Re: [Wireshark-dev] Visual Studio 2022
Anders Broman wrote: Hi, Yes sounds like a good idea. Have been contemplating testing it too. I just installed the "Build Tools for Visual Studio 2022" https://visualstudio.microsoft.com/downloads/#build-tools-for-visual-studio-2022 But was disappointed it does not include a newer compiler. My 'cl.exe' (part of the "VS 2019") is still at version 19.29.30139. So what's the point of using VS 2022 really? -- --gv ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Errors building 3.7 plugins.
João Valverde wrote: you can (and probably should) include "config.h", just like other Wireshark bundled plugins do. Why does this project not use '-FI./config.h'? -- --gv ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c'
Maynard, Chris wrote: Which specific release of VS2019 are you running? This is a bit of a stretch, but *possibly* your version could use an update? I have the latest AFAIK I ran vs_installer last week. From 'cl /?': Version 19.24.28319 for x86 From 'vswhere': VisualStudio.16.Release/16.4.6+29905.134 But IMHO, you're dodging the problem; a "#define s_addr S_un.S_addr" has been in the *Win-SDK* for ages. Nothing to do with 'cl' or it's headers. -- --gv ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Problem in 'packet-f5ethtrailer.c'
I'm surprised no one has come across this compile error yet: epan/dissectors/packet-f5ethtrailer.c(482): error C2143: syntax error: missing ';' before '.' epan/dissectors/packet-f5ethtrailer.c(485): error C2224: left of '.S_addr' must have struct/union type epan/dissectors/packet-f5ethtrailer.c(487): error C2224: left of '.S_addr' must have struct/union type (using MSVC-2019). Reason seems simple; has snuck in somehow and added the wellknown "#define s_addr S_un.S_addr" A simple fix is: --- a/epan/dissectors/packet-f5ethtrailer.c 2020-03-19 13:31:36 +++ b/epan/dissectors/packet-f5ethtrailer.c 2020-03-19 14:26:51 @@ -204,6 +204,7 @@ #include #define F5FILEINFOTAP_SRC #include "packet-f5ethtrailer.h" +#undef s_addr #undef F5FILEINFOTAP_SRC BTW. note the time-stamp on the 'a' file. How come it gets updated as soon as I do a 'git pull'? From a 'git log packet-f5ethtrailer.c', the last change was 19 days ago. -- --gv ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Where is the AirPcap channel button?
Hi list. I remember wireshark-qt in the old days had a button to change the 2.4GHz WiFi channel to capture on. But since some time, I fail to find on 'Preference' setting to get it enabled. Was it dropped? It seems the functions 'ws80211_set_freq()' and 'airpcap_if_set_device_channel()' should be used for this. But those are not called from any Qt *.cpp sources AFAICS. -- --gv ___ Sent via:Wireshark-dev mailing list Archives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems with \Device\NPF_ prefix
I wrote: In my recently built Tshark/Wireshark etc., I've discovered this longer works: tshark.exe -i \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} It says: Capturing on '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}' tshark: The capture session could not be initiated on interface '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}' (Error opening adapter: Operasjonen er utført. (0)). << == NO_ERROR !!?? But this works: tshark.exe -i {3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} It has been fixed by removing the Win10Pcap installation and reinstalling the trust old WinPcap. All back to normal. I had Win10Pcap and WinPcap installed at the same time. -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Problems with \Device\NPF_ prefix
In my recently built Tshark/Wireshark etc., I've discovered this longer works: tshark.exe -i \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} It says: Capturing on '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}' tshark: The capture session could not be initiated on interface '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}' (Error opening adapter: Operasjonen er utført. (0)). << == NO_ERROR !!?? But this works: tshark.exe -i {3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} (no "\Device" prefix) How come? I also tried with: tshark.exe -o console.log.level:252 -i \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} which splits out at the end some mysterious stuff: ... (tshark.exe:10360): Capture-DEBUG: argv[5]: 10360 (tshark.exe:10360): Capture-DEBUG: read 14 ok indicator: E len: 402 msg: E The 'msg: E' does show up with w/o the prefix? A dumpcap/pipe reading problem? Win-10, WinPcap 4.1.0.2980. -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems building register.c with older glib g_async_queue_timeout_pop()
João Valverde wrote: if (!g_file_get_contents(list, , NULL, NULL)) return; - for (arg = strtok(contents, " \n"); arg != NULL; arg = strtok(NULL, " \n")) { + for (arg = strtok(contents, " \r\n"); arg != NULL; arg = strtok(NULL, " \r\n")) { scan_file(arg, protos, handoffs); } g_free(contents); The newline was only being used on Unixes as the last character in a space-separated string (so that wasn't an issue) but now the token has been changed to newlines on all platforms and your reminder was helpful. Thanks. But now this has changed this into 'strtok(SEP)' i.e. "\r\n". Why not " \r\n" (Win32) and " \n" (else-where)? I don't see any files with spaces in them. And hope they will never show up... Since for some weird reason that response-file had some extra spaces (maybe a Cmake issue?). -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems building register.c with older glib g_async_queue_timeout_pop()
Anders Broman wrote: Problems building register.c with older glib g_async_queue_timeout_pop(). I don't know about this problem. But another problem is the "\r\n" newlines in a response-file given to make-dissectors.exe. Should IMHO be: --- a/epan/dissectors/make-dissectors.c 2017-11-23 12:01:27 +++ b/epan/dissectors/make-dissectors.c 2017-11-23 13:30:13 @@ -57,7 +57,7 @@ if (!g_file_get_contents(list, , NULL, NULL)) return; -for (arg = strtok(contents, " \n"); arg != NULL; arg = strtok(NULL, " \n")) { +for (arg = strtok(contents, " \r\n"); arg != NULL; arg = strtok(NULL, " \r\n")) { scan_file(arg, protos, handoffs); } g_free(contents); -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Master build fails without pcap
Dario Lombardo wrote: > The current master can't build if we disable PCAP in cmake. I can't be build if HAVE_EXTCAP is not defined either -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Devices in tshark versus dumpcap
I wrote: The is for sure a problem in how lines of text are generated in dumpcap.exe and how tshark is interpreting them. I'm not even sure the lines have "\r\n" terminations since from dumpcap.c: #ifdef _WIN32 /* set output pipe to binary mode, to avoid ugly text conversions */ _setmode(2, O_BINARY); And in capchild/capture_ifinfo.c: raw_list = g_strsplit(data, "\r\n", 0); That was the problem, Changing this into: raw_list = g_strsplit(data, "\n", 0); things work as normal! -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Devices in tshark versus dumpcap
I wrote: > The is for sure a problem in how lines of text are generated in dumpcap.exe > and how tshark is interpreting them. I'm not even sure the lines have > "\r\n" terminations since from dumpcap.c: > #ifdef _WIN32 > /* set output pipe to binary mode, to avoid ugly text conversions */ > _setmode(2, O_BINARY); > > And in capchild/capture_ifinfo.c: > raw_list = g_strsplit(data, "\r\n", 0); That was the problem, Changing this into: raw_list = g_strsplit(data, "\n", 0); things work as normal! -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Devices in tshark versus dumpcap
Graham Bloice wrote: Which branch though, master or master-2.2? 'master' it seems. But I tried to resolve the issue myself. First by trying w/o HAVE_EXTCAP (to exclude any problems with that). But that is impossible. E.g.: capture_sync.c(521): error C2039: 'extcap_fifo': is not a member of 'interface_options_tag' etc. etc. The is for sure a problem in how lines of text are generated in dumpcap.exe and how tshark is interpreting them. I'm not even sure the lines have "\r\n" terminations since from dumpcap.c: #ifdef _WIN32 /* set output pipe to binary mode, to avoid ugly text conversions */ _setmode(2, O_BINARY); And in capchild/capture_ifinfo.c: raw_list = g_strsplit(data, "\r\n", 0); Can you (or someone else) send the output of: tshark.exe -o console.log.level:252 -D So I can guess what's wrong here? -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Devices in tshark versus dumpcap
Graham Bloice wrote: Unsure whether this is related, but MSVC2015 support is regarded as "experimental". The official builds are still using VS2013. Really. MSVC-2015 is much better regarding C99 conformance etc. The above "read 21 indicator: S empty value" for me indicates a problem in the pipe I/O between tshark and dumpcap. No? Are you building the stable version or dev (2.2.x or 2.3x)? The one from a 'git clone https://code.wireshark.org/review/wireshark'. Should be the latest? -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Devices in tshark versus dumpcap
I'm on Win-10 and have now troubles sniffing on anything except BlueTooth! This is the list of interfaces I expect to get: dumpcap.exe -D 1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} (Bluetooth-nettverkstilkobling) 2. \Device\NPF_{F92984E3-5D40-4AD9-B054-41288EAE699F} (Wi-Fi 2) 3. \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} (Ethernet) 4. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00) But with "tshark.exe -D", I only get: 1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} (Bluetooth-nettverkstilkobling) I also tried with: set G_MESSAGES_DEBUG=all << no effect tshark.exe -o console.log.level:252 -D giving: Capture-Message: Capture Interface List ... (tshark.exe:8440): Capture-DEBUG: sync_interface_list_open Capture-INFO: sync_pipe_run_command() starts (tshark.exe:8440): Capture-DEBUG: argv[0]: F:\mingw32\src\inet\Wireshark\dumpcap.exe (tshark.exe:8440): Capture-DEBUG: argv[1]: -D (tshark.exe:8440): Capture-DEBUG: argv[2]: -Z (tshark.exe:8440): Capture-DEBUG: argv[3]: none (tshark.exe:8440): Capture-DEBUG: sync_pipe_open_command (tshark.exe:8440): Capture-DEBUG: read 21 indicator: S empty value (tshark.exe:8440): Capture-DEBUG: sync_pipe_wait_for_child: wait till child closed (tshark.exe:8440): Capture-DEBUG: sync_pipe_wait_for_child: capture child closed after 0.016s Capture-INFO: sync_pipe_run_command() ends, taking 0.328s, result=0 Capture-Message: Loading External Capture Interface List ... 1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} (Bluetooth-nettverkstilkobling) Note, this is with Wireshark compiled from Git by myself using MSVC-2015, 32-bit; A version + build-method that has worked well for years. But recently it's been misbehaving as shown above. Any hints? The above "read 21 indicator: S empty value" for me indicates a problem in the pipe I/O between tshark and dumpcap. No? -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Crash in epan/geoip_db.c
Guy Harris wrote: > They (MaxMind) might want to consider having a cleanup routine anyway, given > that 1) their code works > on Windows and 2) unless the GeoIP library and the code that calls it are > built with the same version > of MSVC, or the "universal CRT" or whatever it's called is being used, Bad > Things can happen if the code > that calls it frees stuff allocated by the library, as the allocation and > freeing will be done by > different versions of the C runtime library. AFAIK, one cannot use GeoIP as a .DLL. But a static lib is fine with me. BTW the Tor-project uses MaxMind's Geo-IP information via some CVS-files parsed at runtime: https://gitweb.torproject.org/tor.git/tree/src/or/geoip.c https://gitweb.torproject.org/tor.git/tree/src/config/geoip It's super-fast and something to consider for Wireshark too IMHO. I suspect the .mmdb files are more up-to-date than the .dat files. -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Crash in epan/geoip_db.c
Hi list. I got a crash in epan/geoip_db.c and MSVCRT:free(). Due to the use of g_free() at line 379: case GEOIP_ASNUM_EDITION: raw_val = GeoIP_name_by_ipnum(gi, addr); if (raw_val) { ret = db_val_to_utf_8(raw_val, gi); g_free((char*)raw_val); << line 379 } In my case, the 'raw_val' was not allocated by Glib, but by MSVC's CRT directly. So shouldn't these 'g_free()' really be 'free()'? Or is the "official" GeoIP-1.6.6-win32ws.zip built using Glib now? This works for me: --- a/epan/geoip_db.c 2017-02-21 20:23:21 +++ b/epan/geoip_db.c 2017-02-21 21:58:27 @@ -376,7 +376,7 @@ raw_val = GeoIP_name_by_ipnum(gi, addr); if (raw_val) { ret = db_val_to_utf_8(raw_val, gi); -g_free((char*)raw_val); +free((char*)raw_val); } break; @@ -507,7 +507,7 @@ raw_val = GeoIP_name_by_ipnum_v6(gi, gaddr); if (raw_val) { ret = db_val_to_utf_8(raw_val, gi); -g_free((char*)raw_val); +free((char*)raw_val); } break; -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] PPP capture
Yang Luo wrote: > AFAIK, Npcap/WinPcap works on the data link level and it sees the Ethernet > frames. In my understanding, VPN SSL (https) > or raw HTTP is just data of high-levels (IP packets) for Npcap/WinPcap. I > don't know if it's appropriate or viable for > Npcap/WinPcap to see this data. The original WinPcap can see such un-encrypted traffic if built with '-DHAVE_WANPACKET_API'. It worked very good for me for years when I used a VPN connection. In such case, the PP2TP/L2TP setup inside Windows provides a virtual adapter you can sniff on (but no transmit is allowed). But if the OP's Fortinet/Fortigate VPN works like the above, is another question. I bet it bypasses NDIS somehow. BTW Yang, do your NPcap (in Winpcap-mode?) support compiling with 'HAVE_WANPACKET_API' too? -- --gv ___ Sent via:Wireshark-dev mailing listArchives:https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Trunk Windows CMake builds are broken
Shanks, Graham (UK) graham.sha...@baesystems.com wrote: A better solution would be to move the local config.h into a subdirectory and then use the following: #include “subdir/config.h” Since several dependent packages could have a config.h in it's ./include dir, (shadowing for Wireshark's config.h), why not rename it and instead say: '#include ws_config.h'. I have hit this problem trying to build other programs. Compare this to e.g.: wsutil\ws_cpuid.h g:\mingw32\lib\gcc\mingw32\4.7.2\include\cpuid.h --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Trunk Windows CMake builds are broken
Guy Harris g...@alum.mit.edu wrote: Presumably autotools can be convinced to generate ws_config.h rather than config.h. I'm not a user of auto* tools, but I guess it's done with: - AC_CONFIG_HEADERS(config.h) +AC_CONFIG_HEADERS(ws_config.h) --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] [Patch] make-version.pl
The 'Editor modelines' at end of make-version.pl should not be printed. E.g. 'perl make-version.pl -h' prints this garbage at the end: ... Options can be used in any combination. If none are specified --set-svn is assumed. # # Editor modelines - http://www.wireshark.org/tools/modelines.html # # Local variables: # c-basic-offset: 8 # tab-width: 8 # indent-tabs-mode: t # End: # # vi: set shiftwidth=8 tabstop=8 noexpandtab: # :indentSize=8:tabSize=8:noTabs=false: # # - My Strawberry Perl (on Win-XP) doesn't convert Unix endings to DOS-endings here. Not sure if it should do that in this Pod-section? (I don't know Perl that well). Anyway, a '=cut' fixes this here: @@ -709,6 +709,8 @@ Options can be used in any combination. If none are specified B--set-svn is assumed. +=cut + # # Editor modelines - http://www.wireshark.org/tools/modelines.html # - --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] ui/qt/about_dialog.cpp
Why is main.cpp included in ui/qt/about_dialog.cpp like this: ... #include wireshark_application.h #include main.cpp #include wsutil/filesystem.h And then main.cpp is also present in qtshark.pro. This gives multiple defined symbols while linking. What's the idea behind this? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] tools/make-dissector-reg.py
I saw the recent change to 'tools/make-dissector-reg.py' to allow reading list of files from a file; the argument dissectorsinfile. I find this a bit awkward. Isn't it better to use the more familiar response-file syntax? So the command to generate register.c would be something like: @$(PYTHON) ../../tools/make-dissector-reg.py . dissectors \ @$(some_temp_file_with_all_dissectors_src) Not sure how to best produce this temp_file. But certainly not one file per line as the snippet: files = [line.rstrip() for line in dissector_f] indicates. 'dissector_f.read().split()' would be more robust I think. So what about this patch: --- orig/tools/make-dissector-reg.py2013-12-10 21:58:26 + +++ tools/make-dissector-reg.py 2013-12-11 13:00:59 + @@ -42,7 +42,7 @@ * Generated automatically from %s. */ % (sys.argv[0]) -elif registertype in (dissectors, dissectorsinfile): +elif registertype == dissectors: final_filename = register.c cache_filename = register-cache.pkl preamble = \ @@ -65,16 +65,18 @@ # # All subsequent arguments are the files to scan -# or the name of a file containing the files to scan +# or the name of a '@response-file' containing the files to scan # -if registertype == dissectorsinfile: +if sys.argv[3][0] == '@': +resp_file = sys.argv[3][1:] try: -dissector_f = open(sys.argv[3]) +file = open(resp_file) except IOError: -print((Unable to open input file '%s' % sys.argv[3])) +print((Unable to open response-file '%s' % resp_file)) sys.exit(1) - -files = [line.rstrip() for line in dissector_f] +files = file.read().split() +file.close() else: files = sys.argv[3:] -- BTW. You forgot a 'dissector_f.close()'. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] tools/make-dissector-reg.py
Graham Bloice graham.blo...@trihedral.com wrote: and maybe due to my CMake ineptness it turned out to be one file per line. How fast will CMake generate such a temp-file? There are approx 1100 packet-*.c files. I figured this macro does it: MACRO(REGISTER_DISSECTOR_FILES _outputfile _registertype ) if(${_registertype} STREQUAL dissectors ) set( _makeregistertype dissectorsinfile ) set( _ftmp ${CMAKE_CURRENT_BINARY_DIR}/_regc.tmp ) set( _depends ${ARGN} ) file(REMOVE ${_ftmp}) foreach(f ${_depends}) file(APPEND ${_ftmp} ${f}\n) endforeach() So, unless you're interested in CMake builds for Visual Studio, you can effectively ignore the changes to make-dissector-reg, but if you feel the need to improve it, then the CMake will have to be fixed at the same time. Sorry, I don't do CMake. It's a big mystery to me. I seldom get it to work here. But GNU-make rocks even for MSVC projects. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Make gtk3 default (over gtk2)?
Bálint Réczey bal...@balintreczey.hu wrote: how about making gtk3 the default over gtk2 when building Wireshark? Just to be clear: I only want to reverse the build defaults between gtk2 and 3. Hopefully it will get much more testing that way, so it is up to prime time for the next release? I fully support the idea. The official Debian packages in unstable and testing already use GTK3. There doesn't seems to be an Windows installer for a GTK3+ Bundle yet. But I found a static dev-package of GTK3+ (MingW). And toying a bit with the new HTML5 features and the broadway deamon seems pretty cool. Seems this stuff one day would make it possible to run Wireshark as a web-app. Pretty amazing if true. Ref: http://www.tarnyko.net/en/?q=node/34 http://www.tarnyko.net/repo/gtk3_build_system/gtk+-bundle_3.8.2-20130606_win32-PRE1.zip --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] long options again
Brandon Carpenter hashs...@pnnl.gov wrote: I have to say that I dislike getopt() and getopt_long() for option parsing because of the disconnect between the options and the help. It creates multiple places that require updating when options change and quite often, one of those places is forgotten. Agreed. That's why tools like gengetopt has been developed. This tool will generate the getopt_long() C-source + the help-text from a .ggo file specifying the program args. Ref.: http://www.gnu.org/software/gengetopt/gengetopt.html --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Problems building easy_codec.dll
I'm having a problem compiling the *non* generated easy_codec_plugin.c. The message from MSVC is: error C2491: 'version' : definition of dllimport data not allowed for the line: WS_DLL_PUBLIC_NOEXTERN const gchar version[] = 0.0.1; The preprocessed output becomes: __declspec(dllimport) const gchar version[] = 0.0.1; So no wonder MSVC is complaining. Looking at the various Makefile.common under plugins, I see only a: NONGENERATED_C_FILES = \ easy_codec_plugin.c \ in plugins\easy_codec\Makefile.common. Has this fallen behind? Anyway, this patch fixes it for me: --- SVN-Latest\plugins\easy_codec\easy_codec_plugin.c Mon Mar 04 17:52:26 2013 +++ plugins\easy_codec\easy_codec_plugin.c Fri Mar 15 11:35:08 2013 @@ -25,6 +25,9 @@ #ifndef ENABLE_STATIC #include config.h + +/* plugins are DLLs */ +#define WS_BUILD_DLL #include gmodule.h #include epan/codecs.h The same 'WS_BUILD_DLL' is put in e.g. the *generated* plugins\wimaxasncp\wimaxasncp_plugin.c. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Simpifying exporting DLL symbols
Bálint Réczey bal...@balintreczey.hu wrote: I have created the attached patch to control symbol visibility using C defines instead of .def and .sym files. It is expected to work on every platform and every build system we support, but I did not want to commit it without discussing the direction. Nice, but why not use nicer indenting to make it more readable? And what about foreign programs that would like to use e.g. libwireshark code as a static lib? ws_symbol_export.h should IMHO account for this. Something like: #if (defined (_WIN32) || defined (__CYGWIN__)) !defined(WS_STATIC_LIB) #ifdef WS_BUILD_DLL #ifdef __GNUC__ #define WS_DLL_PUBLIC __attribute__ ((dllexport)) #else #define WS_DLL_PUBLIC __declspec(dllexport) // Note: actually gcc seems to also support this syntax. #endif .. There is some interest out there to use libwireshark outside *shark programs: http://stackoverflow.com/questions/10308127/using-libwireshark-to-get-wireshark-functionality-programatically The old Packetyzer 5.0 also uses ethereal libs. See: http://sourceforge.net/projects/packetyzer/ --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] new dissector - dynamic value string table?
Max Baker m...@warped.org wrote: I've created a new dissector for USB PTP (http://en.wikipedia.org/wiki/Picture_Transfer_Protocol) . This is the protocol most digital cameras speak over USB. I've gotten far enough to do the basic dissection, and I'm pretty stoked on the results! Just a side-question. Anybody have any experience on USB-snooping on Windows? Is it possible at all? The page http://wiki.wireshark.org/CaptureSetup/USB describes how it's done under Linux. This page http://benoit.papillault.free.fr/usbsnoop/ describes it for Win, but the project seems abandoned. It would be cool it add usb-sniffing to libpcap or Wireshark itself. Ref. airpcap. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems in capture_win_ifnames.c
Guy Harris g...@alum.mit.edu wrote: Checked in (with the checks and #defines moved up a little earlier). Thanks. Works fine now. But I'm curious about why this: #if 0 /* XXX: including config.h causes compilation errors; TBD: why */ #include config.h is needed. config.h should be able to live up there. No? And since the capture_win_ifnames.c code needs WS2, this: #include windows.h #include winsock2.h should be: #include winsock2.h #include windows.h incase someone forgot to add _WIN32_LEAN_AND_MEAN (which includes winsock.h by default). --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Problems in capture_win_ifnames.c
The code in capture_win_ifnames.c assume there's always a GUID in the ifname. Not so here. From my 'tcpdump -D': 1: \\.\airpcap00 2: \Device\NPF_GenericDialupAdapter 3: \Device\NPF_{7F56352E-EF2F-49F4-844C-BA1FA0105667} 4: \Device\NPF_{8D3A23A7-9C6C-408B-A23B-6736F9E56510} 5: \Device\NPF_{37FC13D9-2F52-47CA-AB64-32B2B434C749} 6: \Device\NPF_{75451EE7-5145-471A-BAF5-124BE8439D10} So a dumpcap.exe -L complains: Failed the extract guid from interface devicename, unicode convert result=14, guid input ='\\.\airpcap00', LastErrorCode=0x. Failed the extract guid from interface devicename, unicode convert result=21, guid input ='GenericDialupAdapter', LastErrorCode=0x. ... Besides the code seems to need a Vista SDK since 'NETIO_STATUS' here (Win-XP SP3) is only defined in netioapi.h. Which is not included AFAICS. Verified by cl -showIncludes. A small fix: --- SVN-Latest\capture_win_ifnames.cThu Nov 22 01:56:25 2012 +++ capture_win_ifnames.c Thu Nov 22 18:16:21 2012 @@ -48,6 +48,14 @@ #include capture_ifinfo.h #include capture_win_ifnames.h #include wsutil/file_util.h + +#ifndef NDIS_IF_MAX_STRING_SIZE +#define NDIS_IF_MAX_STRING_SIZE IF_MAX_STRING_SIZE /* =256 in ifdef.h */ +#endif + +#ifndef NETIO_STATUS +#define NETIO_STATUS DWORD +#endif /* Link with ole32.lib - provides CLSIDFromString() to convert guid text to a GUID */ #pragma comment(lib, ole32.lib) --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Problems in capture_win_ifnames.c
Gisle Vanem gva...@broadpark.no wrote: The code in capture_win_ifnames.c assume there's always a GUID in the ifname. Not so here. From my 'tcpdump -D': I saw the changes of capture_win_ifnames.c in SVN regarding the missing GUID. But the g_log() error-text is still messing things up: tshark.exe -D 1. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00) 2. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture) ... tshark.exe -i 2 Capturing on 'Adapter for generic dialup and VPN capture' tshark: Unknown message from dumpcap, try to show it as a string: Failed the extract guid from interface devicename, unicode convert result=14, guid input ='\\.\airpcap00', LastErrorCode=0x. Failed the extract guid from interface devicename, unicode convert result=21, guid input ='GenericDialupAdapter', LastErrorCode=0x. Can this text go somewhere else? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Huge command-line in tools/make-dissector-reg.py
I'm running into problems with the huge command-line passed to my shell in generating register.c (I'm using a home-made build-system for the MSVC version of Wireshark ... based on Mingw-make/Msys sh). So can you please accept this patch to use a response-file in tools/make-dissector-reg.py? --- SVN-Latest\tools\make-dissector-reg.py 2012-09-25 10:22:34.37500 +0200 +++ tools\make-dissector-reg.py 2012-10-16 13:39:18.65625 +0200 @@ -63,9 +63,17 @@ # -# All subsequent arguments are the files to scan. +# If last arg is '@resp_file', read the list of files +# from this response-file. Otherwise +# all subsequent arguments are the files to scan. # -files = sys.argv[3:] +if sys.argv[3][0] == '@': + resp_file = sys.argv[3][1:] + print (Reading response file: %s % resp_file) + file = open(resp_file,'r') + files = file.read().split() +else: + files = sys.argv[3:] # Create the proper list of filenames filenames = [] --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] wsutil/unicode-utils.c
utf_8to16() and utf_16to8() uses indices from 0 to 3. So there should be 4 buffers for length and data. No? --- SVN-Latest\wsutil\unicode-utils.c 2012-07-05 19:01:54.078125000 +0200 +++ wsutil\unicode-utils.c 2012-10-02 15:00:36.65625 +0200 @@ -52,8 +52,8 @@ wchar_t * utf_8to16(const char *utf8str) { - static wchar_t *utf16buf[3]; - static int utf16buf_len[3]; + static wchar_t *utf16buf[4]; + static int utf16buf_len[4]; static int idx; if (utf8str == NULL) @@ -107,8 +107,8 @@ gchar * utf_16to8(const wchar_t *utf16str) { - static gchar *utf8buf[3]; - static int utf8buf_len[3]; + static gchar *utf8buf[4]; + static int utf8buf_len[4]; static int idx; if (utf16str == NULL) --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] wsutil/unicode-utils.c
Jakub Zawadzki darkjames...@darkjames.pl wrote: On Tue, Oct 02, 2012 at 03:02:11PM +0200, Gisle Vanem wrote: utf_8to16() and utf_16to8() uses indices from 0 to 3. Nope, from 0 to 2. Bummer! Long time since I used the 'mod' operator. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] TPG tool files
The files in tools/tpg seems to have DOS/Win line-endings (CR-LF). This doesn't work well with the Cygwin compiled perl I have here. Could you pass them through dos2unix before adding to svn? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] TPG tool files
Jeff Morriss jeff.morriss...@gmail.com wrote: Gisle Vanem wrote: The files in tools/tpg seems to have DOS/Win line-endings (CR-LF). This doesn't work well with the Cygwin compiled perl I have here. Could you pass them through dos2unix before adding to svn? Those files all have svn:eol-style set to 'native' (like most of the rest of Wireshark) which means they should have, well, native line endings. I forget exactly what that means in the Cygwin world though... It is LF by default unless one messes with /etc/fstab. I tried putting this in my %HOME\Subversion\config: enable-auto-props = yes ... [auto-props] ... *.pl = svn:eol-style=lf *.yp = svn:eol-style=lf But it only has effect on newly added or imported files. I'll think I have to add some dos2unix calls in my 'svn update' script. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] TPG tool files
Guy Harris g...@alum.mit.edu wrote: found a bunch of stuff about problems with Perl scripts processing text files, and some stuff about problems with *bash* handling shell scripts with CR-LF line endings, but nothing specifically about Perl. Thank for the CygWin info Guy. Yap is a Perl script. So problems with Perl scripts processing text files AFAICS apply here since tpg.yp is a text file with CRLF endings. I'll check the Cygwin '/etc/mount' options more closely. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Patch: epan/stats_tree_priv.h
The implementation of 'stats_tree_get_cfg_by_abbr()' takes a 'const char *', so why shouldn't the prototype do the same? --- SVN-Latest\epan\stats_tree_priv.h Thu Feb 23 01:51:50 2012 +++ epan\stats_tree_priv.h Thu May 31 13:08:15 2012 @@ -179,7 +179,7 @@ extern gchar *stats_tree_get_abbr(const gchar *optarg); /** obtains a stats tree from the registry given its abbr */ -extern stats_tree_cfg *stats_tree_get_cfg_by_abbr(gchar *abbr); +extern stats_tree_cfg *stats_tree_get_cfg_by_abbr(const char *abbr); /** extracts node data as strings from a stat_node into the buffers given by value, rate and precent --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Patch: epan/stats_tree_priv.h
Jakub Zawadzki darkjames...@darkjames.pl wrote: Hi, On Thu, May 31, 2012 at 09:13:50PM +0200, Gisle Vanem wrote: The implementation of 'stats_tree_get_cfg_by_abbr()' takes a 'const char *', so why shouldn't the prototype do the same? Really? Looking at code it's without const: http://code.wireshark.org/git/?p=wireshark;a=blob;f=epan/stats_tree.c;h=7344cf6091ab18664e64f7d11874f67004a11216;hb=HEAD#l359 Strange. Did a fresh 'svn checkout' and I see you're right. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] PCH in packet-nbap-template.c
asn1/nbap/packet-nbap-template.c now introduces an enum value 'PCH' that clashes with 'PCH' in WinNT.h. According to: http://anonsvn.wireshark.org/viewvc/trunk/asn1/nbap/packet-nbap-template.c?r1=42779r2=42783 The change happened at May 22 15:39:12. Could that be renamed to '_PCH'? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Linking reassemble_test.exe
Isn't reassemble_test.exe among the targets on Windows? (or any OS; I dont understand the 'EXTRA_DIST' stuff in epan/Makefile.am). Can't seems to make it link because of a missing export of 'proto_registrar_get_name' in epan/libwireshark.def. Hence, I think patch should fix it: --- SVN-Latest\epan\libwireshark.defTue May 15 00:17:00 2012 +++ epan\libwireshark.def Wed May 16 17:27:51 2012 @@ -801,6 +801,7 @@ proto_registrar_dump_ftypes proto_registrar_get_ftype proto_registrar_get_byname +proto_registrar_get_name proto_registrar_get_nth proto_registrar_get_parent proto_registrar_get_abbrev And now reasseble_test.exe works too: Starting test test_simple_fragment_add_seq Starting test test_fragment_add_seq_partial_reassembly Starting test test_fragment_add_seq_duplicate_first Starting test test_fragment_add_seq_duplicate_middle Starting test test_fragment_add_seq_duplicate_last Starting test test_fragment_add_seq_duplicate_conflict Starting test test_fragment_add_dcerpc_dg Starting test test_fragment_add_seq_check Starting test test_fragment_add_seq_check_1 Starting test test_fragment_add_seq_802_11_0 Starting test test_fragment_add_seq_802_11_1 Starting test test_simple_fragment_add_seq_next Starting test test_missing_data_fragment_add_seq_next Starting test test_missing_data_fragment_add_seq_next_2 Starting test test_missing_data_fragment_add_seq_next_3 SUCCESS --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Linking reassemble_test.exe
Jeff Morriss jeff.morriss...@gmail.com wrote: Hmmm, reassemble_test doesn't use that symbol directly, it's used within libwireshark, so technically I don't think it should need to be exported. Ops, you're right. Somehow my $(REASSEMBLE_TEST_OBJ) included reassemble.obj etc. Hence the link failure. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Crash in airpcap_ui_dlg.c
When I did this: 1. Open menu 'Capture | Interfaces' and select 'Options | Manage Interfaces'. 2. Click 'Local Interfaces' with the intention to hide the interface 'MS Tunnel interface driver', I got a crash at airpcap_channel_offset_changed_cb(). I'm not sure how the right way (TM) of hiding an interface is supposed to work. But this is the offending snippet: void airpcap_channel_offset_changed_cb(GtkWidget *channel_offset_cb, gpointer data _U_) { !! airpcap_if_selected-channelInfo.ExtChannel = airpcap_get_selected_channel_offset(channel_offset_cb); airpcap_if_selected-saved = FALSE; WinDbg shows 'airpcap_if_selected' is NULL. W/o knowing why, this patch fixed it for me: --- SVN-Latest\ui\gtk\airpcap_gui_utils.c Fri Apr 20 18:02:07 2012 +++ ui\gtk\airpcap_gui_utils.c Wed May 16 22:37:02 2012 @@ -556,6 +556,9 @@ void airpcap_channel_offset_changed_cb(GtkWidget *channel_offset_cb, gpointer data _U_) { + if (!airpcap_if_selected) + return; + airpcap_if_selected-channelInfo.ExtChannel = airpcap_get_selected_channel_offset(channel_offset_cb); airpcap_if_selected-saved = FALSE; change_airpcap_settings = TRUE; These are my ifaces: G:\MingW32\src\inet\Wiresharktshark.exe -D 1. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00) 2. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture) 3. \Device\NPF_{7F56352E-EF2F-49F4-844C-BA1FA0105667} (MS Tunnel Interface Driver) 4. \Device\NPF_{8D3A23A7-9C6C-408B-A23B-6736F9E56510} (Realtek 10/100/1000 Ethernet NIC ) 5. \Device\NPF_{37FC13D9-2F52-47CA-AB64-32B2B434C749} (Realtek RTL8187 Wireless LAN USB NIC ) 6. \Device\NPF_{75451EE7-5145-471A-BAF5-124BE8439D10} (WAN (PPP/SLIP) Interface) --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Unable to build Wireshark v1.6.7
Rajesh P S rajeshnie...@gmail.com wrote: It says that it is not able to find ps.c file. Suggest some fix for it? Maybe you don't have Python installed? It is required to build ps.c. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Python error: execvp: bad file number
I hit a problem with the Python generation of epan/dissectors/register.c. The message from my python (v. 2.7.2) at this stage was: .. execvp: python: Bad file number after reading the docs on '_execvp' [1] at MSDN, I suspect this error is related to the very long command-line given to python to generate the file register.c. The MSDN article specifies that the size of the command- line *and* the environment cannot exceed 32 Kbytes. This seems to be the case here. My environment size is (when python starts), almost 12 kB. And the size of the command-line here is approx. 32kB. Hence, if I understand this correctly, the 'errno' value (inside python's CRT or the CRT it uses) is set to 'E2BIG'. And 'strerror(E2BIG)' maps to bad file number. But I fail to see which C-runtime returns this specific text. A quick test shows that my MSVCRT.DLL, MSVCR90.DLL etc. (and all previous versions) has a 'strerror(E2BIG)' that returns arg list too long. So is it possible that my python uses another 'strerror()' or uses a custom version?. I'm confused. A fix for me is to disable use of Python for this. I.e. comment away PYTHON in config.nmake. Has anyone else seen a problem like this? I use python version 2.7.2 in Win-XP SP3. [1] http://msdn.microsoft.com/en-us/library/3xw6zy53.aspx --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Python error: execvp: bad file number
Graham Bloice graham.blo...@trihedral.com wrote: I built on the same platform just a few minutes ago (from trunk r41048) and register.c was fine. I'm using python 2.7.1 though. How are you determining your environment size? I'm sure the is a function for this, but I approximated by a set foo, counting the lines (wc -c foo). Isn't each env-var separated by a 0 in a block somewhere? Hence env-size ~= size of foo - lines in foo. (since each line has a '\r\n' termination). --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Generated ui/qt files
Generated files in ui/qt should perhaps not be put in the SVN repo. This one is there now: ui\qt\qrc_toolbar.cpp --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] [Wireshark-commits] rev 40321: /trunk/ /trunk/epan/: base64.h epan.h epan_dissect.h ex-opt.h prefs.h strutil.h timestamp.h tvbuff.h /trunk/gtk/: recent.h /trunk/: airpcap_loader.h
Gerald Combs ger...@wireshark.org wrote: Checked in in r40378. At the present time you must compile the main sources using CMake, then compile the Qt code using Qt Creator. More information can be found in doc/README.qt. I've built Qt-GUI using MSVC2010. Looks rather simple now, but good job! Only offline capture works for me now. See: http://home.broadpark.no/~gvanem/misc/wireshark-qt.png But, the LFLAGS in the generated makefile contains a '-subsystem:windows'. (so I guess main() is defined in qtmain.lib?). This causes wireshark -h to output nothing. Do we need to use the create-console-kludge as in gtk/main.c still? Using '-subsystem:console' works for me. Is there an option to insert this into QtShark.pro? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Crashes while Airpcap sniffing
There are some places in the ./gtk sources that causes a crash while sniffing on a AirPcap adapter. I don't know why; maybe most code assumes the captured frames contain network layer packets. Since my Airpcap (\\.\airpcap00 on Win-XP) only gives me IEEE 802.11 radio frames, I can only speculate. I.e. here is one situation in gtk/stats_tree_stat.c: void gtk_stats_tree_cb(GtkAction *action, gpointer user_data _U_) { ... cfg = stats_tree_get_cfg_by_abbr(abbr); if(cfg){ tap_param_dlg_cb(action, cfg-pr-stat_dlg); Pressing the menu Statistics | Sametime | Messages while sniffing on AirPcap ... kaboom! Since cfg != NULL, but cgf-pr == NULL. What's the story here? A simple patch: --- SVN-Latest\gtk\stats_tree_stat.cMon Oct 31 11:17:42 2011 +++ gtk\stats_tree_stat.c Mon Jan 02 16:11:12 2012 @@ -389,7 +389,7 @@ abbr = g_strdup_printf(%s,action_name); } cfg = stats_tree_get_cfg_by_abbr(abbr); - if(cfg){ + if(cfg cfg-pr){ tap_param_dlg_cb(action, cfg-pr-stat_dlg); }else{ simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, But it would be nicer if that menu would be greyed out. But I have no idea on how to do it myself. There are also this situation (which I can get back to): when getting an unexpected Information Element ID, the function capture_if_details_802_11_bssid_list() tries to hex-dump a buffer and reading beyond the buffer returned by wpcap_packet_request(). Kaboom again. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] How can I use the dissector of wireshark in my program?
homeryan homer...@live.cn wrote: I am a student from China, one of my homework is developing a simple network analyzer act just like wireshark. I decided to develop GUI interface and module of packets capture. But the part of dissector is too complex for me to complish, so, how can I invoke or use the dissector included in wireshark directly? Is there any interface and docs exist? Thanks, your help will be great appreciated. There is/was a GPL project called Packetyzer that did use the dissectors from Wireshark (then called Ethereal, i.e. it linked to libethereal.dll). But the project seems dead and it seems to be written in both C++ and Delphi (!). Haven't taken a closer look. There are still some install files and sources at SourgeForge from that project. The GUI looks very nice and fast. Sources: http://packetyzer.cvs.sourceforge.net/viewvc/packetyzer/packetyzer/ Click Download GNU tarball and get the .tar.gz file. The mainpage is at: http://sourceforge.net/projects/packetyzer/ --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] packet-rlc.c problems
Chris Maynard chris.mayn...@gtech.com wrote: Should be fixed in r39865. Hopefully the names I've chosen are sensible enough. Ok, good. Similar problem with packet-spice.c; epan/dissectors/packet-spice.c(588) : error C2371: 'POINT' : redefinition; different basic types g:\VC_2010\SDK\include\windef.h(343) : see declaration of 'POINT'. So I suggest we rename 'POINT*' to 'SPICE_POINT*'. Attached 'svn diff packet-spice.c'. --gv Index: packet-spice.c === --- packet-spice.c (revision 39879) +++ packet-spice.c (working copy) @@ -585,16 +585,16 @@ typedef struct { gint32 x; gint32 y; -} POINT; +} SPICE_POINT; -#define sizeof_POINT 8 +#define sizeof_SPICE_POINT 8 typedef struct { gint16 x; gint16 y; -} POINT16; +} SPICE_POINT16; -#define sizeof_POINT16 4 +#define sizeof_SPICE_POINT16 4 #defineSPICE_BRUSH_TYPE_NONE 0 #defineSPICE_BRUSH_TYPE_SOLID 1 @@ -609,7 +609,7 @@ typedef struct { guint64 image; -POINT position; +SPICE_POINT position; } Pattern; #define sizeof_Pattern 16 @@ -631,7 +631,7 @@ typedef struct { guint8 flags; -POINT position; +SPICE_POINT position; guint32 bitmap; } Mask; @@ -1532,18 +1532,18 @@ return type; } -static POINT +static SPICE_POINT dissect_POINT(tvbuff_t *tvb, proto_tree *tree, const guint32 offset) { proto_item *ti=NULL; proto_tree *point_tree; -POINT point; +SPICE_POINT point; point.x = tvb_get_letohl(tvb, offset); point.y = tvb_get_letohl(tvb, offset + 4); if (tree) { -ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT, POINT (%u, %u), point.x, point.y); +ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT, POINT (%u, %u), point.x, point.y); point_tree = proto_item_add_subtree(ti, ett_point); proto_tree_add_text(point_tree, tvb, offset, 4, x: %u, point.x); @@ -1553,18 +1553,18 @@ return point; } -static POINT16 +static SPICE_POINT16 dissect_POINT16(tvbuff_t *tvb, proto_tree *tree, const guint32 offset) { proto_item *ti=NULL; proto_tree *point16_tree; -POINT16 point16; +SPICE_POINT16 point16; point16.x = tvb_get_letohs(tvb, offset); point16.y = tvb_get_letohs(tvb, offset + 2); if (tree) { -ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT16, POINT16 (%u, %u), point16.x, point16.y); +ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT16, POINT16 (%u, %u), point16.x, point16.y); point16_tree = proto_item_add_subtree(ti, ett_point16); proto_tree_add_text(point16_tree, tvb, offset, 2, x: %u, point16.x); @@ -1587,7 +1587,7 @@ proto_tree_add_item(Mask_tree, hf_Mask_flag, tvb, offset, 1, ENC_LITTLE_ENDIAN); offset += 1; dissect_POINT(tvb, Mask_tree, offset); -offset += sizeof_POINT; +offset += sizeof_SPICE_POINT; bitmap = tvb_get_letohl(tvb, offset); proto_tree_add_item(Mask_tree, hf_Mask_bitmap, tvb, offset, 4, ENC_LITTLE_ENDIAN); offset += 4; @@ -1938,7 +1938,7 @@ displayBaseLen = dissect_DisplayBase(tvb, tree, offset); offset += displayBaseLen; dissect_POINT(tvb, tree, offset); -offset += sizeof_POINT; +offset += sizeof_SPICE_POINT; break; case SPICE_DISPLAY_DRAW_WHITENESS: displayBaseLen = dissect_DisplayBase(tvb, tree, offset); @@ -2153,7 +2153,7 @@ switch(message_type) { case SPICE_CURSOR_INIT: dissect_POINT16(tvb, tree, offset); -offset += sizeof_POINT16; +offset += sizeof_SPICE_POINT16; proto_tree_add_item(tree, hf_cursor_trail_len, tvb, offset, 2, ENC_LITTLE_ENDIAN); offset += 2; proto_tree_add_item(tree, hf_cursor_trail_freq, tvb, offset, 2, ENC_LITTLE_ENDIAN); @@ -2168,14 +2168,14 @@ break; case SPICE_CURSOR_SET: dissect_POINT16(tvb, tree, offset); -offset += sizeof_POINT16; +offset += sizeof_SPICE_POINT16; offset +=1; /*TODO flags */ RedCursorSize = dissect_RedCursor(tvb, tree, offset); offset += RedCursorSize; break; case SPICE_CURSOR_MOVE: dissect_POINT16(tvb, tree, offset); -offset += sizeof_POINT16; +offset += sizeof_SPICE_POINT16; break; case SPICE_CURSOR_HIDE: proto_tree_add_text(tree, tvb, offset, 0, CURSOR_HIDE message); @@ -2430,20 +2430,20 @@ offset += 2; break; case SPICEC_INPUTS_MOUSE_POSITION: -ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT + 3, Client MOUSE_POSITION message); +ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT + 3, Client MOUSE_POSITION message); inputs_tree = proto_item_add_subtree(ti, ett_inputs_client); dissect_POINT(tvb,
[Wireshark-dev] packet-rlc.c problems
Just a FYI: epan/dissectors/packet-rlc.c(113) : error C2365: 'PCCH' : redefinition; previous definition was 'typedef' g:\VC_2010\SDK\include\winnt.h(419) : see declaration of 'PCCH' epan/dissectors/packet-rlc.c(113) : error C2086: 'channel_type PCCH' : redefinition epan/dissectors/packet-rlc.c(113) : see declaration of 'PCCH' epan/dissectors/packet-rlc.c(902) : error C2275: 'PCCH' : illegal use of this type as an expression g:\VC_2010\SDK\include\winnt.h(419) : see declaration of 'PCCH' epan/dissectors/packet-rlc.c(902) : error C2046: illegal case epan/dissectors/packet-rlc.c(1628) : error C2143: syntax error : missing ')' before 'type' epan/dissectors/packet-rlc.c(1628) : error C2198: 'dissect_rlc_tm' : too few arguments for call epan/dissectors/packet-rlc.c(1628) : error C2059: syntax error : ')' Can we rename 'PCCH' to something more sensible? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] AthTek NetWalk
Guy Harris g...@alum.mit.edu wrote: Is there an MSVC tool to look find out what DLLs an executable uses? (I.e., the equivalent of, say, ldd on many systems using ELF, or otool on Mac OS X.) cygcheck from the CygWin package. Running it on AthTek's version of wireshark reveals this. G:\internet\sniffer\AthTek-NetWalk\wiresharkcygcheck wireshark.exe Found: ./\wireshark.exe ./\wireshark.exe .\libglib-2.0-0.dll f:\windows\system32\ADVAPI32.DLL f:\windows\system32\KERNEL32.dll f:\windows\system32\ntdll.dll f:\windows\system32\RPCRT4.dll f:\windows\system32\Secur32.dll f:\windows\system32\msvcrt.dll f:\windows\system32\OLE32.dll f:\windows\system32\GDI32.dll f:\windows\system32\USER32.dll f:\windows\system32\SHELL32.DLL f:\windows\system32\SHLWAPI.dll f:\windows\system32\WS2_32.DLL f:\windows\system32\WS2HELP.dll .\libgthread-2.0-0.dll .\libwireshark.dll .\libgmodule-2.0-0.dll .\libcares-2.dll .\zlib1.dll .\MSVCR90.dll .\libgcrypt-11.dll .\libgpg-error-0.dll .\libgnutls-26.dll .\libtasn1-3.dll .\smi.dll .\libwsutil.dll .\krb5_32.dll .\comerr32.dll .\k5sprt32.dll .\lua5.1.dll .\wiretap-0.3.1.dll .\MSVCP90.dll But I failed to get AthTek to work; it didn't capture a single byte on any interface I tried it on. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] _STAT_H in epan/stat_cmd_args.h
The header-guard '_STAT_H_' in epan/stat_cmd_args.h clashes with the header-guard in MingW's sys/stat.h. Hence the protype for 'register_stat_cmd_arg()' isn't seen when sys/stat.h is included first. Would you please rename the guard like this: --- epan\stat_cmd_args.hTue Jun 24 06:44:59 2008 +++ SVN-Latest\epan\stat_cmd_args.h Tue Aug 23 15:07:31 2011 @@ -23,8 +23,8 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -#ifndef _STAT_H_ -#define _STAT_H_ +#ifndef _STAT_CMD_ARGS_H_ +#define _STAT_CMD_ARGS_H_ extern void register_stat_cmd_arg(const char *cmd, void (*func)(const char *arg,void* userdata), void* userdata); --- --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Crash in gtk_stats_tree_cb()
When right after statup and before I choose any interface, I get a crash when I enter the Statistics | Packet Lengths.. menu. From WinDbg: wireshark!gtk_stats_tree_cb(struct _GtkAction * action = 0x63a57e95, void * user_data = 0x03fb63f0)+0x44 WARNING: Stack unwind information not available. Following frames may be wrong. libgobject_2_0_0!g_closure_invoke+0x115 libgobject_2_0_0!g_signal_has_handler_pending+0xf45 libgobject_2_0_0!g_signal_emit_valist+0x7b1 libgobject_2_0_0!g_signal_emit+0x26 ... Looks like the offending line is: cfg = stats_tree_get_cfg_by_abbr(abbr); if(cfg){ tap_param_dlg_cb(action, cfg-pr-stat_dlg); !! }else{ simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, Failed to find the stat tree named %s, abbr); I.e. 'cfg' is != NULL, but 'cfg-pr' is. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] gtk/capture_dlg.h
Building w/o HAVE_PCAP_REMOTE or HAVE_PCAP_SETSAMPLING, I got this error from MSVC: file_dlg_win32.c G:\MingW32\src\inet\Wireshark\gtk\capture_dlg.h(58) : error C2016: C requires that a struct or union has at least one member Can be solved by adding a dummy value: --- SVN-Latest\gtk\capture_dlg.hWed Aug 17 17:16:30 2011 +++ gtk\capture_dlg.h Wed Aug 17 22:28:27 2011 @@ -55,6 +55,7 @@ capture_sampling sampling_method; int sampling_param; #endif + int dummy; } remote_options; -- --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] [Patch] wsutil/privileges.c
init_process_policies() has this: typedef BOOL (*SetProcessDEPPolicyHandler)(DWORD); Surely the function must be WINAPI? According to: http://msdn.microsoft.com/en-us/library/bb736299(v=vs.85).aspx anyway. So, here is a patch. Besides I've rewritten the assignment and if-test: --- SVN-Latest\wsutil\privileges.c Mon Feb 21 19:33:10 2011 +++ wsutil\privileges.c Wed Aug 17 17:25:16 2011 @@ -48,7 +48,7 @@ init_process_policies(void) { HMODULE kernel32Handle; - typedef BOOL (*SetProcessDEPPolicyHandler)(DWORD); + typedef BOOL (WINAPI *SetProcessDEPPolicyHandler)(DWORD); SetProcessDEPPolicyHandler PSetProcessDEPPolicy; #ifndef PROCESS_DEP_ENABLE @@ -70,7 +70,8 @@ */ kernel32Handle = GetModuleHandle(_T(kernel32.dll)); if (kernel32Handle != NULL) { - if (PSetProcessDEPPolicy = (SetProcessDEPPolicyHandler) GetProcAddress(kernel32Handle, SetProcessDEPPolicy)) { + PSetProcessDEPPolicy = (SetProcessDEPPolicyHandler) GetProcAddress(kernel32Handle, SetProcessDEPPolicy); + if (PSetProcessDEPPolicy) { PSetProcessDEPPolicy(PROCESS_DEP_ENABLE); } } --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] [Patch] wsutil/file_util.c
Here is another patch for a missing WINAPI: --- SVN-Latest\wsutil\file_util.c Mon Jul 18 21:40:32 2011 +++ wsutil\file_util.c Wed Aug 17 21:36:27 2011 @@ -487,10 +487,11 @@ gboolean dll_dir_set = FALSE; wchar_t *program_path_w; - typedef BOOL (*SetDllDirectoryHandler)(LPCTSTR); + typedef BOOL (WINAPI *SetDllDirectoryHandler)(LPCTSTR); SetDllDirectoryHandler PSetDllDirectory; - if (PSetDllDirectory = (SetDllDirectoryHandler) GetProcAddress(GetModuleHandle(_T(kernel32.dll)), SetDllDirectoryW)) { + PSetDllDirectory = (SetDllDirectoryHandler) GetProcAddress(GetModuleHandle(_T(kernel32.dll)), SetDllDirectoryW); + if (PSetDllDirectory) { dll_dir_set = PSetDllDirectory(_T()); } - --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Crash in gtk/conversations_table.c
While clicking inside the Statistics | Conversations window (blank window btw) and pressing the Follow stream button, I got a crash. From WinDbg (my JIT debugger): wireshark!follow_stream_cb(struct _GtkWidget * follow_stream_bt = 0x63a57e95, void * data = 0x046533f0)+0x1c WARNING: Stack unwind information not available. Following frames may be wrong. libgobject_2_0_0!g_closure_invoke+0x115 libgobject_2_0_0!g_signal_has_handler_pending+0xf45 libgobject_2_0_0!g_signal_emit_valist+0x7b1 libgobject_2_0_0!g_signal_emit+0x26 libgtk_win32_2_0_0!gtk_button_clicked+0x40 .. The offender: follow_stream_cb(GtkWidget *follow_stream_bt, gpointer data _U_) { conversations_table *ct = g_object_get_data (G_OBJECT(follow_stream_bt), CONV_PTR_KEY); GtkTreeIter iter; GtkTreeModel *model; GtkTreeSelection *sel; guint32 idx = 0; gchar *filter; conv_t *conv; sel = gtk_tree_view_get_selection (GTK_TREE_VIEW(ct-table)); It crashed because 'ct' is NULL. Why, I don't know, but maybe we should bail out if 'ct' is NULL: --- SVN-Latest\gtk\conversations_table.cThu Jul 21 20:52:02 2011 +++ gtk\conversations_table.c Wed Aug 17 23:15:56 2011 @@ -2473,6 +2473,9 @@ gchar *filter; conv_t *conv; +if (!ct) + return; + sel = gtk_tree_view_get_selection (GTK_TREE_VIEW(ct-table)); if (!gtk_tree_selection_get_selected(sel, model, iter)) { simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, No conversation selected); --- All this was while watching AirPcap traffic ... i.e. no streams. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Crash in gtk/conversations_table.c
Guy Harris g...@alum.mit.edu wrote: and pressing the Follow stream button, It let you press Follow stream? I did a capture on the loopback interface, and got a window with no conversations, and the Follow stream button was grayed out. Not greyed out here. No idea why. It should. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c
This: #ifdef _MSC_VER #define localtime_r(a, b) memcpy((b), localtime((a)), sizeof(struct tm)); #endif doesn't look so safe. We should maybe use the localtime_r() in wsutil/strptime.c? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c
Stig Bjørlykke s...@bjorlykke.org wrote: On Tue, Aug 16, 2011 at 12:17 AM, Gisle Vanem gisle.va...@gmail.com wrote: This: #ifdef _MSC_VER #define localtime_r(a, b) memcpy((b), localtime((a)), sizeof(struct tm)); #endif doesn't look so safe. We should maybe use the localtime_r() in wsutil/strptime.c? Or simply just use localtime, check the return value and then copy the values. Like in revision 38569. Agreed, that's better. PS. Notice that my 1st email came from gisle.va...@gmail.com and took approx. 6 hours to get on this list. Waiting for what? My normal address (the one I subscribed from and the one I reply from now) is gva...@broadpark.no. So it seems Mailman doesn't care so much about the address, but rather my name. Anyone can subscribe and claim to be me. Doesn't sound correct. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c
On Tue, Aug 16, 2011 at 08:05:29PM +0200, Gisle Vanem wrote: So it seems Mailman doesn't care so much about the address, but rather my name. Anyone can subscribe and claim to be me. Doesn't sound correct. And anyone can change his name to 'Gisle Vanem', welcome to reality. That's why if you care, you should use gpg to sign messages :-) ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Compiling Wireshark for Win32
Helge Kruse helge.kruse-nos...@gmx.net wrote: Why do you try to compile at all when you only need the import library? It's generated with a one-liner: link /dll /out:libwireshark.dll /def:libwireshark.def /implib:libwireshark.lib nul Does it? Where are the .obj files in this command? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] [Patch] gtk/Makefile.common
I cannot see that 'gtk/text_import_scanner_lex.h' is of any use anymore. Hence we should remote it from gtk/Makefile.common: --- SVN-Latest/gtk/Makefile.common Tue Mar 22 13:41:14 2011 +++ gtk/Makefile.common Wed Apr 06 13:34:58 2011 @@ -24,8 +24,7 @@ # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Generated header files that we want in the distribution. -GENERATED_HEADER_FILES = \ - text_import_scanner_lex.h +GENERATED_HEADER_FILES = # Generated C source files that we want in the distribution. GENERATED_C_FILES = \ --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Ctrl-Scrollwheel
I have a request for a UI-feature. I many Windows programs the combination of pressing 'left Ctrl'-key while using the mouse scroll-wheel, the text in the main window is zoomed out (scroll-wheel backward) or zoomed in (scroll-wheel forward). Since Wireshark already has a zoom feature, could this feature be bound to the key/mouse-combination somehow? IMHO, it would be cool. I know next to nothing about Gtk+ programming, so I cannot implement this on my own. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Messy capture_if_details_dlg_win32.c
I'm not very happy about all the #ifdef-ing in capture_if_details_dlg_win32.c. Isn't it possible to do away with those by using unique names for possibly missing constants and typedefs (structs and enums)? Like: typedef unsigned short ws_eth_sa_family_t; ... struct ws_sockaddr_storage { ws_eth_sa_family_t __ss_family; /* address family */ ... }; #define sockaddr_storage ws_sockaddr_storage #include Packet32.h And with the enums. E.g.: enum network_infrastructure { _Ndis802_11IBSS, ... }; ... static const value_string win32_802_11_infra_mode_vals[] = { { _Ndis802_11IBSS, Ad Hoc }, Likewise with all the constants: #ifndef NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA #define NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA 0x0001 #define NDIS_MAC_OPTION_RECEIVE_SERIALIZED 0x0002 #define NDIS_MAC_OPTION_TRANSFERS_NOT_PEND 0x0004 ... #endif I think we could ass-u-me that if e.g. NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA isn't defined, neither are the other defines in that block. Hence we could do away with all the _MSC_VER checks and make it completely compiler/SDK unaware. How about it? --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] [Patch] gtk/file_dlg_win32.c
print_update_dynamic() isn't defined 'static' in file_dlg_win32.h. Hence: --- gtk\file_dlg_win32.cSun Nov 21 04:04:45 2010 +++ gtk\file_dlg_win32.c Mon Nov 22 13:54:53 2010 @@ -886,7 +886,7 @@ print_update_dynamic(dlg_hwnd, args); } -static void +void print_update_dynamic(HWND dlg_hwnd, print_args_t *args) { HWND cur_ctrl; -- --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] [Patch] gtk/file_dlg_win32.c
Bill Meier wme...@newsguy.com wrote: Without knowing the code, but given that print_update_dynamic() appears to be only used in file_dlg_win32.c I'd be inclined to remove the declaration from the .h file Any reason not to ? That would be the best, sure. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Wrong FCS in 802.11 capture
Can anybody verify the attached live capure I did just now? All the frames in the capture seems to have wrong Frame Check Sequence numbers. False alarm or not, but all captures seems to be okay now. --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Wrong FCS in 802.11 capture
Gianluca Varenni gianluca.vare...@cacetech.com wrote: They definitely look like junk... did the capture contain *only* such errored frames? Which AirPcap adapter are you using (Classic, Tx, Ex, Nx)? I only captured for 3-4 minutes using AirPcap 4.0 Classic. (the one you kindly gave me). --gv ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Wrong FCS in 802.11 capture
Can anybody verify the attached live capure I did just now? All the frames in the capture seems to have wrong Frame Check Sequence numbers. The capture was done with latest AirPcap on a Win-XP SP3 box running the latest svn version of WireShark. Also verified with tshark. --gv ethera04084 Description: Binary data ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Easy codec plugin
I have problems with plugins\easy_codec\codec*.c. E.g. codec-g722.c fails to compile with gcc 3.4.5 (MingW) because of: struct g722_context { CODER_HANDLE handle; short speach_buffer[L_G722_FRAME]; }; void *codec_g722_init(void) { g722_context *ctx = 0; --- The struct should be typedef'ed AFAICS. An easy fix for me is attached. PS. Yes, I did build WireShark using MingW and my own makefile. It went like a breeze except for the above problem. --gv diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g722.c .\codec-g722.c --- ..\..\SVN-Latest\plugins\easy_codec\codec-g722.cWed Dec 12 12:16:33 2007 +++ .\codec-g722.c Wed Dec 12 13:08:00 2007 @@ -34,10 +34,10 @@ #include EasyG722/EasyG722.h -struct g722_context { +typedef struct g722_context { CODER_HANDLE handle; short speach_buffer[L_G722_FRAME]; -}; +} g722_context; void *codec_g722_init(void) { g722_context *ctx = 0; diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g7231.c .\codec-g7231.c --- ..\..\SVN-Latest\plugins\easy_codec\codec-g7231.c Wed Dec 12 12:16:33 2007 +++ .\codec-g7231.c Wed Dec 12 13:09:38 2007 @@ -34,11 +34,11 @@ #include EasyG7231/EasyG7231.h -struct g7231_context { +typedef struct g7231_context { CODER_HANDLE handle; short speach_buffer[L_G7231_FRAME]; int l_g7231_frame_compressed; -}; +} g7231_context; void *codec_g7231_init(void) { g7231_context *ctx = 0; diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g729a.c .\codec-g729a.c --- ..\..\SVN-Latest\plugins\easy_codec\codec-g729a.c Mon Dec 03 17:56:10 2007 +++ .\codec-g729a.c Wed Dec 12 13:08:49 2007 @@ -34,10 +34,10 @@ #include EasyG729A/EasyG729A.h -struct g729a_context { +typedef struct g729a_context { CODER_HANDLE handle; short speach_buffer[L_G729A_FRAME]; -}; +} g729a_context; void *codec_g729a_init(void) { g729a_context *ctx = 0; ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Build failure of easy_codec
This plugin requires a C++ compiler because the ImTelephone folks built the libs using a C++ compiler. How stupid is that? But then gcc -x c++ bails out with an error: plugins/easy_codec/easy_codec_plugin.c:38: error: external linkage required for symbol 'version' be cause of 'dllexport' attribute. Line 38 becomes (after the cpp stage): __attribute__((dllexport)) const gchar version[] = 0.0.1; I have no idea what the problem is. Anyone? --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] epan/libwireshark.def
What does the lines like .mine do in this file? Besides eth_stdio_fopen() shall not be exported from libwireshark.dll. A patch: --- SVN-Latest\epan\libwireshark.defWed Oct 31 17:03:44 2007 +++ epan\libwireshark.def Wed Oct 31 17:31:01 2007 @@ -221,17 +221,10 @@ dissect_per_sequence dissect_per_set_of dissect_per_VisibleString - .mine dissect_q932_PresentedNumberScreened dissect_q932_PresentedNumberUnscreened dissect_q932_PartyNumber dissect_q932_PartySubaddress -=== -dissect_q932_PartyNumber -dissect_q932_PartySubaddress -dissect_q932_PresentedNumberUnscreened -dissect_q932_PresentedNumberScreened - .r23226 dissect_qsig_na_Name dissect_rpc_array dissect_rpc_bool @@ -306,7 +299,6 @@ epan_get_version epan_init epan_strcasestr -eth_stdio_fopen ether_to_str ex_opt_add ex_opt_count @@ -696,16 +688,11 @@ proto_tree_get_parent proto_tree_get_root proto_tree_move_item - .mine +protocols_module DATA p_add_proto_data p_get_proto_data q931_cause_code_vals DATA q850_cause_code_vals DATA -=== -protocols_moduleDATA -q850_cause_code_vals DATA -q931_cause_code_vals DATA - .r23226 q931_message_type_vals DATA range_convert_range range_convert_str --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] epan/libwireshark.def
Guy Harris [EMAIL PROTECTED] wrote: If the first somebody was you, then svn update (or its GUI equivalent) should have reported the conflict. The .mine lines aren't in the current version in SVN, so I suspect it's reporting a conflict between changes you made and changes somebody checked in. It wasn't me (I don't have write access). But after a: del epan\libwireshark.def svn update the file is up-to-date it seems. --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] epan/libwireshark.def
Jeff Morriss [EMAIL PROTECTED] wrote: Also eth_stdio_fopen() needs to be exported from the dll because some plugins use it now. Let me see if I understand you; you mean eth_stdio_fopen() should be exported from _libwireshark.dll_? eth_stdio_fopen() is already exported from wiretap*.dll. See wiretap/wtap.def and wiretap/Makefile.nmake. So AFAICS any plugins needing eth_stdio_fopen() should link to wiretap*.lib (the implib). Or do you mean file_util.obj should be present in _2_ dlls? A ugly hack IMHO. --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] epan/libwireshark.def
Guy Harris [EMAIL PROTECTED] wrote: Does svn status report any conflicts (lines beginning with C)? No. --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] packet-isakmp.c
wiretap/file_util.h must be included because of eth_fopen(): --- SVN-Latest\epan\dissectors\packet-isakmp.c Tue Oct 23 14:29:00 2007 +++ epan\dissectors\packet-isakmp.c Thu Oct 25 14:21:56 2007 @@ -66,6 +66,7 @@ #include epan/dissectors/packet-x509af.h #include epan/dissectors/packet-isakmp.h #include epan/prefs.h +#include wiretap/file_util.h #define isakmp_min(a, b) ((ab) ? a : b) --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] trigcap.c
Some signals needs to be ifdef'ed (missing on VC/MingW): --- SVN-Latest/trigcap.cSat Jul 28 15:44:35 2007 +++ trigcap.c Wed Aug 22 14:42:30 2007 @@ -249,9 +249,15 @@ dprintf(2,opened dumper file '%s'\n,outfile); signal(SIGINT, sig_int); +#ifdef SIGQUIT signal(SIGQUIT, sig_int); +#endif +#ifdef SIGTERM signal(SIGTERM, sig_int); +#endif +#ifdef SIGSTOP signal(SIGSTOP, sig_int); +#endif keep_going = 1; dumping = 0; --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] packet-ieee80211.c won't compile
In file included from epan/dissectors/packet-ieee80211.c:84: ./airpcap_loader.h:84: error: syntax error before AirpcapChannelInfo ./airpcap_loader.h:85: error: syntax error before PAirpcapChannelInfo ./airpcap_loader.h:86: error: syntax error before AirpcapChannelInfo ./airpcap_loader.h:110: error: syntax error before AirpcapChannelInfo Will the person who checked in this file please fix this and test his changes in the future? --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] packet-ieee80211.c won't compile
In file included from epan/dissectors/packet-ieee80211.c:84: ./airpcap_loader.h:84: error: syntax error before AirpcapChannelInfo ./airpcap_loader.h:85: error: syntax error before PAirpcapChannelInfo ./airpcap_loader.h:86: error: syntax error before AirpcapChannelInfo ./airpcap_loader.h:110: error: syntax error before AirpcapChannelInfo Will the person who checked in this file please fix this and test his changes in the future? --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] packet-sqloracle.c
I know this dissector isn't in any makefile, but I'd like to try it anyway. I added the file to the build of libwireshark.dll, but got an assert in epan/packet.c at line 674 (sub_dissectors == NULL). Should this file be removed from svn until fixed? Or fixed before the next release? I'm not in the position to fix it myself (my knowledge of WS internals is too limited). Gisle V. # rm /bin/laden /bin/laden: Not found ___ Wireshark-dev mailing list [EMAIL PROTECTED] http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] packet-sqloracle.c
I tried adding this file to the build of libwireshark.dll, but got an assert in epan/packet.c at line 674 (sub_dissectors == NULL). I know this dissector isn't in any makefile, but I'd like to try it anyway. Should this file be removed from svn until fixed? Or fixed before the next release? I'm not in the position to fix it myself (my knowledge of WS internals is too limited). Gisle V. # rm /bin/laden /bin/laden: Not found ___ Wireshark-dev mailing list [EMAIL PROTECTED] http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] sockaddr_storage on Win32
The #ifdef's in capture_wpcap_packet.c and gtk/capture_if_details_dlg.c assumes that only MSVC is used to build on Win32. MingW works just fine. MingW defines WINVER == 0x400, but it does have sockaddr_storage. Why can't the structure be moved to a common .h-file? (to keep the .c-files more clean). Patch attached. --gv --- SVN-Latest\capture_wpcap_packet.c Mon Mar 26 17:52:42 2007 +++ capture_wpcap_packet.c Tue Mar 27 01:24:07 2007 @@ -51,7 +51,7 @@ * * copied from RFC2553 (and slightly modified because of datatypes) ... * XXX - defined more than once, move this to a header file */ -#if (WINVER = 0x0400) +#if (WINVER = 0x0400) defined(_MSC_VER) typedef unsigned short eth_sa_family_t; /* @@ -82,7 +82,7 @@ /* __ss_pad1, __ss_align fields is 112 */ }; /* ... copied from RFC2553 */ -#endif /* WINVER */ +#endif /* WINVER _MSC_VER */ #include Packet32.h --- SVN-Latest\gtk\capture_if_details_dlg.c Mon Mar 26 17:51:39 2007 +++ gtk\capture_if_details_dlg.cTue Mar 27 01:19:21 2007 @@ -35,6 +35,7 @@ #include wtap.h #include time.h +#include ctype.h #include globals.h #include file.h @@ -59,7 +60,7 @@ * * copied from RFC2553 (and slightly modified because of datatypes) ... * XXX - defined more than once, move this to a header file */ -#if (WINVER = 0x0400) +#if (WINVER = 0x0400) defined(_MSC_VER) typedef unsigned short eth_sa_family_t; /* @@ -90,7 +91,7 @@ /* __ss_pad1, __ss_align fields is 112 */ }; /* ... copied from RFC2553 */ -#endif /* WINVER */ +#endif /* WINVER _MSC_VER */ #include Packet32.h #include windows.h ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] pragma warning
The #pragma warning() statements are MSVC specific. So embed them inside #ifdef _MSC_VER. Patch attached. --gv diff -u3 -Hb -r SVN-Latest\asn1\rrlp\packet-rrlp-template.c .\asn1\rrlp\packet-rrlp-template.c --- SVN-Latest\asn1\rrlp\packet-rrlp-template.c Tue Mar 27 17:18:46 2007 +++ .\asn1\rrlp\packet-rrlp-template.c Tue Mar 27 17:54:27 2007 @@ -49,7 +49,7 @@ -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4146: unary minus operator applied to unsigned type, result still unsigned */ #pragma warning(disable:4146) #endif diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c .\epan\dissectors\packet-dcerpc-dfs.c --- SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:18:50 2007 +++ .\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:44:53 2007 @@ -22,7 +22,7 @@ #include packet-windows-common.h #include packet-dcerpc-dfs.h -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4101: 'xy' : unreferenced local variable */ #pragma warning(disable:4101) #endif diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c .\epan\dissectors\packet-dcerpc-eventlog.c --- SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:18:52 2007 +++ .\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:45:04 2007 @@ -22,7 +22,7 @@ #include packet-windows-common.h #include packet-dcerpc-eventlog.h -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4018: '' : signed/unsigned mismatch */ #pragma warning(disable:4018) #endif diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-megaco.c .\epan\dissectors\packet-megaco.c --- SVN-Latest\epan\dissectors\packet-megaco.c Tue Mar 27 17:18:52 2007 +++ .\epan\dissectors\packet-megaco.c Tue Mar 27 17:53:27 2007 @@ -67,7 +67,7 @@ #define PORT_MEGACO_TXT 2944 #define PORT_MEGACO_BIN 2945 -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4013: 'xy' undefined; assuming extern returning int */ #pragma warning(disable:4013) #endif diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-user_encap.c .\epan\dissectors\packet-user_encap.c --- SVN-Latest\epan\dissectors\packet-user_encap.c Tue Mar 27 17:18:48 2007 +++ .\epan\dissectors\packet-user_encap.c Tue Mar 27 17:54:59 2007 @@ -36,7 +36,7 @@ #include epan/uat.h #include epan/emem.h -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4090: 'XY' : different 'const' qualifiers */ #pragma warning(disable:4090) #endif ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] pragma warning
Graham Bloice [EMAIL PROTECTED] wrote: Gisle Vanem wrote: The #pragma warning() statements are MSVC specific. So embed them inside #ifdef _MSC_VER. I always thought unrecognised #pragma directives were ignored. I take it that MinGw barfs on them in some way? MingW ignores them, but with a warning. I thought we should strive to reduce the number of warnings. Hence my patch. --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] sockaddr_storage on Win32
The #ifdef's in capture_wpcap_packet.c and gtk/capture_if_details_dlg.c assumes that only MSVC is used to build on Win32. MingW works just fine. MingW defines WINVER == 0x400, but it does have sockaddr_storage. Why can't the structure be moved to a common .h-file? (to keep the .c-files more clean). Patch attached. --gv --- SVN-Latest\capture_wpcap_packet.c Mon Mar 26 17:52:42 2007 +++ capture_wpcap_packet.c Tue Mar 27 01:24:07 2007 @@ -51,7 +51,7 @@ * * copied from RFC2553 (and slightly modified because of datatypes) ... * XXX - defined more than once, move this to a header file */ -#if (WINVER = 0x0400) +#if (WINVER = 0x0400) defined(_MSC_VER) typedef unsigned short eth_sa_family_t; /* @@ -82,7 +82,7 @@ /* __ss_pad1, __ss_align fields is 112 */ }; /* ... copied from RFC2553 */ -#endif /* WINVER */ +#endif /* WINVER _MSC_VER */ #include Packet32.h --- SVN-Latest\gtk\capture_if_details_dlg.c Mon Mar 26 17:51:39 2007 +++ gtk\capture_if_details_dlg.cTue Mar 27 01:19:21 2007 @@ -35,6 +35,7 @@ #include wtap.h #include time.h +#include ctype.h #include globals.h #include file.h @@ -59,7 +60,7 @@ * * copied from RFC2553 (and slightly modified because of datatypes) ... * XXX - defined more than once, move this to a header file */ -#if (WINVER = 0x0400) +#if (WINVER = 0x0400) defined(_MSC_VER) typedef unsigned short eth_sa_family_t; /* @@ -90,7 +91,7 @@ /* __ss_pad1, __ss_align fields is 112 */ }; /* ... copied from RFC2553 */ -#endif /* WINVER */ +#endif /* WINVER _MSC_VER */ #include Packet32.h #include windows.h ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] pragma warning
Ulf Lamping [EMAIL PROTECTED] wrote: If you still have such problems, please note. There's still some in generated files. It seems someone added the pragmas after they where autogenerated. IMHO the #pragma should go elsewhere. But where, should be left to the experts. A patch for now: diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c .\epan\dissectors\packet-dcerpc-dfs.c --- SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:18:50 2007 +++ .\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:44:53 2007 @@ -22,7 +22,7 @@ #include packet-windows-common.h #include packet-dcerpc-dfs.h -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4101: 'xy' : unreferenced local variable */ #pragma warning(disable:4101) #endif diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c .\epan\dissectors\packet-dcerpc-eventlog.c --- SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:18:52 2007 +++ .\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:45:04 2007 @@ -22,7 +22,7 @@ #include packet-windows-common.h #include packet-dcerpc-eventlog.h -#ifdef _WIN32 +#ifdef _MSC_VER /* disable: warning C4018: '' : signed/unsigned mismatch */ #pragma warning(disable:4018) #endif diff -u3 -Hb -r SVN-Latest\plugins\giop\packet-cosnaming.c .\plugins\giop\packet-cosnaming.c --- SVN-Latest\plugins\giop\packet-cosnaming.c Tue Mar 27 17:18:48 2007 +++ .\plugins\giop\packet-cosnaming.c Wed Mar 28 05:20:33 2007 @@ -48,7 +48,7 @@ G_MODULE_EXPORT const gchar version[] = 0.0.1; #endif -#ifdef _WIN32 +#ifdef _MSC_VER /* disable warning: unreference local variable */ #pragma warning(disable:4101) #endif And for airpcap.h: diff -u3 -Hb -r SVN-Latest\airpcap.h .\airpcap.h --- SVN-Latest\airpcap.h Tue Jan 02 23:26:52 2007 +++ .\airpcap.h Wed Mar 28 03:49:39 2007 @@ -24,8 +24,10 @@ #include epan/crypt/wep-wpadefs.h /* WEP_KEY_MAX_SIZE */ +#ifdef _MSC_VER /* This disables a VS warning for zero-sized arrays. All the compilers we support have that feature */ #pragma warning( disable : 4200) +#endif #ifdef __cplusplus extern C { --- --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] epan_strcasestr() to epan/strutil.c
The file epan/dissectors/packet-k12.c uses the function strcasestr() which is not available on e.g. Windows. So I cooked up a patch to epan/strutil.c to add epan_strcasestr() (is there a more suited place for such a function?) Attached in diffs-3.txt --gv --- SVN-Latest\epan\strutil.c Mon Feb 05 12:13:00 2007 +++ epan\strutil.c Wed Feb 07 13:49:17 2007 @@ -966,3 +966,17 @@ return strl+strs; } #endif + +char * +epan_strcasestr(const char *haystack, const char *needle) +{ + gsize hlen = strlen(haystack); + gsize nlen = strlen(needle); + + while (hlen-- = nlen) { + if (!g_strncasecmp(haystack, needle, nlen)) + return (char*) haystack; + haystack++; + } + return NULL; +} --- SVN-Latest\epan\strutil.h Fri Jan 12 17:23:56 2007 +++ epan\strutil.h Wed Feb 07 13:44:40 2007 @@ -205,6 +205,16 @@ */ char * convert_string_case(const char *string, gboolean case_insensitive); +/** Finds the first occurence of string 'needle' in string 'haystack'. + * The matching is done in a case insensitive manner. + * + * @param haystack The string possibly containing the substring + * @param needle The substring to be searched + * @return A pointer into 'haystack' where 'needle' is first found. + * Otherwise it returns NULL. + */ +char * epan_strcasestr(const char *haystack, const char *needle); + /* g_strlcat() does not exist in GLib 1.2[.x] */ #if GLIB_MAJOR_VERSION 2 gsize g_strlcat(gchar *dst, gchar *src, gsize size); --- SVN-Latest\epan\libwireshark.defMon Feb 05 12:12:57 2007 +++ epan\libwireshark.def Wed Feb 07 13:48:25 2007 @@ -245,6 +245,7 @@ epan_get_version epan_init epan_base64_decode +epan_strcasestr ether_to_str ex_opt_add ex_opt_count --- SVN-Latest\epan\dissectors\packet-k12.c Mon Feb 05 12:13:00 2007 +++ epan\dissectors\packet-k12.cWed Feb 07 13:29:10 2007 @@ -38,6 +38,7 @@ #include epan/emem.h #include epan/uat.h #include epan/expert.h +#include epan/strutil.h #include packet-sscop.h typedef struct _k12_hdls_t { @@ -135,7 +136,7 @@ if (! handles ) { for (i=0 ; i nk12_handles; i++) { - if ( strcasestr(pinfo-pseudo_header-k12.stack_file, k12_handles[i].match) ) { + if ( epan_strcasestr(pinfo-pseudo_header-k12.stack_file, k12_handles[i].match) ) { handles = k12_handles[i].handles; break; } ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] airpcap.c
--- SVN-Latest\epan\crypt\airpdcap.cFri Jan 12 17:23:52 2007 +++ epan\crypt\airpdcap.c Tue Jan 16 11:59:58 2007 @@ -1663,7 +1663,7 @@ else output_string = g_strdup_printf(%s:%s:%s, STRING_KEY_TYPE_WPA_PWD,dk-key-str, - format_text((guchar *)dk-ssid-data, dk-ssid-len); + format_text((guchar *)dk-ssid-data, dk-ssid-len)); } else if(dk-type == AIRPDCAP_KEY_TYPE_WPA_PMK) { --- Please test your changes (compile it) before checking in ! --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] packet-kerberos.c
* epan/crypt/crypt-md5.h must come after glib.h because of 'guint8' etc. * Include wiretap/file_util.h because of eth_fopen(). --- SVN-Latest\epan\dissectors\packet-kerberos.cWed Jan 03 17:26:35 2007 +++ epan\dissectors\packet-kerberos.c Tue Jan 16 12:44:55 2007 @@ -71,12 +71,12 @@ #include nettle/des.h #include nettle/cbc.h #endif -#include epan/crypt/crypt-md5.h #include sys/stat.h /* For keyfile manipulation */ #endif #include glib.h +#include epan/crypt/crypt-md5.h #include epan/packet.h #include epan/strutil.h @@ -96,6 +96,8 @@ #include epan/dissectors/packet-dcerpc.h #include epan/dissectors/packet-gssapi.h + +#include wiretap/file_util.h #define UDP_PORT_KERBEROS 88 #define TCP_PORT_KERBEROS 88 -- PS. What's up with the mailing-list software? Every message looks like crap; all line-endings are missing. Is the ML-software running on a Mac? --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [Patch] libwireshark.def
Some missing exports (needed by airpdcap*.c): --- SVN-Latest\epan\libwireshark.defTue Jan 16 11:07:52 2007 +++ epan\libwireshark.def Tue Jan 16 13:08:05 2007 @@ -91,6 +91,8 @@ convert_string_to_hex copy_prefs crc16_ccitt_tvb +crc32_ccitt +crc32_ccitt_table DATA create_dissector_handle create_persconffile_dir data_out_file DATA @@ -641,6 +643,7 @@ rtp_payload_type_vals DATA rtp_payload_type_short_valsDATA running_in_build_directory +sha1_hmac scsi_mmc_vals DATA scsi_smc_vals DATA scsi_sbc_vals DATA --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] packet-kerberos.c
Gisle Vanem [EMAIL PROTECTED] wrote: I.e. double newlines are collapsed into one: line 1 line 2 That message got received okay. Presumably because it contained a Content-type: multipart/mixed;... in the header. --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [Patch] packet-kerberos.c
Sake Blok [EMAIL PROTECTED] wrote: Looks like your mailserver is messing things up. In the attached rawmessage there is a line: X-MIME-Autoconverted: from base64 to 8bit by bryggen.bgnett.no id =l0GCELid030303 When I look at the same message in my mailbox, it is still base64encoded. When I mannualy decode the data, I do get to see allnewlines (as does my mail-client). Okay, I've resubscribed from another account. So this problem should vanish. But what about the patch itself? --gv ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] Airpcap patches
Here are some patches needed to build using HAVE_AIRPCAP on MingW: * airpcap.h needs 'WEP_KEY_MAX_SIZE' from epan/crypt/wep-wpadefs.h. * airpcap_loader.h needs epan/crypt/airpdcap_user.h and definition of 'decryption_key_t'. * epan/crypt/airpdcap_interop.h defines 'ntohs()' before winsock2.h gets included. Thus creating a parse error later on. Attached. --gv diff -u3 -Hb -r SVN-Latest\airpcap.h .\airpcap.h --- SVN-Latest\airpcap.hThu Dec 28 17:39:24 2006 +++ .\airpcap.h Tue Jan 02 12:48:30 2007 @@ -22,6 +22,8 @@ #if !defined(AIRPCAP_H__EAE405F5_0171_9592_B3C2_C19EC426AD34__INCLUDED_) #define AIRPCAP_H__EAE405F5_0171_9592_B3C2_C19EC426AD34__INCLUDED_ +#include epan/crypt/wep-wpadefs.h /* WEP_KEY_MAX_SIZE */ + /* This disables a VS warning for zero-sized arrays. All the compilers we support have that feature */ #pragma warning( disable : 4200) diff -u3 -Hb -r SVN-Latest\airpcap_loader.h .\airpcap_loader.h --- SVN-Latest\airpcap_loader.h Thu Dec 28 17:39:24 2006 +++ .\airpcap_loader.h Tue Jan 02 11:34:44 2007 @@ -28,6 +28,8 @@ #ifndef __AIRPCAP_LOADER_H__ #define __AIRPCAP_LOADER_H__ +#include epan/crypt/airpdcap_user.h + /* Error values from get_airpcap_interface_list(). */ #define CANT_GET_AIRPCAP_INTERFACE_LIST 0 /* error getting list */ #define NO_AIRPCAP_INTERFACES_FOUND 1 /* list is empty */ diff -u3 -Hb -r SVN-Latest\epan\crypt\airpdcap_interop.h .\epan\crypt\airpdcap_interop.h --- SVN-Latest\epan\crypt\airpdcap_interop.hTue Jan 02 10:15:35 2007 +++ .\epan\crypt\airpdcap_interop.h Tue Jan 02 13:03:40 2007 @@ -2,7 +2,7 @@ #define _AIRPDCAP_INTEROP_H /** - * Cast data types commonly used in Windows (e.g. UINT16) to theirf + * Cast data types commonly used (e.g. UINT16) to their * GLib equivalents. */ @@ -57,7 +57,12 @@ typedef gsize size_t; #endif +#ifdef WIN32 +#include winsock2.h /* ntohs() */ +#endif + #ifndef ntohs +#undef ntohs #define ntohs(value)g_ntohs(value) #endif ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev