in s1ap dissector.

nas_eps.emm.m_tmsi

s1ap.m_TMSI

 

So, because of this type difference, when using MATE, I cannot correlate 
between Attach/TAU to Service requests and Paging.

Is it possible to change  in packet-nas_epc also to decimal like MME group ID 
and MMe Code ?

Do you think it's correct to use decimal here ?

https://github.com/wireshark/wireshark/blob/master/epan/dissectors/packet-nas_eps.c#L6949
 

 

 

 

BR,

Dudi Davidesko



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Reassembling IPP info through USB

2020-07-09 Thread Anders Broman via Wireshark-dev 


-Original Message-
From: Wireshark-dev  On Behalf Of Guy 
Harris
Sent: den 9 juli 2020 04:00
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Reassembling IPP info through USB

On Jul 8, 2020, at 6:06 PM, Jamie Hare  wrote:

> I am attempting to create a dissector for IPP over USB and am running into 
> some issues with the reassembly. I first thought that I could just use a 
> reassembly table but with the way the dissectors are run multiple times is 
> it necessary to create a PDU/tap combo like TCP or UDP?

Taps are not used for reassembly of PDUs that cover multiple TCP segments or 
multiple UDP datagrams, so taps are not necessary for reassembly of 
IPP-over-USB.

You *do* need to make sure that, in the first pass over the packets, the 
results of the reassembly are saved, just as happens with reassembly with 
other packets, so that, when packets are looked at, in a possibly random 
order, after the first pass, it can be determined where the packet in question 
resides within the reassembled IPP message.

pinfo->fd->visited can be used to track if it's the first pas or not. If you 
search for it in the code you can find how it is used with reassembly in 
many(all) cases.
Regards
Anders
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Build boot stuck?

2020-07-07 Thread Anders Broman via Wireshark-dev 
Hi,

The latest build seems to take a long time.

/Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Intermittent Builder Windows Petri Dish x64 failed (failed ctest) failures seriously annoying.

2020-07-02 Thread Anders Broman via Wireshark-dev 
Hi,

We have intermittent false petri dish failures. Can someone with insight
into the tests have a look?

Best regards

Anders

Example Builder Windows Petri Dish x64 failed (failed ctest) -

http://buildbot.wireshark.org/petri-dish/builders/Windows%20Petri%20Dish%20x
64/builds/11913



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Include LUA dissectors in installers?

2020-06-10 Thread Anders Broman via Wireshark-dev 
Hi,

Does anyone have modified CMakefiles to include LUA dissectors in nsis and
RPMs? 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Dissecting http2 traffic

2020-05-15 Thread Anders Broman via Wireshark-dev 
Hi,
Yes it's related to that bug. And if memory serves the trace would illustrate 
the problem.
I don't see how the compression/decompression could recover as in showing the 
missing header element. I'm not sure I understand what your objection is. Is it 
in how to present the non decodable element? Alternative solutions welcome.  I 
have pushed the suggested code upstream but no feedback yet. I think it would 
be of service to the telco community to have an interim solution in Wireshark 
until we get something from upstream. If that's not acceptable I will use my 
own branch.
Best regards
Anders

Skickat från Outlook Mobile<https://aka.ms/blhgte>


From: Peter Wu 
Sent: Friday, May 15, 2020 10:40:03 PM
To: Developer support list for Wireshark 
Cc: Anders Broman 
Subject: Re: [Wireshark-dev] Dissecting http2 traffic

On Fri, May 15, 2020 at 06:50:18AM +, Anders Broman via Wireshark-dev wrote:
> Hi,
>
> I think there is a demand to dissect http2 traffic where all packets in a
> session is not captured. This is currently not possible.
>
> As the http2 protocol creates dynamic data for compression/decompression and
> if the packet adding a new index to the index table is not
>
> Present then that header element can not be decoded in the packet(s) where
> it occurs. Also the nghttp2 library stops processing the
>
> Header and is left in an error state(I think).
>
>
>
> I have modified the nghttp2 code to handle unknown indexes
> https://protect2.fireeye.com/v1/url?k=d2592c57-8cf9ccc9-d2596ccc-86ee86bd5107-f102bcce985b9905=1=3d077b47-0100-4f28-aa79-f193cfe770be=https%3A%2F%2Fgithub.com%2Fnghttp2%2Fnghttp2%2Fpull%2F1467
>  and modified Wireshark to use
> it
>
> https://code.wireshark.org/review/#/c/37203/ as this pull request is not yet
> accepted and of course no nghttp2 release including it exists, there is
>
> a problem to get this functionality. Could we roll our own windows version
> of nghttp2 as a start? I have built a modified library for my tests.

I'd suggest to work with upstream nghttp2 to get the patches reviewed
first. The suggested approach of generating a dummy ":Failed deflate"
header seems wrong to me.

Depending on the lost data, it might not be possible to completely
recover. What kind of errors would you like to recover from? Do you have
an example trace? Is it related to
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16496?

Kind regards,
Peter

> Suggestions on how to proceed? For 5G who is a heavy user of http2 I think
> the ability to decode payloads are essential and this is a first step to fix
> that.
>
> Regards
>
> Anders
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Dissecting http2 traffic

2020-05-15 Thread Anders Broman via Wireshark-dev 
Hi,

I think there is a demand to dissect http2 traffic where all packets in a
session is not captured. This is currently not possible.

As the http2 protocol creates dynamic data for compression/decompression and
if the packet adding a new index to the index table is not

Present then that header element can not be decoded in the packet(s) where
it occurs. Also the nghttp2 library stops processing the

Header and is left in an error state(I think).

 

I have modified the nghttp2 code to handle unknown indexes

https://github.com/nghttp2/nghttp2/pull/1467 and modified Wireshark to use
it

 
https://code.wireshark.org/review/#/c/37203/ as this pull request is not yet
accepted and of course no nghttp2 release including it exists, there is

a problem to get this functionality. Could we roll our own windows version
of nghttp2 as a start? I have built a modified library for my tests.

 

Suggestions on how to proceed? For 5G who is a heavy user of http2 I think
the ability to decode payloads are essential and this is a first step to fix
that.

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] HTTP2 headers not dissected

2020-04-16 Thread Anders Broman via Wireshark-dev 
Him
Opened https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16496
/Anders

-Original Message-
From: Peter Wu  
Sent: den 16 april 2020 00:36
To: Developer support list for Wireshark 
Cc: Anders Broman 
Subject: Re: [Wireshark-dev] HTTP2 headers not dissected

Hi Anders,

On Wed, Apr 15, 2020 at 03:11:01PM +, Anders Broman via Wireshark-dev
wrote:
> It seems like at least in some cases when there is multiple HTTP2 
> streams the header fields are not decoded but if
> 
> Packets belonging to that stream is put in a separate trace file 
> decoding works.

Can you file a bug with an example capture file for the first problematic
case?
--
Kind regards,
Peter Wu
https://lekensteyn.nl


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] HTTP2 headers not dissected

2020-04-15 Thread Anders Broman via Wireshark-dev 
Hi,

It seems like at least in some cases when there is multiple HTTP2 streams
the header fields are not decoded but if

Packets belonging to that stream is put in a separate trace file decoding
works.

Best regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] HTTP2 decryption test fails

2020-04-15 Thread Anders Broman via Wireshark-dev 
Hi,

https://code.wireshark.org/review/#/c/36851/

seems to make the test fail. Not sure what the problem might be. Can someone
take a look?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Build without LUA fails

2020-03-19 Thread Anders Broman via Wireshark-dev 
 

 

From: Pascal Quantin  
Sent: den 17 mars 2020 10:13
To: Developer support list for Wireshark 
Cc: Anders Broman 
Subject: Re: [Wireshark-dev] Build without LUA fails

 

Hi Anders,

 

Le mar. 17 mars 2020 à 10:02, Anders Broman via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > a écrit :

Hi,

Someone at work is trying to build without LUA and getting, from cmake:

 

:

- The following OPTIONAL packages have not been found:

 

* LIBSSH (required version >= 0.6), Library for implementing SSH clients, 
<https://www.libssh.org/ 
<https://protect2.fireeye.com/v1/url?k=26994e1c-7a136cc8-26990e87-0cc47ad93e6a-bf41698e2320f659=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fwww.libssh.org%2F>
 >

   extcap remote SSH interfaces (sshdump, ciscodump)

* Systemd, System and Service Manager (libraries), 
<https://freedesktop.org/wiki/Software/systemd/ 
<https://protect2.fireeye.com/v1/url?k=fe7da14b-a2f7839f-fe7de1d0-0cc47ad93e6a-59860c2d4f2e2152=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Ffreedesktop.org%2Fwiki%2FSoftware%2Fsystemd%2F>
 >

  Support for systemd journal extcap interface (sdjournal)

* MaxMindDB, C library for the MaxMind DB file format, 
<https://github.com/maxmind/libmaxminddb 
<https://protect2.fireeye.com/v1/url?k=a2f64434-fe7c66e0-a2f604af-0cc47ad93e6a-c422963fef79097e=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fgithub.com%2Fmaxmind%2Flibmaxminddb>
 >

   Support for GeoIP lookup

* SMI

* Minizip, C library for supporting zip/unzip functionality, 
<https://www.winimage.com/zLibDll/minizip.html 
<https://protect2.fireeye.com/v1/url?k=ecbe0ffc-b0342d28-ecbe4f67-0cc47ad93e6a-458ff04972920839=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fwww.winimage.com%2FzLibDll%2Fminizip.html>
 >

   Support for profiles import/export

* BROTLI

* LZ4, LZ4 is lossless compression algorithm used in some protocol (CQL...), 
<http://www.lz4.org 
<https://protect2.fireeye.com/v1/url?k=31a16480-6d2b4654-31a1241b-0cc47ad93e6a-60ca5d75f4a68dec=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=http%3A%2F%2Fwww.lz4.org%2F>
 >

   LZ4 decompression in CQL and Kafka dissectors

* SNAPPY, A fast compressor/decompressor from Google, 
<https://google.github.io/snappy/ 
<https://protect2.fireeye.com/v1/url?k=ffbdd3e3-a337f137-ffbd9378-0cc47ad93e6a-aa1c45afdd0254a1=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fgoogle.github.io%2Fsnappy%2F>
 >

   Snappy decompression in CQL and Kafka dissectors

* ZSTD (required version >= 1.0.0), A compressor/decompressor from Facebook 
providing better compression than Snappy at a cost of speed, 
<https://facebook.github.io/zstd/ 
<https://protect2.fireeye.com/v1/url?k=8e4a792c-d2c05bf8-8e4a39b7-0cc47ad93e6a-3c554c55bddcd6e3=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Ffacebook.github.io%2Fzstd%2F>
 >

   Zstd decompression in Kafka dissector

* LUA (required version >= 5.1)

* SBC, Bluetooth low-complexity, subband codec (SBC) decoder, 
<https://git.kernel.org/pub/scm/bluetooth/sbc.git>

   Support for playing SBC codec in RTP player

* SPANDSP, a library of many DSP functions for telephony, 
<https://www.soft-switch.org 
<https://protect2.fireeye.com/v1/url?k=66abf21d-3a21d0c9-66abb286-0cc47ad93e6a-fc567e190f1951a3=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fwww.soft-switch.org%2F>
 >

   Support for G.722 and G.726 codecs in RTP player

* BCG729, G.729 decoder, 
<https://www.linphone.org/technical-corner/bcg729/overview 
<https://protect2.fireeye.com/v1/url?k=466d134f-1ae7319b-466d53d4-0cc47ad93e6a-37ddcbaedcd602d7=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fwww.linphone.org%2Ftechnical-corner%2Fbcg729%2Foverview>
 >

   Support for G.729 codec in RTP player

* ILBC, iLBC decoder, <https://github.com/TimothyGu/libilbc 
<https://protect2.fireeye.com/v1/url?k=4c718298-10fba04c-4c71c203-0cc47ad93e6a-652a8dc4a478f089=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fgithub.com%2FTimothyGu%2Flibilbc>
 >

   Support for iLBC codec in RTP player

* SpeexDSP, SpeexDSP is a patent-free, Open Source/Free Software DSP library, 
<https://www.speex.org/ 
<https://protect2.fireeye.com/v1/url?k=d62dbae1-8aa79835-d62dfa7a-0cc47ad93e6a-70e92ec7f8e18c17=1=d79c2d7b-43e8-40b7-8bf9-9570ae22d886=https%3A%2F%2Fwww.speex.org%2F>
 >

   RTP audio resampling

* Asciidoctor (required version >= 1.5):

CMake Error: The following variables are used in this project, but they are set 
to NOTFOUND.

Please set them or make sure they are set and tested correctly in the CMake 
files:

LUA_INCLUDE_DIR

   used as include directory in directory ..Wireshark /epan

:

 

Any ideas?

 

Just a blind attmpt. Would th epatch below change something?

 

diff --git a/cmake/modules/FindLUA.cmake b/cmake/modules/FindLUA.cmake
index 2e5e8d476b..ea65b0f89e 100644
--- a/cmake/modules/FindLUA.cmake
+++ b/cma

[Wireshark-dev] Build without LUA fails

2020-03-17 Thread Anders Broman via Wireshark-dev 
Hi,

Someone at work is trying to build without LUA and getting, from cmake:

 

:

- The following OPTIONAL packages have not been found:

 

* LIBSSH (required version >= 0.6), Library for implementing SSH clients,


   extcap remote SSH interfaces (sshdump, ciscodump)

* Systemd, System and Service Manager (libraries),


  Support for systemd journal extcap interface (sdjournal)

* MaxMindDB, C library for the MaxMind DB file format,


   Support for GeoIP lookup

* SMI

* Minizip, C library for supporting zip/unzip functionality,


   Support for profiles import/export

* BROTLI

* LZ4, LZ4 is lossless compression algorithm used in some protocol (CQL...),


   LZ4 decompression in CQL and Kafka dissectors

* SNAPPY, A fast compressor/decompressor from Google,


   Snappy decompression in CQL and Kafka dissectors

* ZSTD (required version >= 1.0.0), A compressor/decompressor from Facebook
providing better compression than Snappy at a cost of speed,


   Zstd decompression in Kafka dissector

* LUA (required version >= 5.1)

* SBC, Bluetooth low-complexity, subband codec (SBC) decoder,


   Support for playing SBC codec in RTP player

* SPANDSP, a library of many DSP functions for telephony,


   Support for G.722 and G.726 codecs in RTP player

* BCG729, G.729 decoder,


   Support for G.729 codec in RTP player

* ILBC, iLBC decoder, 

   Support for iLBC codec in RTP player

* SpeexDSP, SpeexDSP is a patent-free, Open Source/Free Software DSP
library, 

   RTP audio resampling

* Asciidoctor (required version >= 1.5):

CMake Error: The following variables are used in this project, but they are
set to NOTFOUND.

Please set them or make sure they are set and tested correctly in the CMake
files:

LUA_INCLUDE_DIR

   used as include directory in directory ..Wireshark /epan

:

 

Any ideas?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Wireshark wiki on portable aps

2020-03-16 Thread Anders Broman via Wireshark-dev 
Hi,

This page may need some love  Is it built with cmake?

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Mixing Exported_pdu with Lua

2020-02-18 Thread Anders Broman via Wireshark-dev 
Hi,

I do not do LUA code but did you do 
 
Proto.new(name, desc) and then use that name to call the dissector?

@lua guys: Does that register the LUA dissector by name? or do you do it some 
other way?

Regards

Anders



From: Wireshark-dev  On Behalf Of Juanjo 
Martin Carrascosa
Sent: den 17 februari 2020 16:40
To: Developer support list for Wireshark 
Subject: [Wireshark-dev] Mixing Exported_pdu with Lua



Hi devs,



Is it possible to register a Lua dissector so it is called by EXPORTED_PDU? I 
don't manage to "register" the Lua dissector properly.



My goal is to create a dissector in Lua that is called by EXPORTED_PDU and 
later calls another C dissector from Wireshark. Once I get this working and 
this protocol is stable enough, I may write a C file for it.



Any help would be appreciated!



Regards,

Juanjo Martin



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Unable to detect custom protocol dissector

2020-02-13 Thread Anders Broman via Wireshark-dev 
Hi,

I don’t write Lua code but try

  
Dissector.get(name) 

 

Using gnw as name

Regards

Anders

 

From: Wireshark-dev  On Behalf Of sandip 
gangakhedkar
Sent: den 13 februari 2020 23:11
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Unable to detect custom protocol dissector

 

Hi Chris,

 

I confirm that I see the same issue with your Lua script. However, I am able to 
dissect the GeoNetworking header normally in another pcap trace that does not 
contain my proprietary header that encapsulates my GeoNetworking PDU. So I 
think the Native Wireshark gnw Dissector is working just fine. 

 

However, when I add the custom Dissector for my proprietary header and then 
chain the gnw Dissector to it, I am able to see my proprietary headers, but 
fail to see the GeoNetworking header dissected. 

 

@Anders: I did not notice anything particular in the way the gnw Dissector is 
registered:

 

 



expert_module_t* expert_geonw;


module_t *geonw_module;


 


proto_geonw = proto_register_protocol("GeoNetworking", "GNW", "gnw");


 


 


geonw_handle = register_dissector("gnw", dissect_geonw, proto_geonw);


 


proto_register_field_array(proto_geonw, hf_geonw, array_length(hf_geonw));


proto_register_subtree_array(ett, array_length(ett));


 


expert_geonw = expert_register_protocol(proto_geonw);


expert_register_field_array(expert_geonw, ei, array_length(ei));



 

Am I missing something here?

 

Thanks again for your help.

 

 

 

 

On Thu, Feb 13, 2020 at 10:50 PM Maynard, Chris via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > wrote:

I’m not sure what you’re trying to do, but there’s already a Wireshark built-in 
dissector for GeoNetworking[1]. 

 

If you’re trying to replace it for some reason, then you may either need to 
disable that one or remove it completely.  And if you’re trying to implement in 
Lua, then you’ll need to register it as a heuristic dissector using 
register_heuristic[2].  However, it seems that there might be a bug with 
respect to this function[3], as the following simple Lua script seems to 
indicate:

 

local p_gnw = Proto("gnwHdr", "GeoNetworkingHdr")

 

function p_gnw.dissector(tvbuf, pinfo, tree)

 

local ethertype = tvbuf(12, 2):uint()

if ethertype == 35143 then

pinfo.cols.protocol:set("GNW")

return true

else

return false

end

end

 

p_gnw.register_heuristic("eth", p_gnw.dissector)

 

 

When Wireshark is started with this gnw.lua script loaded, the following error 
message is encountered:

 

Lua: Error during loading:

path\to\gnw.lua:14:bad

argument #1 to ‘register_heuristic’ (userdata expected, got string)

stack traceback:

 [C]: in function ‘register_heuristic’

 path\to\gnw.lua:14:

in main chunk

 

- Chris

[1]: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=epan/dissectors/packet-geonw.c;h=21290a3b179c8974483a2f762cbe512fbec67103;hb=HEAD

[2]: https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Proto.html 
(Section 11.6.5.3)

[3]: 
https://osqa-ask.wireshark.org/questions/54158/register-heuristic-function-for-multiple-heuristic-list-names-in-lua

 

 

From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org> > On Behalf Of sandip gangakhedkar
Sent: Wednesday, February 12, 2020 4:46 PM
To: wireshark-dev@wireshark.org  
Subject: [Wireshark-dev] Unable to detect custom protocol dissector

 

Hi, 

 

I am using a Custom protocol dissector (Lua script) for the GeoNetworking 
header. I have build wireshark 3.2.1 from source on Ubuntu 18.04 and placed the 
Lua script in the Global plugins directory. However, the script fails when to 
find the Geonetworking protocol when I invoke it in the script:

 

  Dissector.get("gnw"):call(newTvb, pkt, root)

 

So I tried another approach:

 

  gnw_dissector = DissectorTable.get("ethertype"):get_dissector(35143)

 

The protocol gnw (GeoNetworking) corresponds to an EtherType of 35143 in my 
Wireshark protocols configuration. However, this also fails to find the "gnw" 
protocol.

 

How can I get wireshark to detect the GeoNetworking protocol from my custom Lua 
script?

 

Thanks in advance.

 

 

CONFIDENTIALITY NOTICE: This message is the property of International Game 
Technology PLC and/or its subsidiaries and may contain proprietary, 
confidential or trade secret information. This message is intended solely for 
the use of the addressee. If you are not the intended recipient and have 
received this message in error, please delete this message from your system. 
Any unauthorized reading, distribution, copying, or other use of this message 
or its attachments is strictly prohibited.

Re: [Wireshark-dev] Unable to detect custom protocol dissector

2020-02-13 Thread Anders Broman via Wireshark-dev 
 

 

From: Wireshark-dev  On Behalf Of Graham 
Bloice
Sent: den 13 februari 2020 11:09
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Unable to detect custom protocol dissector

 

Does your custom build of Wireshark include Lua?  What does the Help | About 
Wireshark | Wireshark info show?

 

On Wed, 12 Feb 2020 at 21:46, sandip gangakhedkar mailto:sandipfl...@gmail.com> > wrote:

Hi,

 

I am using a Custom protocol dissector (Lua script) for the GeoNetworking 
header. I have build wireshark 3.2.1 from source on Ubuntu 18.04 and placed the 
Lua script in the Global plugins directory. However, the script fails when to 
find the Geonetworking protocol when I invoke it in the script:

 

  Dissector.get("gnw"):call(newTvb, pkt, root)

 

So I tried another approach:

 

  gnw_dissector = DissectorTable.get("ethertype"):get_dissector(35143)

 

The protocol gnw (GeoNetworking) corresponds to an EtherType of 35143 in my 
Wireshark protocols configuration. However, this also fails to find the "gnw" 
protocol.

 

How can I get wireshark to detect the GeoNetworking protocol from my custom Lua 
script?

 

Thanks in advance.

 

 


The function DissectorTable.get("ethertype"):get_dissector(35143)

 

 
https://wiki.wireshark.org/LuaAPI/Dissector#dissectortable:get_dissector.28pattern.29

gets the handle of the built in GNW dissector as far as I can tell. Is that 
what you want? Why do you want to replace the existing dissector? (If that’s 
what you are trying to do).

 

Regards

Anders

 



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] q on catching error in sub-dissectors.

2020-01-21 Thread Anders Broman via Wireshark-dev 


-Original Message-
From: Wireshark-dev  On Behalf Of João 
Valverde
Sent: den 21 januari 2020 15:47
To: wireshark-dev@wireshark.org
Subject: Re: [Wireshark-dev] q on catching error in sub-dissectors.



On 21/01/20 14:33, Christian Hopps wrote:
> So I've got a payload of packets in a single frame. I'm calling 
> dissector_try_uint_new() to dissect each payload (typically IPv4 packets). 
> Some of these packets are considered "malformed" by wireshark (e.g., created 
> by scapy/trex with some bogus values).
>
> The problem I'm hitting is that the first malformed inner packet fails all 
> the way out of my parent dissector, so it doesn't dissect any of the other 
> packets in the payload.
>
> Another problem I'm having is that the IP sub-dissector is overwriting my 
> source and destination addresses in the pinfo/tree (not sure which doesn't 
> really matter).
>
> Summary:
>
> - How can I "catch" errors in a subdissector so I can call other 
> sub-dissectors?

Use TRY/CATCH (in epan/exceptions.h).

> - How can I "block" sub-dissectors from overwriting my outer header 
> information?

I don't think you can. Maybe your IPTFS dissector can set it after the 
sub-dissectors run.

Not sure how you want it, there is col_set_fence()

>
> Thanks,
> Chris.
> ___
> Sent via:Wireshark-dev mailing list 
> Archives:https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>   
> mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Anders Broman via Wireshark-dev 
Hi,

Did not find it online, but some basics:

Put the following lines into a file

   00 0c 00 0c 67 73 6d 5f 61 5f 64 74 61 70 00 00  . gsm_a_dtap 67 73 
6d 5f 61 5f 64 74 61 70

0010   00 1e 00 04 00 00 00 01 00 00 00 00 08 15 03 

And run

text2pcap.exe -l 252 Manufacture_frames_exp_pdu.txt 
Manufactured_frames_exp_pdu.pcapng

 

   00 0c 00 0c 6e 61 73 2d 35 67 73 00 00 00 00 00   nas-5gs.

0010   00 1e 00 04 00 00 00 01 00 00 00 00 7e 00 3e 57   ..>A 
Message type last octet  0x57 Authentication response

0020   78 00 57 0a 01 25 46 00 00 55 71 53 01 d6 10 04   ó%F..UqS.Ö..

0030   8e 42 20 10 00 04 20 63 db 24 2f 04 4d aa 62 67   .B n.. cÛ$/.Mªbg

0040   52 22 04 78 78 00 33 78 00 30 00 5e 7b 78 40 04   R"."..0.nf.^{x@.

0050   75 9f 77 77 50 04 5a fa f6 6d b0 2b 03 3d ff ff   u.wwP.Zúöm°+.=ÿÿ

0060   2c 04 00 00 00 00 2d 06 00 00 00 00 00 00 c0 7c   ,.-...À|

0070   00 08 07 00 c0 7c 00 02 00 00 À|

text2pcap.exe -l 252 Manufacture_frames_exp_pdu.txt 
Manufactured_frames_exp_pdu.pcapng

 

 

 

From: Wireshark-dev  On Behalf Of Juanjo 
Martin Carrascosa
Sent: den 15 januari 2020 14:54
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Bypassing the first layer

 

This helps me too. There are some slides about export pdu.

 

But yes, any material is welcome. Thanks for the help team. This is fantastic.

 

On Wed, Jan 15, 2020 at 2:47 PM Dario Lombardo mailto:lom...@gmail.com> > wrote:

I don't think this is what Anders was talking about. This is about extcap, 
while I was referring to export_pdu.

If you or Anders can reference the right one, that would be great.

If you want to have a look at something using export_pdu creating a pcap file, 
have a loot at the udpdump.c code.

 

On Wed, Jan 15, 2020 at 2:37 PM Juanjo Martin Carrascosa mailto:jua...@rti.com> > wrote:

https://sharkfestus.wireshark.org/assets/presentations18/17.pptx

 

On Wed, Jan 15, 2020 at 2:36 PM Dario Lombardo mailto:lom...@gmail.com> > wrote:

Can you share the link, for future reference?

 

On Wed, Jan 15, 2020 at 2:15 PM Juanjo Martin Carrascosa mailto:jua...@rti.com> > wrote:

Found the presentation, this is fantastic.

 

Thanks!

 

On Wed, Jan 15, 2020 at 12:58 PM Anders Broman via Wireshark-dev 
mailto:wireshark-dev@wireshark.org> > wrote:

Hi,

In the frame layer there is the “Encapsulation type” the way the pcap format 
works this indicates how the data following should be interpreted.

Linktype/encapsulation type is defined at  
<https://protect2.fireeye.com/v1/url?k=c347add8-9fcd786c-c347ed43-866a015dd3d5-d7661157f49a37ff=1=d82b7876-3625-4158-b8b6-c262c0dc56f8=https%3A%2F%2Fwww.tcpdump.org%2Flinktypes.html>
 https://www.tcpdump.org/linktypes.html so one thing you could do is to design 
your own DLT

Add whatever meta data you want and then add the RTPS data at some position in 
that structure. You can try this out by using the USER DLTs in Wireshark

Or if you do not want to request a DLT from tcpdump ( DO NOT USE ONE WITHOUT 
ALLOCATING IT) you could use the Exported PDU DLT defined by Wireshark

Epan/exported_pdu.h contains some information. If you would require new 
elements for meta information that could be discussed. Adding RTSP data in

An exported_pdu DLT frame should be simple as an initial test. I think there is 
a sharkfest presentation on how to add any protocol data in an exported pdu 
frame with text2pcap.

Regards

Anders

 

From: Wireshark-dev mailto:wireshark-dev-boun...@wireshark.org> > On Behalf Of Juanjo Martin 
Carrascosa
Sent: den 15 januari 2020 12:24
To: Developer support list for Wireshark mailto:wireshark-dev@wireshark.org> >
Subject: Re: [Wireshark-dev] Bypassing the first layer

 

Hi Dario,

 

Could you elaborate on this? I get the idea but my knowledge about the how is 
very basic.

 

How can this help me achieve what I need?

 

Thanks for the help.

Juanjo Martin

 

On Tue, Jan 14, 2020 at 4:48 PM Dario Lombardo mailto:lom...@gmail.com> > wrote:

You can use export_pdu. This is a layer with multiple attributes (see 
epan/exported_pdu.h), but the only really needed is the proto_name, that allows 
you to directly call a dissector by its name.

You will have frames with this stack: FRAME/EXPORT PDU/RTPS, that is properly 
dissected by wireshark.

 

On Tue, Jan 14, 2020 at 4:33 PM Juanjo Martin Carrascosa mailto:jua...@rti.com> > wrote:

Hi everyone,

 

RTPS is a protocol already supported by Wireshark. I have been helping maintain 
that protocol these past years. It sits on top of TCP and UDP, as well as some 
other transports that are not network ones (Shared Memory typically with a 
proprietary implementation).


 

We are currently working on implementing a new logging mechanism for our 
product, mainly to address the Shared Memory scenario but it can also be really 
useful when RTPS is used on top of network

Re: [Wireshark-dev] Bypassing the first layer

2020-01-15 Thread Anders Broman via Wireshark-dev 
Hi,

In the frame layer there is the “Encapsulation type” the way the pcap format 
works this indicates how the data following should be interpreted.

Linktype/encapsulation type is defined at  
 https://www.tcpdump.org/linktypes.html 
so one thing you could do is to design your own DLT

Add whatever meta data you want and then add the RTPS data at some position in 
that structure. You can try this out by using the USER DLTs in Wireshark

Or if you do not want to request a DLT from tcpdump ( DO NOT USE ONE WITHOUT 
ALLOCATING IT) you could use the Exported PDU DLT defined by Wireshark

Epan/exported_pdu.h contains some information. If you would require new 
elements for meta information that could be discussed. Adding RTSP data in

An exported_pdu DLT frame should be simple as an initial test. I think there is 
a sharkfest presentation on how to add any protocol data in an exported pdu 
frame with text2pcap.

Regards

Anders

 

From: Wireshark-dev  On Behalf Of Juanjo 
Martin Carrascosa
Sent: den 15 januari 2020 12:24
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Bypassing the first layer

 

Hi Dario,

 

Could you elaborate on this? I get the idea but my knowledge about the how is 
very basic.

 

How can this help me achieve what I need?

 

Thanks for the help.

Juanjo Martin

 

On Tue, Jan 14, 2020 at 4:48 PM Dario Lombardo mailto:lom...@gmail.com> > wrote:

You can use export_pdu. This is a layer with multiple attributes (see 
epan/exported_pdu.h), but the only really needed is the proto_name, that allows 
you to directly call a dissector by its name.

You will have frames with this stack: FRAME/EXPORT PDU/RTPS, that is properly 
dissected by wireshark.

 

On Tue, Jan 14, 2020 at 4:33 PM Juanjo Martin Carrascosa mailto:jua...@rti.com> > wrote:

Hi everyone,

 

RTPS is a protocol already supported by Wireshark. I have been helping maintain 
that protocol these past years. It sits on top of TCP and UDP, as well as some 
other transports that are not network ones (Shared Memory typically with a 
proprietary implementation).


 

We are currently working on implementing a new logging mechanism for our 
product, mainly to address the Shared Memory scenario but it can also be really 
useful when RTPS is used on top of network protocols. 

 

Problem: We can log the RTPS layer but we don't have some information in our 
middleware like the Frame or Ethernet information, so we need to make it up. 
This is ugly, so I am trying to avoid that:

 

How can I register a protocol so it is picked up instead of the Frame layer? 
This is, I want to create a new protocol that detects that the information we 
generate is for that protocol and the Frame protocol is not called, but the new 
protocol I am creating. This new protocol will then call the RTPS protocol to 
dissect the payload I want to display. We are planning to also add some 
information to this custom protocol, that's why I want it to be called first.

 

Note: I just came up with this solution, but if you have a different solution 
for this, please let me know.

 

Thanks,

Juanjo Martin

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
 ?subject=unsubscribe




 

-- 

Naima is online.

___
Sent via:Wireshark-dev mailing list mailto:wireshark-dev@wireshark.org> >
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org 
 ?subject=unsubscribe




 

-- 

 

Juanjo Martin

Principal Application Engineer

EMEA Services Lead @ Professional Services Group

Office: +34 958 27 88 62

jua...@rti.com  

www.rti.com 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Brotli decompression

2019-12-19 Thread Anders Broman via Wireshark-dev 
Hi,
On Windows it should be included, check About Wireshark
Regards
Anders

-Original Message-
From: Wireshark-dev  On Behalf Of Jasper 
Bongertz
Sent: den 19 december 2019 13:30
To: wireshark-dev@wireshark.org
Subject: [Wireshark-dev] Brotli decompression

Hello all,

  I found this in the release notes of Wireshark 3.2:   "Brotli decompression 
support in HTTP/HTTP2 (requires the brotli library)"

  Sounds great, but I can't seem to find any instructions how to add the 
"brotli
  library" to my Wireshark installation. I guess I need some DLL, but all I
  could find are the Github pages with the source code. Does anyone have a 
good
  instruction set for Wireshark on Windows to enable Brotli?

  I did a "Follow HTTP2 stream" and got unreadable stuff (decrypted first with
  SSLKEYLOG file), so I guess Brotli is  what I need to see the actual page 
contents...

Thanks & cheers,
Jasper


___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe


smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Accessing Mystery Case Studies under Wire Shark

2019-11-14 Thread Anders Broman via Wireshark-dev 
Hi, 

No idea what you are talking about.

/Regards

Anders

 

From: Wireshark-dev  On Behalf Of St
John, John Arthur
Sent: den 7 november 2019 01:12
To: wireshark-dev@wireshark.org
Cc: St John, John Arthur 
Subject: [Wireshark-dev] Accessing Mystery Case Studies under Wire Shark

 

Good Day Wire shark,

 

My name is Professor John St John, I'm a a teacher st DeVry University and 

currently teaching a Network Class, where this week my students are

required to watch of the mystery cases and when they try to click on one it
takes

them to a page where they need to make a purchase. 

 

Trying to find the best possible route for my students to watch the cases

and complete they assignment.  

 

Thank You for your time and consideration. Have a wonderful day.

 

John St John

DeVry University Professor

jstj...@devry.edu  

6192274755

 

 

 

 



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Warnings from Qt

2019-10-29 Thread Anders Broman via Wireshark-dev 
Hi,

Recently I'm getting:

 

16:14:09.906 Main Warn DirectWrite: CreateFontFaceFromHDC() failed
(Indicates an error in an input file such as a font file.) for
QFontDef(Family="Fixedsys", pointsize=9.75, pixelsize=15, styleHint=5,
weight=50, stretch=100, hintingPreference=0) LOGFONT("Fixedsys", lfWidth=0,
lfHeight=-15) dpi=96

 

Regards

Anders



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Switch master and PD Windows builders to Visual Studio 2019?

2019-09-11 Thread Anders Broman via Wireshark-dev 
Hi,

C:\Program Files (x86)\Microsoft Visual 
Studio\2019\Enterprise\Common7\IDE\CommonExtensions\Microsoft\CMake\CMake\bin>cmake
 
 --version

cmake version 3.14.19060802-MSVC_2



Regards

Anders



From: Wireshark-dev  On Behalf Of Graham 
Bloice
Sent: den 11 september 2019 11:58
To: Developer support list for Wireshark 
Subject: Re: [Wireshark-dev] Switch master and PD Windows builders to Visual 
Studio 2019?



Out of interest, what is the version of CMake shipped with VS2019?



I'd like to know if we can dispense with a separate CMake install, which 
worked well for VS2017 until https://code.wireshark.org/review/c/3/ which 
moves the required version to 3.13.



On Tue, 10 Sep 2019 at 22:22, Anders Broman mailto:a.broma...@gmail.com> > wrote:

FWIW I too have been using VS 2019 for quite some time.

Regards

Anders



Den tis 10 sep. 2019 23:18Gerald Combs mailto:ger...@wireshark.org> > skrev:

Has anyone run into any issues building Wireshark with Visual Studio 2019? 
It's been working fine for the past few months in my limited testing here, and 
unless anyone has any objections I'd like to switch the master and PD Windows 
builders from VS 2017 to 2019.



-- 

Graham Bloice



smime.p7s
Description: S/MIME cryptographic signature
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe