Re: [Wireshark-dev] Visual Studio 2022

[Gisle Vanem]

Anders Broman wrote:


Hi,
Yes sounds like a good idea. Have been contemplating testing it too.


I just installed the "Build Tools for Visual Studio 2022"
  
https://visualstudio.microsoft.com/downloads/#build-tools-for-visual-studio-2022

But was disappointed it does not include a newer compiler.
My 'cl.exe' (part of the "VS 2019") is still at version
19.29.30139.

So what's the point of using VS 2022 really?

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Errors building 3.7 plugins.

[Gisle Vanem]

João Valverde wrote:


you can (and probably should) include "config.h", just like other Wireshark 
bundled plugins do.


Why does this project not use '-FI./config.h'?

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problem in 'packet-f5ethtrailer.c'

[Gisle Vanem]

Maynard, Chris wrote:


Which specific release of VS2019 are you running?  This is a bit of a stretch, 
but *possibly* your version could use an update?


I have the latest AFAIK I ran vs_installer last week.

From 'cl /?':   Version 19.24.28319 for x86
From 'vswhere': VisualStudio.16.Release/16.4.6+29905.134

But IMHO, you're dodging the problem; a "#define s_addr S_un.S_addr"
has been in the *Win-SDK* for ages. Nothing to do with 'cl' or
it's headers.

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Problem in 'packet-f5ethtrailer.c'

[Gisle Vanem]

I'm surprised no one has come across this compile
error yet:
  epan/dissectors/packet-f5ethtrailer.c(482): error C2143: syntax error: 
missing ';' before '.'
  epan/dissectors/packet-f5ethtrailer.c(485): error C2224: left of '.S_addr' 
must have struct/union type
  epan/dissectors/packet-f5ethtrailer.c(487): error C2224: left of '.S_addr' 
must have struct/union type

(using MSVC-2019).

Reason seems simple;  has snuck in somehow and
added the wellknown "#define s_addr S_un.S_addr"

A simple fix is:

--- a/epan/dissectors/packet-f5ethtrailer.c 2020-03-19 13:31:36
+++ b/epan/dissectors/packet-f5ethtrailer.c 2020-03-19 14:26:51
@@ -204,6 +204,7 @@
 #include 
 #define F5FILEINFOTAP_SRC
 #include "packet-f5ethtrailer.h"
+#undef s_addr
 #undef F5FILEINFOTAP_SRC



BTW.
note the time-stamp on the 'a' file. How come it
gets updated as soon as I do a 'git pull'?
From a 'git log packet-f5ethtrailer.c', the last
change was 19 days ago.

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Where is the AirPcap channel button?

[Gisle Vanem]

Hi list.

I remember wireshark-qt in the old days had a button
to change the 2.4GHz WiFi channel to capture on. But
since some time, I fail to find on 'Preference' setting
to get it enabled. Was it dropped?

It seems the functions 'ws80211_set_freq()' and
'airpcap_if_set_device_channel()' should be used for
this. But those are not called from any Qt *.cpp sources
AFAICS.

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problems with \Device\NPF_ prefix

[Gisle Vanem]

I wrote:


In my recently built Tshark/Wireshark etc., I've discovered
this longer works:
   tshark.exe -i \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}

It says:
   Capturing on '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}'
   tshark: The capture session could not be initiated on interface 
'\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}'
   (Error opening adapter: Operasjonen er utført. (0)).  << == NO_ERROR !!??

But this works:
   tshark.exe -i {3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}


It has been fixed by removing the Win10Pcap installation
and reinstalling the trust old WinPcap. All back to normal.

I had Win10Pcap and WinPcap installed at the same time.

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Problems with \Device\NPF_ prefix

[Gisle Vanem]

In my recently built Tshark/Wireshark etc., I've discovered
this longer works:
  tshark.exe -i \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}

It says:
  Capturing on '\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}'
  tshark: The capture session could not be initiated on interface 
'\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}'
  (Error opening adapter: Operasjonen er utført. (0)).  << == NO_ERROR !!??

But this works:
  tshark.exe -i {3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}

(no "\Device" prefix) How come?

I also tried with:
  tshark.exe -o console.log.level:252 -i 
\Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D}

which splits out at the end some mysterious stuff:
  ...
  (tshark.exe:10360): Capture-DEBUG: argv[5]: 10360
  (tshark.exe:10360): Capture-DEBUG: read 14 ok indicator: E len: 402 msg: E

The 'msg: E' does show up with w/o the prefix?
A dumpcap/pipe reading problem?

Win-10, WinPcap 4.1.0.2980.

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problems building register.c with older glib g_async_queue_timeout_pop()

[Gisle Vanem]

João Valverde wrote:


  if (!g_file_get_contents(list, , NULL, NULL))
  return;
-    for (arg = strtok(contents, " \n"); arg != NULL; arg = strtok(NULL, " 
\n")) {
+    for (arg = strtok(contents, " \r\n"); arg != NULL; arg = strtok(NULL, " 
\r\n")) {
  scan_file(arg, protos, handoffs);
  }
  g_free(contents);



The newline was only being used on Unixes as the last character in a space-separated string (so that wasn't an issue) 
but now the token has been changed to newlines on all platforms and your reminder was helpful. Thanks.


But now this has changed this into 'strtok(SEP)' i.e. "\r\n".
Why not " \r\n" (Win32) and " \n" (else-where)? I don't see any
files with spaces in them. And hope they will never show up...

Since for some weird reason that response-file had some extra
spaces (maybe a Cmake issue?).

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problems building register.c with older glib g_async_queue_timeout_pop()

[Gisle Vanem]

Anders Broman wrote:


Problems building register.c with older glib g_async_queue_timeout_pop().


I don't know about this problem.

But another problem is the "\r\n" newlines in a response-file
given to make-dissectors.exe. Should IMHO be:

--- a/epan/dissectors/make-dissectors.c 2017-11-23 12:01:27
+++ b/epan/dissectors/make-dissectors.c 2017-11-23 13:30:13
@@ -57,7 +57,7 @@

 if (!g_file_get_contents(list, , NULL, NULL))
 return;
-for (arg = strtok(contents, " \n"); arg != NULL; arg = strtok(NULL, " 
\n")) {
+for (arg = strtok(contents, " \r\n"); arg != NULL; arg = strtok(NULL, " 
\r\n")) {
 scan_file(arg, protos, handoffs);
 }
 g_free(contents);

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Master build fails without pcap

[Gisle Vanem]

Dario Lombardo wrote:

> The current master can't build if we disable PCAP in cmake.

I can't be build if HAVE_EXTCAP is not defined either

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Devices in tshark versus dumpcap

[Gisle Vanem]

I wrote:


The is for sure a problem in how lines of text are generated in dumpcap.exe
and how tshark is interpreting them. I'm not even sure the lines have
"\r\n" terminations since from dumpcap.c:
  #ifdef _WIN32
  /* set output pipe to binary mode, to avoid ugly text conversions */
  _setmode(2, O_BINARY);

And in capchild/capture_ifinfo.c:
  raw_list = g_strsplit(data, "\r\n", 0);


That was the problem, Changing this into:
  raw_list = g_strsplit(data, "\n", 0);

things work as normal!


--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Devices in tshark versus dumpcap

[Gisle Vanem]

I wrote:

> The is for sure a problem in how lines of text are generated in dumpcap.exe
> and how tshark is interpreting them. I'm not even sure the lines have
> "\r\n" terminations since from dumpcap.c:
>   #ifdef _WIN32
>   /* set output pipe to binary mode, to avoid ugly text conversions */
>   _setmode(2, O_BINARY);
>
> And in capchild/capture_ifinfo.c:
>   raw_list = g_strsplit(data, "\r\n", 0);

That was the problem, Changing this into:
  raw_list = g_strsplit(data, "\n", 0);

things work as normal!

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Devices in tshark versus dumpcap

[Gisle Vanem]

Graham Bloice wrote:


Which branch though, master or master-2.2?


'master' it seems. But I tried to resolve the issue myself.
First by trying w/o HAVE_EXTCAP (to exclude any problems with that). But
that is impossible. E.g.:
  capture_sync.c(521): error C2039: 'extcap_fifo': is not a member of 
'interface_options_tag'
etc. etc.

The is for sure a problem in how lines of text are generated in dumpcap.exe
and how tshark is interpreting them. I'm not even sure the lines have
"\r\n" terminations since from dumpcap.c:
  #ifdef _WIN32
  /* set output pipe to binary mode, to avoid ugly text conversions */
  _setmode(2, O_BINARY);

And in capchild/capture_ifinfo.c:
  raw_list = g_strsplit(data, "\r\n", 0);

Can you (or someone else) send the output of:
  tshark.exe -o console.log.level:252 -D

So I can guess what's wrong here?

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Devices in tshark versus dumpcap

[Gisle Vanem]

Graham Bloice wrote:


Unsure whether this is related, but MSVC2015 support is regarded as 
"experimental".  The official builds are still using
VS2013.


Really. MSVC-2015 is much better regarding C99 conformance etc.



The above "read 21 indicator: S empty value" for me indicates a problem in
the pipe I/O between tshark and dumpcap. No?


Are you building the stable version or dev (2.2.x or 2.3x)?


The one from a 'git clone https://code.wireshark.org/review/wireshark'.
Should be the latest?

--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Devices in tshark versus dumpcap

[Gisle Vanem]

I'm on Win-10 and have now troubles sniffing on anything except
BlueTooth! This is the list of interfaces I expect to get:

dumpcap.exe -D
  1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} 
(Bluetooth-nettverkstilkobling)
  2. \Device\NPF_{F92984E3-5D40-4AD9-B054-41288EAE699F} (Wi-Fi 2)
  3. \Device\NPF_{3A46ACA0-CBED-44BC-A239-6AEA3D0C451D} (Ethernet)
  4. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00)

But with "tshark.exe -D", I only get:
  1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} 
(Bluetooth-nettverkstilkobling)

I also tried with:
  set G_MESSAGES_DEBUG=all   << no effect
  tshark.exe -o console.log.level:252 -D

giving:
  Capture-Message: Capture Interface List ...
  (tshark.exe:8440): Capture-DEBUG: sync_interface_list_open
  Capture-INFO: sync_pipe_run_command() starts
  (tshark.exe:8440): Capture-DEBUG:   argv[0]: 
F:\mingw32\src\inet\Wireshark\dumpcap.exe
  (tshark.exe:8440): Capture-DEBUG:   argv[1]: -D
  (tshark.exe:8440): Capture-DEBUG:   argv[2]: -Z
  (tshark.exe:8440): Capture-DEBUG:   argv[3]: none
  (tshark.exe:8440): Capture-DEBUG: sync_pipe_open_command
  (tshark.exe:8440): Capture-DEBUG: read 21 indicator: S empty value
  (tshark.exe:8440): Capture-DEBUG: sync_pipe_wait_for_child: wait till child 
closed
  (tshark.exe:8440): Capture-DEBUG: sync_pipe_wait_for_child: capture child 
closed after 0.016s
  Capture-INFO: sync_pipe_run_command() ends, taking 0.328s, result=0
  Capture-Message: Loading External Capture Interface List ...
  1. \Device\NPF_{C25DD2C2-2E05-4337-A847-84EF6CAB86BF} 
(Bluetooth-nettverkstilkobling)

Note, this is with Wireshark compiled from Git by myself using MSVC-2015, 
32-bit;
A version + build-method that has worked well for years. But recently it's been
misbehaving as shown above. Any hints?

The above "read 21 indicator: S empty value" for me indicates a problem in
the pipe I/O between tshark and dumpcap. No?


--
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Crash in epan/geoip_db.c

[Gisle Vanem]

Guy Harris wrote:

> They (MaxMind) might want to consider having a cleanup routine anyway, given 
> that 1) their code works 
> on Windows and 2) unless the GeoIP library and the code that calls it are 
> built with the same version
> of MSVC, or the "universal CRT" or whatever it's called is being used, Bad 
> Things can happen if the code 
> that calls it frees stuff allocated by the library, as the allocation and 
> freeing will be done by 
> different versions of the C runtime library.

AFAIK, one cannot use GeoIP as a .DLL. But a static lib is fine with me.

BTW the Tor-project uses MaxMind's Geo-IP information via some CVS-files
  parsed at runtime:
   https://gitweb.torproject.org/tor.git/tree/src/or/geoip.c
   https://gitweb.torproject.org/tor.git/tree/src/config/geoip

It's super-fast and something to consider for Wireshark too IMHO.
I suspect the .mmdb files are more up-to-date than the .dat files.

-- 
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Crash in epan/geoip_db.c

[Gisle Vanem]

Hi list.

I got a crash in epan/geoip_db.c and MSVCRT:free().
Due to the use of g_free() at line 379:

case GEOIP_ASNUM_EDITION:
raw_val = GeoIP_name_by_ipnum(gi, addr);
if (raw_val) {
ret = db_val_to_utf_8(raw_val, gi);
g_free((char*)raw_val);  << line 379
}

In my case, the 'raw_val' was not allocated by Glib, but
by MSVC's CRT directly. So shouldn't these 'g_free()' really be
'free()'? Or is the "official" GeoIP-1.6.6-win32ws.zip built using
Glib now?

This works for me:

--- a/epan/geoip_db.c 2017-02-21 20:23:21
+++ b/epan/geoip_db.c 2017-02-21 21:58:27
@@ -376,7 +376,7 @@
 raw_val = GeoIP_name_by_ipnum(gi, addr);
 if (raw_val) {
 ret = db_val_to_utf_8(raw_val, gi);
-g_free((char*)raw_val);
+free((char*)raw_val);
 }
 break;

@@ -507,7 +507,7 @@
 raw_val = GeoIP_name_by_ipnum_v6(gi, gaddr);
 if (raw_val) {
 ret = db_val_to_utf_8(raw_val, gi);
-g_free((char*)raw_val);
+free((char*)raw_val);
 }
 break;

-- 
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] PPP capture

[Gisle Vanem]

Yang Luo wrote:

> AFAIK, Npcap/WinPcap works on the data link level and it sees the Ethernet 
> frames. In my understanding, VPN SSL (https)
> or raw HTTP is just data of high-levels (IP packets) for Npcap/WinPcap. I 
> don't know if it's appropriate or viable for
> Npcap/WinPcap to see this data.

The original WinPcap can see such un-encrypted traffic if built
with '-DHAVE_WANPACKET_API'. It worked very good for me for years when
I used a VPN connection. In such case, the PP2TP/L2TP setup inside
Windows provides a virtual adapter you can sniff on (but no transmit
is allowed).

But if the OP's Fortinet/Fortigate VPN works like the above, is another
question. I bet it bypasses NDIS somehow.

BTW Yang, do your NPcap (in Winpcap-mode?) support compiling with
  'HAVE_WANPACKET_API' too?

-- 
--gv
___
Sent via:Wireshark-dev mailing list 
Archives:https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Trunk Windows CMake builds are broken

[Gisle Vanem]

Shanks, Graham (UK) graham.sha...@baesystems.com wrote:


A better solution would be to move the local config.h into a subdirectory and 
then use the following:

#include “subdir/config.h”


Since several dependent packages could have a config.h in it's ./include dir,
(shadowing for Wireshark's config.h), why not rename it and instead say:
 '#include ws_config.h'.

I have hit this problem trying to build other programs.

Compare this to e.g.:
 wsutil\ws_cpuid.h
 g:\mingw32\lib\gcc\mingw32\4.7.2\include\cpuid.h

--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Trunk Windows CMake builds are broken

[Gisle Vanem]

Guy Harris g...@alum.mit.edu wrote:


Presumably autotools can be convinced to generate ws_config.h rather than 
config.h.


I'm not a user of auto* tools, but I guess it's done with:
- AC_CONFIG_HEADERS(config.h)
+AC_CONFIG_HEADERS(ws_config.h)

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] [Patch] make-version.pl

[Gisle Vanem]

The 'Editor modelines' at end of make-version.pl should not be printed.
E.g. 'perl make-version.pl -h' prints this garbage at the end:
 ...
 Options can be used in any combination. If none are specified --set-svn
 is assumed.

 # # Editor modelines - http://www.wireshark.org/tools/modelines.html # #
 Local variables: # c-basic-offset: 8 # tab-width: 8 # indent-tabs-mode:
 t # End: # # vi: set shiftwidth=8 tabstop=8 noexpandtab: #
 :indentSize=8:tabSize=8:noTabs=false: # #

-

My Strawberry Perl (on Win-XP) doesn't convert Unix endings to DOS-endings 
here. Not sure if it should do that in this Pod-section? (I don't know Perl that well).

Anyway, a '=cut' fixes this here:

@@ -709,6 +709,8 @@
Options can be used in any combination. If none are specified B--set-svn
is assumed.

+=cut
+
#
# Editor modelines  -  http://www.wireshark.org/tools/modelines.html
#

-

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] ui/qt/about_dialog.cpp

[Gisle Vanem]

Why is main.cpp included in ui/qt/about_dialog.cpp like this:
 ...
 #include wireshark_application.h
 #include main.cpp
 #include wsutil/filesystem.h

And then main.cpp is also present in qtshark.pro. This gives multiple
defined symbols while linking. What's the idea behind this?

--gv


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] tools/make-dissector-reg.py

[Gisle Vanem]

I saw the recent change to 'tools/make-dissector-reg.py' to allow
reading list of files from a file; the argument dissectorsinfile. I find this 
a bit awkward. Isn't it better to use the more familiar response-file syntax? 
So the command to generate register.c would be something like:

 @$(PYTHON) ../../tools/make-dissector-reg.py . dissectors \
  @$(some_temp_file_with_all_dissectors_src)

Not sure how to best produce this temp_file. But certainly not one
file per line as the snippet:
 files = [line.rstrip() for line in dissector_f]

indicates. 'dissector_f.read().split()' would be more robust I think.
So what about this patch:

--- orig/tools/make-dissector-reg.py2013-12-10 21:58:26 +
+++ tools/make-dissector-reg.py   2013-12-11 13:00:59 +
@@ -42,7 +42,7 @@
 * Generated automatically from %s.
 */
 % (sys.argv[0])
-elif registertype in (dissectors, dissectorsinfile):
+elif registertype == dissectors:
final_filename = register.c
cache_filename = register-cache.pkl
preamble = \
@@ -65,16 +65,18 @@

#
# All subsequent arguments are the files to scan
-# or the name of a file containing the files to scan
+# or the name of a '@response-file' containing the files to scan
#
-if registertype == dissectorsinfile:
+if sys.argv[3][0] == '@':
+resp_file = sys.argv[3][1:]
try:
-dissector_f = open(sys.argv[3])
+file = open(resp_file)
except IOError:
-print((Unable to open input file '%s' % sys.argv[3]))
+print((Unable to open response-file '%s' % resp_file))
sys.exit(1)
-
-files = [line.rstrip() for line in dissector_f]
+files = file.read().split()
+file.close()
else:
files = sys.argv[3:]

--

BTW. You forgot a 'dissector_f.close()'.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] tools/make-dissector-reg.py

[Gisle Vanem]

Graham Bloice graham.blo...@trihedral.com wrote:

and maybe due to my CMake ineptness it turned out to be one file per line. 


How fast will CMake generate such a temp-file? There are approx 1100 packet-*.c
files. I figured this macro does it:

MACRO(REGISTER_DISSECTOR_FILES _outputfile _registertype )
   if(${_registertype} STREQUAL dissectors )
   set( _makeregistertype dissectorsinfile )
   set( _ftmp ${CMAKE_CURRENT_BINARY_DIR}/_regc.tmp )
   set( _depends ${ARGN} )
   file(REMOVE ${_ftmp})
   foreach(f ${_depends})
 file(APPEND ${_ftmp} ${f}\n)
   endforeach()


So, unless you're interested in CMake builds for Visual Studio, you can
effectively ignore the changes to make-dissector-reg, but if you feel the
need to improve it, then the CMake will have to be fixed at the same time.


Sorry, I don't do CMake. It's a big mystery to me. I seldom get it to
work here. But GNU-make rocks even for MSVC projects.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Make gtk3 default (over gtk2)?

[Gisle Vanem]

Bálint Réczey bal...@balintreczey.hu wrote:


how about making gtk3 the default over gtk2 when building Wireshark? Just
to be clear: I only want to reverse the build defaults between gtk2 and 3.
Hopefully it will get much more testing that way, so it is up to prime time
for the next release?

I fully support the idea.
The official Debian packages in unstable and testing already use GTK3.


There doesn't seems to be an Windows installer for a
GTK3+ Bundle yet. But I found a static dev-package of GTK3+ (MingW).
And toying a bit with the new HTML5 features and the broadway
deamon seems pretty cool. Seems this stuff one day would make it possible
to run Wireshark as a web-app. Pretty amazing if true. Ref:

 http://www.tarnyko.net/en/?q=node/34
 
http://www.tarnyko.net/repo/gtk3_build_system/gtk+-bundle_3.8.2-20130606_win32-PRE1.zip

--gv 


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] long options again

[Gisle Vanem]

Brandon Carpenter hashs...@pnnl.gov wrote:

I have to say that I dislike getopt() and getopt_long() for option 
parsing because of the disconnect between the options and the help. It 
creates multiple places that require updating when options change and 
quite often, one of those places is forgotten.  


Agreed. That's why tools like gengetopt has been developed.
This tool will generate the getopt_long() C-source + the 
help-text from a .ggo file specifying the program args. 


Ref.:
 http://www.gnu.org/software/gengetopt/gengetopt.html

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Problems building easy_codec.dll

[Gisle Vanem]

I'm having a problem compiling the *non* generated easy_codec_plugin.c. 
The message from MSVC is:
 error C2491: 'version' : definition of dllimport data not allowed 


for the line:
 WS_DLL_PUBLIC_NOEXTERN const gchar version[] = 0.0.1;

The preprocessed output becomes:
 __declspec(dllimport) const gchar version[] = 0.0.1;

So no wonder MSVC is complaining. Looking at the various Makefile.common 
under plugins, I see only a:


 NONGENERATED_C_FILES = \
 easy_codec_plugin.c \

in plugins\easy_codec\Makefile.common. Has this fallen behind?

Anyway, this patch fixes it for me:

--- SVN-Latest\plugins\easy_codec\easy_codec_plugin.c   Mon Mar 04 17:52:26 2013
+++ plugins\easy_codec\easy_codec_plugin.c  Fri Mar 15 11:35:08 2013
@@ -25,6 +25,9 @@

#ifndef ENABLE_STATIC
#include config.h
+
+/* plugins are DLLs */
+#define WS_BUILD_DLL

#include gmodule.h
#include epan/codecs.h



The same 'WS_BUILD_DLL' is put in e.g. the *generated* 
plugins\wimaxasncp\wimaxasncp_plugin.c.


--gv




___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Simpifying exporting DLL symbols

[Gisle Vanem]

Bálint Réczey bal...@balintreczey.hu wrote:


I have created the attached patch to control symbol visibility using
C defines instead of .def and .sym files. It is expected to work on every
platform and every build system we support, but I did not want to
commit it without discussing the direction.


Nice, but why not use nicer indenting to make it more readable?

And what about foreign programs that would like to use e.g. libwireshark
code as a static lib? ws_symbol_export.h should IMHO account for this.
Something like:

#if (defined (_WIN32) || defined (__CYGWIN__))  !defined(WS_STATIC_LIB)
 #ifdef WS_BUILD_DLL
   #ifdef __GNUC__
 #define WS_DLL_PUBLIC __attribute__ ((dllexport))
   #else
 #define WS_DLL_PUBLIC __declspec(dllexport) // Note: actually gcc seems to 
also support this syntax.
   #endif
..

There is some interest out there to use libwireshark outside *shark programs:
 
http://stackoverflow.com/questions/10308127/using-libwireshark-to-get-wireshark-functionality-programatically

The old Packetyzer 5.0 also uses ethereal libs. See:
 http://sourceforge.net/projects/packetyzer/

--gv 


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] new dissector - dynamic value string table?

[Gisle Vanem]

Max Baker m...@warped.org wrote:


I've created a new dissector for USB PTP
(http://en.wikipedia.org/wiki/Picture_Transfer_Protocol) .  This is the
protocol most digital cameras speak over USB.   I've gotten far enough
to do the basic dissection, and I'm pretty stoked on the results!


Just a side-question. Anybody have any experience on USB-snooping
on Windows? Is it possible at all? The page
http://wiki.wireshark.org/CaptureSetup/USB

describes how it's done under Linux. This page
http://benoit.papillault.free.fr/usbsnoop/

describes it for Win, but the project seems abandoned. It would
be cool it add usb-sniffing to libpcap or Wireshark itself. Ref. airpcap.

--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problems in capture_win_ifnames.c

[Gisle Vanem]

Guy Harris g...@alum.mit.edu wrote:


Checked in (with the checks and #defines moved up a little earlier).


Thanks. Works fine now. But I'm curious about why this:

 #if 0 /* XXX: including config.h causes compilation errors; TBD: why */
 #include config.h

is needed. config.h should be able to live up there. No?

And since the capture_win_ifnames.c code needs WS2, this:
 #include windows.h
 #include winsock2.h

should be:
 #include winsock2.h
 #include windows.h

incase someone forgot to add _WIN32_LEAN_AND_MEAN
(which includes winsock.h by default).

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Problems in capture_win_ifnames.c

[Gisle Vanem]

The code in capture_win_ifnames.c assume there's always
a GUID in the ifname. Not so here. From my 'tcpdump -D':
 1: \\.\airpcap00
 2: \Device\NPF_GenericDialupAdapter
 3: \Device\NPF_{7F56352E-EF2F-49F4-844C-BA1FA0105667}
 4: \Device\NPF_{8D3A23A7-9C6C-408B-A23B-6736F9E56510}
 5: \Device\NPF_{37FC13D9-2F52-47CA-AB64-32B2B434C749}
 6: \Device\NPF_{75451EE7-5145-471A-BAF5-124BE8439D10}

So a dumpcap.exe -L complains:
 Failed the extract guid from interface devicename, unicode convert result=14, guid input ='\\.\airpcap00', 
LastErrorCode=0x.
 Failed the extract guid from interface devicename, unicode convert result=21, guid input ='GenericDialupAdapter', 
LastErrorCode=0x.

...

Besides the code seems to need a Vista SDK since 'NETIO_STATUS' here
(Win-XP SP3) is only defined in netioapi.h. Which is not included AFAICS.
Verified by cl -showIncludes. A small fix:


--- SVN-Latest\capture_win_ifnames.cThu Nov 22 01:56:25 2012
+++ capture_win_ifnames.c   Thu Nov 22 18:16:21 2012
@@ -48,6 +48,14 @@
#include capture_ifinfo.h
#include capture_win_ifnames.h
#include wsutil/file_util.h
+
+#ifndef NDIS_IF_MAX_STRING_SIZE
+#define NDIS_IF_MAX_STRING_SIZE IF_MAX_STRING_SIZE   /* =256 in ifdef.h */
+#endif
+
+#ifndef NETIO_STATUS
+#define NETIO_STATUS DWORD
+#endif

/* Link with ole32.lib - provides CLSIDFromString() to convert guid text to a 
GUID */
#pragma comment(lib, ole32.lib)


--gv 


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Problems in capture_win_ifnames.c

[Gisle Vanem]

Gisle Vanem gva...@broadpark.no wrote:


The code in capture_win_ifnames.c assume there's always
a GUID in the ifname. Not so here. From my 'tcpdump -D':


I saw the changes of capture_win_ifnames.c in SVN regarding the
missing GUID. But the g_log() error-text is still messing things up:

tshark.exe -D
1. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00)
2. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)
...

tshark.exe -i 2
Capturing on 'Adapter for generic dialup and VPN capture'
tshark: Unknown message from dumpcap, try to show it as a string: Failed the extract guid 
from interface devicename, unicode convert result=14, guid input ='\\.\airpcap00', LastErrorCode=0x.
Failed the extract guid from interface devicename, unicode convert result=21, guid input ='GenericDialupAdapter', 
LastErrorCode=0x.


Can this text go somewhere else?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Huge command-line in tools/make-dissector-reg.py

[Gisle Vanem]

I'm running into problems with the huge command-line passed to my shell in 
generating register.c (I'm using a home-made build-system for the MSVC version 
of Wireshark ... based on Mingw-make/Msys sh). So can you please accept this 
patch to use a response-file in tools/make-dissector-reg.py?


--- SVN-Latest\tools\make-dissector-reg.py  2012-09-25 10:22:34.37500 
+0200
+++ tools\make-dissector-reg.py 2012-10-16 13:39:18.65625 +0200
@@ -63,9 +63,17 @@


#
-# All subsequent arguments are the files to scan.
+# If last arg is '@resp_file', read the list of files
+# from this response-file. Otherwise
+# all subsequent arguments are the files to scan.
#
-files = sys.argv[3:]
+if sys.argv[3][0] == '@':
+  resp_file = sys.argv[3][1:]
+  print (Reading response file: %s  % resp_file)
+  file = open(resp_file,'r')
+  files = file.read().split()
+else:
+  files = sys.argv[3:]

# Create the proper list of filenames
filenames = []


--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] wsutil/unicode-utils.c

[Gisle Vanem]

utf_8to16() and utf_16to8() uses indices from 0 to 3. So there should be 4 
buffers
for length and data. No?

--- SVN-Latest\wsutil\unicode-utils.c   2012-07-05 19:01:54.078125000 +0200
+++ wsutil\unicode-utils.c  2012-10-02 15:00:36.65625 +0200
@@ -52,8 +52,8 @@
wchar_t *
utf_8to16(const char *utf8str)
{
-  static wchar_t *utf16buf[3];
-  static int utf16buf_len[3];
+  static wchar_t *utf16buf[4];
+  static int utf16buf_len[4];
  static int idx;

  if (utf8str == NULL)
@@ -107,8 +107,8 @@
gchar *
utf_16to8(const wchar_t *utf16str)
{
-  static gchar *utf8buf[3];
-  static int utf8buf_len[3];
+  static gchar *utf8buf[4];
+  static int utf8buf_len[4];
  static int idx;

  if (utf16str == NULL)


--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] wsutil/unicode-utils.c

[Gisle Vanem]

Jakub Zawadzki darkjames...@darkjames.pl wrote:


On Tue, Oct 02, 2012 at 03:02:11PM +0200, Gisle Vanem wrote:

utf_8to16() and utf_16to8() uses indices from 0 to 3.


Nope, from 0 to 2.


Bummer! Long time since I used the 'mod' operator.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] TPG tool files

[Gisle Vanem]

The files in tools/tpg seems to have DOS/Win line-endings (CR-LF). 
This doesn't work well with the Cygwin compiled perl I have here. 
Could you pass them through dos2unix before adding to svn?


--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] TPG tool files

[Gisle Vanem]

Jeff Morriss jeff.morriss...@gmail.com wrote:


Gisle Vanem wrote:
The files in tools/tpg seems to have DOS/Win line-endings (CR-LF). This 
doesn't work well with the Cygwin compiled perl I have here. Could you 
pass them through dos2unix before adding to svn?


Those files all have svn:eol-style set to 'native' (like most of the 
rest of Wireshark) which means they should have, well, native line 
endings.  I forget exactly what that means in the Cygwin world though...


It is LF by default unless one messes with /etc/fstab. I tried putting this
in my %HOME\Subversion\config:
 enable-auto-props = yes
 ...
 [auto-props]
 ...
 *.pl = svn:eol-style=lf
 *.yp = svn:eol-style=lf

But it only has effect on newly added or imported files. I'll think I
have to add some dos2unix calls in my 'svn update' script.

--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] TPG tool files

[Gisle Vanem]

Guy Harris g...@alum.mit.edu wrote:

found a bunch of stuff about problems with Perl scripts processing text files, and some stuff about 
problems with *bash* handling shell scripts with CR-LF line endings, but nothing specifically about Perl.


Thank for the CygWin info Guy.

Yap is a Perl script. So problems with Perl scripts processing text files 
AFAICS apply here since tpg.yp is a text file with CRLF endings.


I'll check the Cygwin '/etc/mount' options more closely.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Patch: epan/stats_tree_priv.h

[Gisle Vanem]

The implementation of 'stats_tree_get_cfg_by_abbr()' takes a
'const char *', so why shouldn't the prototype do the same?

--- SVN-Latest\epan\stats_tree_priv.h   Thu Feb 23 01:51:50 2012
+++ epan\stats_tree_priv.h  Thu May 31 13:08:15 2012
@@ -179,7 +179,7 @@
extern gchar *stats_tree_get_abbr(const gchar *optarg);

/** obtains a stats tree from the registry given its abbr */
-extern stats_tree_cfg *stats_tree_get_cfg_by_abbr(gchar *abbr);
+extern stats_tree_cfg *stats_tree_get_cfg_by_abbr(const char *abbr);

/** extracts node data as strings from a stat_node into
   the buffers given by value, rate and precent

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Patch: epan/stats_tree_priv.h

[Gisle Vanem]

Jakub Zawadzki darkjames...@darkjames.pl wrote:


Hi,

On Thu, May 31, 2012 at 09:13:50PM +0200, Gisle Vanem wrote:

The implementation of 'stats_tree_get_cfg_by_abbr()' takes a
'const char *', so why shouldn't the prototype do the same?


Really? Looking at code it's without const:
http://code.wireshark.org/git/?p=wireshark;a=blob;f=epan/stats_tree.c;h=7344cf6091ab18664e64f7d11874f67004a11216;hb=HEAD#l359


Strange. Did a fresh 'svn checkout' and I see you're right.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] PCH in packet-nbap-template.c

[Gisle Vanem]

asn1/nbap/packet-nbap-template.c now introduces an enum value
'PCH' that clashes with 'PCH' in WinNT.h.

According to:
 
http://anonsvn.wireshark.org/viewvc/trunk/asn1/nbap/packet-nbap-template.c?r1=42779r2=42783

The change happened at May 22 15:39:12. Could that be renamed to '_PCH'?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Linking reassemble_test.exe

[Gisle Vanem]

Isn't reassemble_test.exe among the targets on Windows?
(or any OS; I dont understand the 'EXTRA_DIST' stuff in
epan/Makefile.am).

Can't seems to make it link because of a missing export of
'proto_registrar_get_name' in epan/libwireshark.def. Hence, I think
patch should fix it:

--- SVN-Latest\epan\libwireshark.defTue May 15 00:17:00 2012
+++ epan\libwireshark.def   Wed May 16 17:27:51 2012
@@ -801,6 +801,7 @@
proto_registrar_dump_ftypes
proto_registrar_get_ftype
proto_registrar_get_byname
+proto_registrar_get_name
proto_registrar_get_nth
proto_registrar_get_parent
proto_registrar_get_abbrev

And now reasseble_test.exe works too:

Starting test test_simple_fragment_add_seq
Starting test test_fragment_add_seq_partial_reassembly
Starting test test_fragment_add_seq_duplicate_first
Starting test test_fragment_add_seq_duplicate_middle
Starting test test_fragment_add_seq_duplicate_last
Starting test test_fragment_add_seq_duplicate_conflict
Starting test test_fragment_add_dcerpc_dg
Starting test test_fragment_add_seq_check
Starting test test_fragment_add_seq_check_1
Starting test test_fragment_add_seq_802_11_0
Starting test test_fragment_add_seq_802_11_1
Starting test test_simple_fragment_add_seq_next
Starting test test_missing_data_fragment_add_seq_next
Starting test test_missing_data_fragment_add_seq_next_2
Starting test test_missing_data_fragment_add_seq_next_3
SUCCESS

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Linking reassemble_test.exe

[Gisle Vanem]

Jeff Morriss jeff.morriss...@gmail.com wrote:

Hmmm, reassemble_test doesn't use that symbol directly, it's used within 
libwireshark, so technically I don't think it should need to be exported.


Ops, you're right. Somehow my $(REASSEMBLE_TEST_OBJ) included reassemble.obj
etc. Hence the link failure.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Crash in airpcap_ui_dlg.c

[Gisle Vanem]

When I did this:

1. Open menu 'Capture | Interfaces' and select 'Options | Manage Interfaces'.
2. Click 'Local Interfaces' with the intention to hide the interface
  'MS Tunnel interface driver', I got a crash at 
airpcap_channel_offset_changed_cb().

I'm not sure how the right way (TM) of hiding an interface is supposed to work. 
But
this is the offending snippet:

void
airpcap_channel_offset_changed_cb(GtkWidget *channel_offset_cb, gpointer data 
_U_)
{
!!   airpcap_if_selected-channelInfo.ExtChannel = 
airpcap_get_selected_channel_offset(channel_offset_cb);
   airpcap_if_selected-saved = FALSE;

WinDbg shows 'airpcap_if_selected' is NULL. W/o knowing why, this patch fixed 
it for me:


--- SVN-Latest\ui\gtk\airpcap_gui_utils.c   Fri Apr 20 18:02:07 2012
+++ ui\gtk\airpcap_gui_utils.c  Wed May 16 22:37:02 2012
@@ -556,6 +556,9 @@
void
airpcap_channel_offset_changed_cb(GtkWidget *channel_offset_cb, gpointer data 
_U_)
{
+   if (!airpcap_if_selected)
+  return;
+
airpcap_if_selected-channelInfo.ExtChannel = 
airpcap_get_selected_channel_offset(channel_offset_cb);
airpcap_if_selected-saved = FALSE;
change_airpcap_settings = TRUE;

These are my ifaces:

G:\MingW32\src\inet\Wiresharktshark.exe -D
1. \\.\airpcap00 (AirPcap USB wireless capture adapter nr. 00)
2. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)
3. \Device\NPF_{7F56352E-EF2F-49F4-844C-BA1FA0105667} (MS Tunnel Interface 
Driver)
4. \Device\NPF_{8D3A23A7-9C6C-408B-A23B-6736F9E56510} (Realtek 10/100/1000 
Ethernet NIC
  )
5. \Device\NPF_{37FC13D9-2F52-47CA-AB64-32B2B434C749} (Realtek RTL8187 Wireless 
LAN USB NIC
   )
6. \Device\NPF_{75451EE7-5145-471A-BAF5-124BE8439D10} (WAN (PPP/SLIP) Interface)

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Unable to build Wireshark v1.6.7

[Gisle Vanem]

Rajesh P S rajeshnie...@gmail.com wrote:


It says that it is not able to find ps.c file. Suggest some fix for it?


Maybe you don't have Python installed? It is required to build
ps.c.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Python error: execvp: bad file number

[Gisle Vanem]

I hit a problem with the Python generation of epan/dissectors/register.c.
The message from my python (v. 2.7.2) at this stage was:
 
.. execvp: python: Bad file number


after reading the docs on '_execvp' [1] at MSDN, I suspect this error 
is related to the very long command-line given to python to generate 
the file register.c. The MSDN article specifies that the size of the command-

line *and* the environment cannot exceed 32 Kbytes. This seems to be the
case here. My environment size is (when python starts), almost 12 kB.
And the size of the command-line here is approx. 32kB.

Hence, if I understand this correctly, the 'errno' value (inside python's CRT 
or the CRT it uses) is set to 'E2BIG'. And 'strerror(E2BIG)' maps to bad file number. 
But I fail to see which C-runtime returns this specific text. A quick test shows that 
my MSVCRT.DLL, MSVCR90.DLL etc. (and all previous versions) has a 'strerror(E2BIG)' 
that returns arg list too long. So is it possible that my python uses another 'strerror()' 
or uses a custom version?. I'm confused.


A fix for me is to disable use of Python for this. I.e. comment away PYTHON in 
config.nmake. Has anyone else seen a problem like this? 


I use python version 2.7.2 in Win-XP SP3.

[1] http://msdn.microsoft.com/en-us/library/3xw6zy53.aspx

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Python error: execvp: bad file number

[Gisle Vanem]

Graham Bloice graham.blo...@trihedral.com wrote:


I built on the same platform just a few minutes ago (from trunk r41048)  and
register.c was fine.  I'm using python 2.7.1 though.  How are you
determining your environment size?


I'm sure the is a function for this,  but I approximated by a 
set  foo, counting the lines (wc -c foo). Isn't each env-var 
separated by a 0 in a block somewhere? Hence 
 env-size ~= size of foo - lines in foo. 


(since each line has a '\r\n' termination).

--gv 
___

Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Generated ui/qt files

[Gisle Vanem]

Generated files in ui/qt should perhaps not be put in
the SVN repo. This one is there now:
 ui\qt\qrc_toolbar.cpp

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] [Wireshark-commits] rev 40321: /trunk/ /trunk/epan/: base64.h epan.h epan_dissect.h ex-opt.h prefs.h strutil.h timestamp.h tvbuff.h /trunk/gtk/: recent.h /trunk/: airpcap_loader.h

[Gisle Vanem]

Gerald Combs ger...@wireshark.org wrote:


Checked in in r40378. At the present time you must compile the main
sources using CMake, then compile the Qt code using Qt Creator. More
information can be found in doc/README.qt.


I've built Qt-GUI using MSVC2010. Looks rather simple now, but good
job! Only offline capture works for me now. See:
 http://home.broadpark.no/~gvanem/misc/wireshark-qt.png

But, the LFLAGS in the generated makefile contains a '-subsystem:windows'. 
(so I guess main() is defined in qtmain.lib?). This causes wireshark -h 
to output nothing. Do we need to use the create-console-kludge as in 
gtk/main.c still? Using '-subsystem:console' works for me.

Is there an option to insert this into QtShark.pro?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Crashes while Airpcap sniffing

[Gisle Vanem]

There are some places in the ./gtk sources that causes a
crash while sniffing on a AirPcap adapter. I don't know why;
maybe most code assumes the captured frames contain network
layer packets. Since my Airpcap (\\.\airpcap00 on Win-XP) only gives
me IEEE 802.11 radio frames, I can only speculate.

I.e. here is one situation in gtk/stats_tree_stat.c:

void gtk_stats_tree_cb(GtkAction *action, gpointer user_data _U_)
{
...
cfg = stats_tree_get_cfg_by_abbr(abbr);
if(cfg){
 tap_param_dlg_cb(action, cfg-pr-stat_dlg);

Pressing the menu Statistics | Sametime | Messages while sniffing on 
AirPcap ... kaboom! Since cfg != NULL, but cgf-pr == NULL. What's the 
story here?


A simple patch:

--- SVN-Latest\gtk\stats_tree_stat.cMon Oct 31 11:17:42 2011
+++ gtk\stats_tree_stat.c   Mon Jan 02 16:11:12 2012
@@ -389,7 +389,7 @@
   abbr = g_strdup_printf(%s,action_name);
   }
   cfg = stats_tree_get_cfg_by_abbr(abbr);
-   if(cfg){
+   if(cfg  cfg-pr){
   tap_param_dlg_cb(action, cfg-pr-stat_dlg);
   }else{
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,

But it would be nicer if that menu would be greyed out. But I have no
idea on how to do it myself.

There are also this situation (which I can get back to): when getting 
an unexpected Information Element ID, the function 
capture_if_details_802_11_bssid_list() tries to hex-dump a buffer and 
reading beyond the buffer returned by wpcap_packet_request(). Kaboom again. 


--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] How can I use the dissector of wireshark in my program?

[Gisle Vanem]

homeryan homer...@live.cn wrote:

   I am a student from China, one of my homework is developing a simple network analyzer act just like wireshark. I decided to 
develop GUI interface and module of packets capture. But the part of dissector is too complex for me to complish, so, how can I 
invoke or use the dissector included in wireshark directly? Is there any interface and docs exist?

   Thanks, your help will be great appreciated.


There is/was a GPL project called Packetyzer that did use the dissectors from
Wireshark (then called Ethereal, i.e. it linked to libethereal.dll). But the 
project seems
dead and it seems to be written in both C++ and Delphi (!). Haven't taken a 
closer
look. There are still some install files and sources at SourgeForge from that
project. The GUI looks very nice and fast.

Sources:
 http://packetyzer.cvs.sourceforge.net/viewvc/packetyzer/packetyzer/
 Click Download GNU tarball and get the .tar.gz file.

The mainpage is at:
 http://sourceforge.net/projects/packetyzer/

--gv


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] packet-rlc.c problems

[Gisle Vanem]

Chris Maynard chris.mayn...@gtech.com wrote:


Should be fixed in r39865.  Hopefully the names I've chosen are sensible enough.


Ok, good. Similar problem with packet-spice.c;
 epan/dissectors/packet-spice.c(588) : error C2371: 'POINT' : redefinition; 
different basic types
   g:\VC_2010\SDK\include\windef.h(343) : see declaration of 'POINT'.

So I suggest we rename 'POINT*' to 'SPICE_POINT*'. Attached 'svn diff 
packet-spice.c'.

--gv

Index: packet-spice.c
===
--- packet-spice.c  (revision 39879)
+++ packet-spice.c  (working copy)
@@ -585,16 +585,16 @@
typedef struct {
gint32 x;
gint32 y;
-} POINT;
+} SPICE_POINT;

-#define sizeof_POINT 8
+#define sizeof_SPICE_POINT 8

typedef struct {
gint16 x;
gint16 y;
-} POINT16;
+} SPICE_POINT16;

-#define sizeof_POINT16 4
+#define sizeof_SPICE_POINT16 4

#defineSPICE_BRUSH_TYPE_NONE 0
#defineSPICE_BRUSH_TYPE_SOLID 1
@@ -609,7 +609,7 @@

typedef struct {
guint64 image;
-POINT position;
+SPICE_POINT position;
} Pattern;

#define sizeof_Pattern 16
@@ -631,7 +631,7 @@

typedef struct {
guint8 flags;
-POINT position;
+SPICE_POINT position;
guint32 bitmap;
} Mask;

@@ -1532,18 +1532,18 @@
return type;
}

-static POINT
+static SPICE_POINT
dissect_POINT(tvbuff_t *tvb, proto_tree *tree, const guint32 offset)
{
proto_item *ti=NULL;
proto_tree *point_tree;
-POINT point;
+SPICE_POINT point;

point.x = tvb_get_letohl(tvb, offset);
point.y = tvb_get_letohl(tvb, offset + 4);

if (tree) {
-ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT, POINT (%u, 
%u), point.x, point.y);
+ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT, POINT (%u, 
%u), point.x, point.y);
point_tree = proto_item_add_subtree(ti, ett_point);

proto_tree_add_text(point_tree, tvb, offset, 4, x: %u, point.x);
@@ -1553,18 +1553,18 @@
return point;
}

-static POINT16
+static SPICE_POINT16
dissect_POINT16(tvbuff_t *tvb, proto_tree *tree, const guint32 offset)
{
proto_item *ti=NULL;
proto_tree *point16_tree;
-POINT16 point16;
+SPICE_POINT16 point16;

point16.x = tvb_get_letohs(tvb, offset);
point16.y = tvb_get_letohs(tvb, offset + 2);

if (tree) {
-ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT16, POINT16 (%u, 
%u), point16.x, point16.y);
+ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT16, POINT16 
(%u, %u), point16.x, point16.y);
point16_tree = proto_item_add_subtree(ti, ett_point16);

proto_tree_add_text(point16_tree, tvb, offset, 2, x: %u, 
point16.x);
@@ -1587,7 +1587,7 @@
proto_tree_add_item(Mask_tree, hf_Mask_flag, tvb, offset, 1, 
ENC_LITTLE_ENDIAN);
offset += 1;
dissect_POINT(tvb, Mask_tree, offset);
-offset += sizeof_POINT;
+offset += sizeof_SPICE_POINT;
bitmap = tvb_get_letohl(tvb, offset);
proto_tree_add_item(Mask_tree, hf_Mask_bitmap, tvb, offset, 4, 
ENC_LITTLE_ENDIAN);
offset += 4;
@@ -1938,7 +1938,7 @@
displayBaseLen = dissect_DisplayBase(tvb, tree, offset);
offset += displayBaseLen;
dissect_POINT(tvb, tree, offset);
-offset += sizeof_POINT;
+offset += sizeof_SPICE_POINT;
break;
case SPICE_DISPLAY_DRAW_WHITENESS:
displayBaseLen = dissect_DisplayBase(tvb, tree, offset);
@@ -2153,7 +2153,7 @@
switch(message_type) {
case SPICE_CURSOR_INIT:
dissect_POINT16(tvb, tree, offset);
-offset += sizeof_POINT16;
+offset += sizeof_SPICE_POINT16;
proto_tree_add_item(tree, hf_cursor_trail_len, tvb, offset, 2, 
ENC_LITTLE_ENDIAN);
offset += 2;
proto_tree_add_item(tree, hf_cursor_trail_freq, tvb, offset, 2, 
ENC_LITTLE_ENDIAN);
@@ -2168,14 +2168,14 @@
break;
case SPICE_CURSOR_SET:
dissect_POINT16(tvb, tree, offset);
-offset += sizeof_POINT16;
+offset += sizeof_SPICE_POINT16;
offset +=1; /*TODO flags */
RedCursorSize = dissect_RedCursor(tvb, tree, offset);
offset += RedCursorSize;
break;
case SPICE_CURSOR_MOVE:
dissect_POINT16(tvb, tree, offset);
-offset += sizeof_POINT16;
+offset += sizeof_SPICE_POINT16;
break;
case SPICE_CURSOR_HIDE:
proto_tree_add_text(tree, tvb, offset, 0, CURSOR_HIDE message);
@@ -2430,20 +2430,20 @@
offset += 2;
break;
case SPICEC_INPUTS_MOUSE_POSITION:
-ti = proto_tree_add_text(tree, tvb, offset, sizeof_POINT + 3, Client 
MOUSE_POSITION message);
+ti = proto_tree_add_text(tree, tvb, offset, sizeof_SPICE_POINT + 3, 
Client MOUSE_POSITION message);
inputs_tree = proto_item_add_subtree(ti, ett_inputs_client);
dissect_POINT(tvb, 

[Wireshark-dev] packet-rlc.c problems

[Gisle Vanem]

Just a FYI:

epan/dissectors/packet-rlc.c(113) : error C2365: 'PCCH' : redefinition; 
previous definition was 'typedef'
   g:\VC_2010\SDK\include\winnt.h(419) : see declaration of 'PCCH'
epan/dissectors/packet-rlc.c(113) : error C2086: 'channel_type PCCH' : 
redefinition
   epan/dissectors/packet-rlc.c(113) : see declaration of 'PCCH'
epan/dissectors/packet-rlc.c(902) : error C2275: 'PCCH' : illegal use of this 
type as an expression
   g:\VC_2010\SDK\include\winnt.h(419) : see declaration of 'PCCH'
epan/dissectors/packet-rlc.c(902) : error C2046: illegal case
epan/dissectors/packet-rlc.c(1628) : error C2143: syntax error : missing ')' 
before 'type'
epan/dissectors/packet-rlc.c(1628) : error C2198: 'dissect_rlc_tm' : too few 
arguments for call
epan/dissectors/packet-rlc.c(1628) : error C2059: syntax error : ')'

Can we rename 'PCCH' to something more sensible?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] AthTek NetWalk

[Gisle Vanem]

Guy Harris g...@alum.mit.edu wrote:

Is there an MSVC tool to look find out what DLLs an executable uses?  
(I.e., the equivalent of, say, ldd on many systems using ELF, or otool on Mac OS X.)


cygcheck from the CygWin package. Running it on AthTek's version of wireshark
reveals this.

G:\internet\sniffer\AthTek-NetWalk\wiresharkcygcheck wireshark.exe
Found: ./\wireshark.exe
./\wireshark.exe
 .\libglib-2.0-0.dll
   f:\windows\system32\ADVAPI32.DLL
 f:\windows\system32\KERNEL32.dll
   f:\windows\system32\ntdll.dll
 f:\windows\system32\RPCRT4.dll
   f:\windows\system32\Secur32.dll
   f:\windows\system32\msvcrt.dll
   f:\windows\system32\OLE32.dll
 f:\windows\system32\GDI32.dll
   f:\windows\system32\USER32.dll
   f:\windows\system32\SHELL32.DLL
 f:\windows\system32\SHLWAPI.dll
   f:\windows\system32\WS2_32.DLL
 f:\windows\system32\WS2HELP.dll
 .\libgthread-2.0-0.dll
 .\libwireshark.dll
   .\libgmodule-2.0-0.dll
   .\libcares-2.dll
   .\zlib1.dll
 .\MSVCR90.dll
   .\libgcrypt-11.dll
 .\libgpg-error-0.dll
   .\libgnutls-26.dll
 .\libtasn1-3.dll
   .\smi.dll
   .\libwsutil.dll
   .\krb5_32.dll
 .\comerr32.dll
   .\k5sprt32.dll
   .\lua5.1.dll
   .\wiretap-0.3.1.dll
 .\MSVCP90.dll

But I failed to get AthTek to work; it didn't capture a single byte on any 
interface
I tried it on.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] _STAT_H in epan/stat_cmd_args.h

[Gisle Vanem]

The header-guard '_STAT_H_' in epan/stat_cmd_args.h clashes with the
header-guard in MingW's sys/stat.h. Hence the protype for
'register_stat_cmd_arg()' isn't seen when sys/stat.h is included first.
Would you please rename the guard like this:

--- epan\stat_cmd_args.hTue Jun 24 06:44:59 2008
+++ SVN-Latest\epan\stat_cmd_args.h Tue Aug 23 15:07:31 2011
@@ -23,8 +23,8 @@
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 */

-#ifndef _STAT_H_
-#define _STAT_H_
+#ifndef _STAT_CMD_ARGS_H_
+#define _STAT_CMD_ARGS_H_

extern void register_stat_cmd_arg(const char *cmd,
void (*func)(const char *arg,void* userdata), void* userdata);

---

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Crash in gtk_stats_tree_cb()

[Gisle Vanem]

When right after statup and before I choose any interface, I get a crash
when I enter the Statistics | Packet Lengths.. menu. From WinDbg:

wireshark!gtk_stats_tree_cb(struct _GtkAction * action = 0x63a57e95, void * 
user_data = 0x03fb63f0)+0x44
WARNING: Stack unwind information not available. Following frames may be wrong.
libgobject_2_0_0!g_closure_invoke+0x115
libgobject_2_0_0!g_signal_has_handler_pending+0xf45
libgobject_2_0_0!g_signal_emit_valist+0x7b1
libgobject_2_0_0!g_signal_emit+0x26
...

Looks like the offending line is:

cfg = stats_tree_get_cfg_by_abbr(abbr);
if(cfg){
 tap_param_dlg_cb(action, cfg-pr-stat_dlg); !!
}else{
   simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK,
 Failed to find the stat tree named %s,
 abbr);

I.e. 'cfg' is != NULL, but 'cfg-pr' is.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] gtk/capture_dlg.h

[Gisle Vanem]

Building w/o HAVE_PCAP_REMOTE or HAVE_PCAP_SETSAMPLING, I
got this error from MSVC:

 file_dlg_win32.c
 G:\MingW32\src\inet\Wireshark\gtk\capture_dlg.h(58) : error C2016: C 
 requires that a struct or union has at least one member


Can be solved by adding a dummy value:

--- SVN-Latest\gtk\capture_dlg.hWed Aug 17 17:16:30 2011
+++ gtk\capture_dlg.h   Wed Aug 17 22:28:27 2011
@@ -55,6 +55,7 @@
capture_sampling sampling_method;
int sampling_param;
#endif
+  int dummy;
} remote_options;


--

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] [Patch] wsutil/privileges.c

[Gisle Vanem]

init_process_policies() has this:
 typedef BOOL (*SetProcessDEPPolicyHandler)(DWORD);

Surely the function must be WINAPI? According to:
 http://msdn.microsoft.com/en-us/library/bb736299(v=vs.85).aspx

anyway. So, here is a patch. Besides I've rewritten the assignment and if-test:

--- SVN-Latest\wsutil\privileges.c  Mon Feb 21 19:33:10 2011
+++ wsutil\privileges.c Wed Aug 17 17:25:16 2011
@@ -48,7 +48,7 @@
init_process_policies(void)
{
   HMODULE kernel32Handle;
-   typedef BOOL (*SetProcessDEPPolicyHandler)(DWORD);
+   typedef BOOL (WINAPI *SetProcessDEPPolicyHandler)(DWORD);
   SetProcessDEPPolicyHandler PSetProcessDEPPolicy;

#ifndef PROCESS_DEP_ENABLE
@@ -70,7 +70,8 @@
*/
   kernel32Handle = GetModuleHandle(_T(kernel32.dll));
   if (kernel32Handle != NULL) {
-   if (PSetProcessDEPPolicy = (SetProcessDEPPolicyHandler) 
GetProcAddress(kernel32Handle, SetProcessDEPPolicy)) {
+   PSetProcessDEPPolicy = (SetProcessDEPPolicyHandler) 
GetProcAddress(kernel32Handle, SetProcessDEPPolicy);
+   if (PSetProcessDEPPolicy) {
   PSetProcessDEPPolicy(PROCESS_DEP_ENABLE);
   }
   }



--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] [Patch] wsutil/file_util.c

[Gisle Vanem]

Here is another patch for a missing WINAPI:

--- SVN-Latest\wsutil\file_util.c   Mon Jul 18 21:40:32 2011
+++ wsutil\file_util.c  Wed Aug 17 21:36:27 2011
@@ -487,10 +487,11 @@
  gboolean dll_dir_set = FALSE;
  wchar_t *program_path_w;

-  typedef BOOL (*SetDllDirectoryHandler)(LPCTSTR);
+  typedef BOOL (WINAPI *SetDllDirectoryHandler)(LPCTSTR);
  SetDllDirectoryHandler PSetDllDirectory;

-  if (PSetDllDirectory = (SetDllDirectoryHandler) 
GetProcAddress(GetModuleHandle(_T(kernel32.dll)), SetDllDirectoryW)) {
+  PSetDllDirectory = (SetDllDirectoryHandler) 
GetProcAddress(GetModuleHandle(_T(kernel32.dll)), SetDllDirectoryW);
+  if (PSetDllDirectory) {
   dll_dir_set = PSetDllDirectory(_T());
  }

-

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Crash in gtk/conversations_table.c

[Gisle Vanem]

While clicking inside the Statistics | Conversations window (blank window btw)
and pressing the Follow stream button, I got a crash. From WinDbg (my JIT 
debugger):

wireshark!follow_stream_cb(struct _GtkWidget * follow_stream_bt = 0x63a57e95, 
void * data = 0x046533f0)+0x1c
WARNING: Stack unwind information not available. Following frames may be wrong.
libgobject_2_0_0!g_closure_invoke+0x115
libgobject_2_0_0!g_signal_has_handler_pending+0xf45
libgobject_2_0_0!g_signal_emit_valist+0x7b1
libgobject_2_0_0!g_signal_emit+0x26
libgtk_win32_2_0_0!gtk_button_clicked+0x40
..

The offender:

follow_stream_cb(GtkWidget *follow_stream_bt, gpointer data _U_)
{
   conversations_table *ct = g_object_get_data (G_OBJECT(follow_stream_bt), 
CONV_PTR_KEY);
   GtkTreeIter iter;
   GtkTreeModel *model;
   GtkTreeSelection  *sel;
   guint32 idx = 0;
   gchar *filter;
   conv_t *conv;

   sel = gtk_tree_view_get_selection (GTK_TREE_VIEW(ct-table));

It crashed because 'ct' is NULL. Why, I don't know, but maybe we should
bail out if 'ct' is NULL:

--- SVN-Latest\gtk\conversations_table.cThu Jul 21 20:52:02 2011
+++ gtk\conversations_table.c   Wed Aug 17 23:15:56 2011
@@ -2473,6 +2473,9 @@
gchar *filter;
conv_t *conv;

+if (!ct)
+   return;
+
sel = gtk_tree_view_get_selection (GTK_TREE_VIEW(ct-table));
if (!gtk_tree_selection_get_selected(sel, model, iter)) {
simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, No conversation selected);

---

All this was while watching AirPcap traffic ... i.e. no streams.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Crash in gtk/conversations_table.c

[Gisle Vanem]

Guy Harris g...@alum.mit.edu wrote:


and pressing the Follow stream button,


It let you press Follow stream?  I did a capture on the loopback interface, and got 
a window with no conversations, and the Follow stream button was grayed out.


Not greyed out here. No idea why. It should.

--gv


___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c

[Gisle Vanem]

This:
 #ifdef _MSC_VER
 #define localtime_r(a, b) memcpy((b), localtime((a)), sizeof(struct tm));
 #endif

doesn't look so safe. We should maybe use the localtime_r() in
wsutil/strptime.c?

--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c

[Gisle Vanem]

Stig Bjørlykke s...@bjorlykke.org wrote:


On Tue, Aug 16, 2011 at 12:17 AM, Gisle Vanem gisle.va...@gmail.com wrote:

This:
#ifdef _MSC_VER
#define localtime_r(a, b) memcpy((b), localtime((a)), sizeof(struct tm));
#endif

doesn't look so safe. We should maybe use the localtime_r() in
wsutil/strptime.c?


Or simply just use localtime, check the return value and then copy the values.
Like in revision 38569.


Agreed, that's better.

PS. Notice that my 1st email came from gisle.va...@gmail.com and took
approx. 6 hours to get on this list. Waiting for what? My normal address (the 
one
I subscribed from and the one I reply from now) is gva...@broadpark.no.
So it seems Mailman doesn't care so much about the address, but rather my name.
Anyone can subscribe and claim to be me. Doesn't sound correct.

--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] localtime_r() in gtk/timeshift_dlg.c

[Gisle Vanem]

On Tue, Aug 16, 2011 at 08:05:29PM +0200, Gisle Vanem wrote:
 So it seems Mailman doesn't care so much about the address, but rather my 
 name.
 Anyone can subscribe and claim to be me. Doesn't sound correct.

And anyone can change his name to 'Gisle Vanem', welcome to reality.
That's why if you care, you should use gpg to sign messages :-)
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Compiling Wireshark for Win32

[Gisle Vanem]

Helge Kruse helge.kruse-nos...@gmx.net wrote:


Why do you try to compile at all when you only need the import library?
It's generated with a one-liner:

link /dll /out:libwireshark.dll /def:libwireshark.def /implib:libwireshark.lib 
nul


Does it? Where are the .obj files in this command?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] [Patch] gtk/Makefile.common

[Gisle Vanem]

I cannot see that 'gtk/text_import_scanner_lex.h' is of any
use anymore. Hence we should remote it from gtk/Makefile.common:

--- SVN-Latest/gtk/Makefile.common Tue Mar 22 13:41:14 2011
+++ gtk/Makefile.common  Wed Apr 06 13:34:58 2011
@@ -24,8 +24,7 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

# Generated header files that we want in the distribution.
-GENERATED_HEADER_FILES = \
-   text_import_scanner_lex.h
+GENERATED_HEADER_FILES =

# Generated C source files that we want in the distribution.
GENERATED_C_FILES = \

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Ctrl-Scrollwheel

[Gisle Vanem]

I have a request for a UI-feature. I many Windows programs the combination
of pressing 'left Ctrl'-key while using the mouse scroll-wheel, the text in the
main window is zoomed out (scroll-wheel backward) or zoomed in (scroll-wheel
forward). Since Wireshark already has a zoom feature, could this feature be bound to 
the key/mouse-combination somehow? IMHO, it would be cool. I know next to nothing 
about Gtk+ programming, so I cannot implement this on my own. 


--gv

___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Messy capture_if_details_dlg_win32.c

[Gisle Vanem]

I'm not very happy about all the #ifdef-ing in capture_if_details_dlg_win32.c.
Isn't it possible to do away with those by using unique names for possibly 
missing constants and typedefs (structs and enums)? Like:

typedef unsigned short ws_eth_sa_family_t;
...

struct ws_sockaddr_storage {
ws_eth_sa_family_t  __ss_family; /* address family */
  ...
};
#define sockaddr_storage ws_sockaddr_storage
 
#include Packet32.h

And with the enums. E.g.:

 enum network_infrastructure {
 _Ndis802_11IBSS,
...
};

...

 static const value_string win32_802_11_infra_mode_vals[] = {
  { _Ndis802_11IBSS,   Ad Hoc },


Likewise with all the constants:

#ifndef NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA
#define NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA 0x0001
#define NDIS_MAC_OPTION_RECEIVE_SERIALIZED  0x0002
#define NDIS_MAC_OPTION_TRANSFERS_NOT_PEND  0x0004
...
#endif

I think we could ass-u-me that if e.g. NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA
isn't defined, neither are the other defines in that block. Hence we could do 
away with
all the _MSC_VER checks and make it completely compiler/SDK unaware. How about 
it?

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] [Patch] gtk/file_dlg_win32.c

[Gisle Vanem]

print_update_dynamic() isn't defined 'static' in file_dlg_win32.h. 
Hence:

--- gtk\file_dlg_win32.cSun Nov 21 04:04:45 2010
+++ gtk\file_dlg_win32.c Mon Nov 22 13:54:53 2010
@@ -886,7 +886,7 @@
 print_update_dynamic(dlg_hwnd, args);
 }

-static void
+void
 print_update_dynamic(HWND dlg_hwnd, print_args_t *args) {
 HWND cur_ctrl;

--

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] [Patch] gtk/file_dlg_win32.c

[Gisle Vanem]

Bill Meier wme...@newsguy.com wrote:

 Without knowing the code, but given that print_update_dynamic() appears 
 to be only used in file_dlg_win32.c I'd be inclined to remove the 
 declaration from the .h file
 
 Any reason not to ?

That would be the best, sure.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Wrong FCS in 802.11 capture

[Gisle Vanem]

 Can anybody verify the attached live capure I did just now?
 All the frames in the capture seems to have wrong Frame Check Sequence
 numbers.

False alarm or not, but all captures seems to be okay now.

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

Re: [Wireshark-dev] Wrong FCS in 802.11 capture

[Gisle Vanem]

Gianluca Varenni gianluca.vare...@cacetech.com wrote:

 They definitely look like junk... did the capture contain *only* such 
 errored frames?
 Which AirPcap adapter are you using (Classic, Tx, Ex, Nx)?

I only captured for 3-4 minutes using AirPcap 4.0 Classic.
(the one you kindly gave me).

--gv
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Wrong FCS in 802.11 capture

[Gisle Vanem]

Can anybody verify the attached live capure I did just now?
All the frames in the capture seems to have wrong Frame Check Sequence 
numbers. The capture was done with latest AirPcap on a Win-XP SP3 box running

the latest svn version of WireShark. Also verified with tshark.

--gv


ethera04084
Description: Binary data
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Easy codec plugin

[Gisle Vanem]

I have problems with plugins\easy_codec\codec*.c.
E.g.  codec-g722.c fails to compile with gcc 3.4.5 (MingW)
because of:

struct g722_context {
 CODER_HANDLE handle;
 short speach_buffer[L_G722_FRAME];
};

void *codec_g722_init(void) {
 g722_context *ctx = 0;

---

The struct should be typedef'ed AFAICS. An easy fix for me is
attached. 


PS. Yes, I did build WireShark using MingW and my own makefile.
It went like a breeze except for the above problem.

--gv

diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g722.c .\codec-g722.c
--- ..\..\SVN-Latest\plugins\easy_codec\codec-g722.cWed Dec 12 12:16:33 2007
+++ .\codec-g722.c  Wed Dec 12 13:08:00 2007
@@ -34,10 +34,10 @@

#include EasyG722/EasyG722.h

-struct g722_context {
+typedef struct g722_context {
  CODER_HANDLE handle;
  short speach_buffer[L_G722_FRAME];
-};
+} g722_context;

void *codec_g722_init(void) {
  g722_context *ctx = 0;
diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g7231.c 
.\codec-g7231.c
--- ..\..\SVN-Latest\plugins\easy_codec\codec-g7231.c   Wed Dec 12 12:16:33 2007
+++ .\codec-g7231.c Wed Dec 12 13:09:38 2007
@@ -34,11 +34,11 @@

#include EasyG7231/EasyG7231.h

-struct g7231_context {
+typedef struct g7231_context {
  CODER_HANDLE handle;
  short speach_buffer[L_G7231_FRAME];
  int l_g7231_frame_compressed;
-};
+} g7231_context;

void *codec_g7231_init(void) {
  g7231_context *ctx = 0;
diff -u3 -Hb -r ..\..\SVN-Latest\plugins\easy_codec\codec-g729a.c 
.\codec-g729a.c
--- ..\..\SVN-Latest\plugins\easy_codec\codec-g729a.c   Mon Dec 03 17:56:10 2007
+++ .\codec-g729a.c Wed Dec 12 13:08:49 2007
@@ -34,10 +34,10 @@

#include EasyG729A/EasyG729A.h

-struct g729a_context {
+typedef struct g729a_context {
  CODER_HANDLE handle;
  short speach_buffer[L_G729A_FRAME];
-};
+} g729a_context;

void *codec_g729a_init(void) {
  g729a_context *ctx = 0;
___
Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org
Archives:http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
 mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe

[Wireshark-dev] Build failure of easy_codec

[Gisle Vanem]

This plugin requires a C++ compiler because the ImTelephone folks
built the libs using a C++ compiler. How stupid is that?  But then
gcc -x c++ bails out with an error:

plugins/easy_codec/easy_codec_plugin.c:38: error: external linkage required for 
symbol 'version' be cause of 'dllexport' attribute.

Line 38 becomes (after the cpp stage):

__attribute__((dllexport)) const gchar version[] = 0.0.1;

I have no idea what the problem is. Anyone?

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] epan/libwireshark.def

[Gisle Vanem]

What does the lines like  .mine do in this file?
Besides eth_stdio_fopen() shall not be exported from libwireshark.dll.
A patch:

--- SVN-Latest\epan\libwireshark.defWed Oct 31 17:03:44 2007
+++ epan\libwireshark.def   Wed Oct 31 17:31:01 2007
@@ -221,17 +221,10 @@
 dissect_per_sequence
 dissect_per_set_of
 dissect_per_VisibleString
- .mine
 dissect_q932_PresentedNumberScreened
 dissect_q932_PresentedNumberUnscreened
 dissect_q932_PartyNumber
 dissect_q932_PartySubaddress
-===
-dissect_q932_PartyNumber
-dissect_q932_PartySubaddress
-dissect_q932_PresentedNumberUnscreened
-dissect_q932_PresentedNumberScreened
- .r23226
 dissect_qsig_na_Name
 dissect_rpc_array
 dissect_rpc_bool
@@ -306,7 +299,6 @@
 epan_get_version
 epan_init
 epan_strcasestr
-eth_stdio_fopen
 ether_to_str
 ex_opt_add
 ex_opt_count
@@ -696,16 +688,11 @@
 proto_tree_get_parent
 proto_tree_get_root
 proto_tree_move_item
- .mine
+protocols_module   DATA
 p_add_proto_data
 p_get_proto_data
 q931_cause_code_vals   DATA
 q850_cause_code_vals   DATA
-===
-protocols_moduleDATA
-q850_cause_code_vals   DATA
-q931_cause_code_vals   DATA
- .r23226
 q931_message_type_vals DATA
 range_convert_range
 range_convert_str

--gv

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] epan/libwireshark.def

[Gisle Vanem]

Guy Harris [EMAIL PROTECTED] wrote:

 If the first somebody was you, then svn update (or its GUI equivalent) 
 should have reported the conflict.  The  .mine lines aren't in 
 the current version in SVN, so I suspect it's reporting a conflict 
 between changes you made and changes somebody checked in. 

It wasn't me (I don't have write access). But after a:
  del epan\libwireshark.def
  svn update

the file is up-to-date it seems.

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] epan/libwireshark.def

[Gisle Vanem]

Jeff Morriss [EMAIL PROTECTED] wrote:

 Also eth_stdio_fopen() needs to be exported from the dll because some 
 plugins use it now.

Let me see if I understand you; you mean eth_stdio_fopen() should
be exported from _libwireshark.dll_? eth_stdio_fopen() is already exported
from wiretap*.dll. See wiretap/wtap.def and wiretap/Makefile.nmake.
So AFAICS any plugins needing eth_stdio_fopen() should link to
wiretap*.lib (the implib). Or do you mean file_util.obj should be present
in _2_ dlls? A ugly hack IMHO.

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] epan/libwireshark.def

[Gisle Vanem]

Guy Harris [EMAIL PROTECTED] wrote:

 Does svn status report any conflicts (lines beginning with C)?

No.

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] packet-isakmp.c

[Gisle Vanem]

wiretap/file_util.h must be included because of eth_fopen():

--- SVN-Latest\epan\dissectors\packet-isakmp.c  Tue Oct 23 14:29:00 2007
+++ epan\dissectors\packet-isakmp.c Thu Oct 25 14:21:56 2007
@@ -66,6 +66,7 @@
 #include epan/dissectors/packet-x509af.h
 #include epan/dissectors/packet-isakmp.h
 #include epan/prefs.h
+#include wiretap/file_util.h

 #define isakmp_min(a, b)  ((ab) ? a : b)

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] trigcap.c

[Gisle Vanem]

Some signals needs to be ifdef'ed (missing on VC/MingW):

--- SVN-Latest/trigcap.cSat Jul 28 15:44:35 2007
+++ trigcap.c   Wed Aug 22 14:42:30 2007
@@ -249,9 +249,15 @@
dprintf(2,opened dumper file '%s'\n,outfile);

signal(SIGINT, sig_int);
+#ifdef SIGQUIT
signal(SIGQUIT, sig_int);
+#endif
+#ifdef SIGTERM
signal(SIGTERM, sig_int);
+#endif
+#ifdef SIGSTOP
signal(SIGSTOP, sig_int);
+#endif

keep_going = 1;
dumping = 0;

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] packet-ieee80211.c won't compile

[Gisle Vanem]

In file included from epan/dissectors/packet-ieee80211.c:84:
./airpcap_loader.h:84: error: syntax error before AirpcapChannelInfo
./airpcap_loader.h:85: error: syntax error before PAirpcapChannelInfo
./airpcap_loader.h:86: error: syntax error before AirpcapChannelInfo
./airpcap_loader.h:110: error: syntax error before AirpcapChannelInfo

Will the person who checked in this file please fix this and test his 
changes in the future?

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] packet-ieee80211.c won't compile

[Gisle Vanem]

In file included from epan/dissectors/packet-ieee80211.c:84:
./airpcap_loader.h:84: error: syntax error before AirpcapChannelInfo
./airpcap_loader.h:85: error: syntax error before PAirpcapChannelInfo
./airpcap_loader.h:86: error: syntax error before AirpcapChannelInfo
./airpcap_loader.h:110: error: syntax error before AirpcapChannelInfo

Will the person who checked in this file please fix this and test his 
changes in the future?

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] packet-sqloracle.c

[Gisle Vanem]

I know this dissector isn't in any makefile, but I'd like to try it anyway.
I added the file to the build of libwireshark.dll, but got an assert in 
epan/packet.c at line 674 (sub_dissectors == NULL).

Should this file be removed from svn until fixed? Or fixed
before the next release? I'm not in the position to fix it myself
(my knowledge of WS internals is too limited).

Gisle V.

# rm /bin/laden 
/bin/laden: Not found 
___
Wireshark-dev mailing list
[EMAIL PROTECTED]
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] packet-sqloracle.c

[Gisle Vanem]

I tried adding this file to the build of libwireshark.dll, but got an 
assert in epan/packet.c at line 674 (sub_dissectors == NULL).
I know this dissector isn't in any makefile, but I'd like to try it anyway.

Should this file be removed from svn until fixed? Or fixed
before the next release? I'm not in the position to fix it myself
(my knowledge of WS internals is too limited).

Gisle V.

# rm /bin/laden 
/bin/laden: Not found
___
Wireshark-dev mailing list
[EMAIL PROTECTED]
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] sockaddr_storage on Win32

[Gisle Vanem]

The #ifdef's in capture_wpcap_packet.c and gtk/capture_if_details_dlg.c
assumes that only MSVC is used to build on Win32. MingW works just
fine.

MingW defines WINVER == 0x400, but it does have sockaddr_storage.

Why can't the structure be moved to a common .h-file? (to keep the
.c-files more clean). Patch attached.

--gv

--- SVN-Latest\capture_wpcap_packet.c   Mon Mar 26 17:52:42 2007
+++ capture_wpcap_packet.c  Tue Mar 27 01:24:07 2007
@@ -51,7 +51,7 @@
 *
 * copied from RFC2553 (and slightly modified because of datatypes) ...
 * XXX - defined more than once, move this to a header file */
-#if (WINVER = 0x0400)
+#if (WINVER = 0x0400)  defined(_MSC_VER)
typedef unsigned short eth_sa_family_t;

/*
@@ -82,7 +82,7 @@
  /* __ss_pad1, __ss_align fields is 112 */
};
/* ... copied from RFC2553 */
-#endif /* WINVER */
+#endif /* WINVER  _MSC_VER */


#include Packet32.h
--- SVN-Latest\gtk\capture_if_details_dlg.c Mon Mar 26 17:51:39 2007
+++ gtk\capture_if_details_dlg.cTue Mar 27 01:19:21 2007
@@ -35,6 +35,7 @@

#include wtap.h
#include time.h
+#include ctype.h

#include globals.h
#include file.h
@@ -59,7 +60,7 @@
 *
 * copied from RFC2553 (and slightly modified because of datatypes) ...
 * XXX - defined more than once, move this to a header file */
-#if (WINVER = 0x0400)
+#if (WINVER = 0x0400)  defined(_MSC_VER)
typedef unsigned short eth_sa_family_t;

/*
@@ -90,7 +91,7 @@
  /* __ss_pad1, __ss_align fields is 112 */
};
/* ... copied from RFC2553 */
-#endif /* WINVER */
+#endif /* WINVER  _MSC_VER */

#include Packet32.h
#include windows.h
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] pragma warning

[Gisle Vanem]

The #pragma warning() statements are MSVC specific. So
embed them inside #ifdef _MSC_VER.

Patch attached.

--gv

diff -u3 -Hb -r SVN-Latest\asn1\rrlp\packet-rrlp-template.c 
.\asn1\rrlp\packet-rrlp-template.c
--- SVN-Latest\asn1\rrlp\packet-rrlp-template.c Tue Mar 27 17:18:46 2007
+++ .\asn1\rrlp\packet-rrlp-template.c  Tue Mar 27 17:54:27 2007
@@ -49,7 +49,7 @@



-#ifdef _WIN32
+#ifdef _MSC_VER
/* disable: warning C4146: unary minus operator applied to unsigned type, result 
still unsigned */
#pragma warning(disable:4146)
#endif
diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c 
.\epan\dissectors\packet-dcerpc-dfs.c
--- SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c  Tue Mar 27 17:18:50 2007
+++ .\epan\dissectors\packet-dcerpc-dfs.c   Tue Mar 27 17:44:53 2007
@@ -22,7 +22,7 @@
#include packet-windows-common.h
#include packet-dcerpc-dfs.h

-#ifdef _WIN32
+#ifdef _MSC_VER
/* disable: warning C4101: 'xy' : unreferenced local variable */
#pragma warning(disable:4101)
#endif
diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c 
.\epan\dissectors\packet-dcerpc-eventlog.c
--- SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:18:52 2007
+++ .\epan\dissectors\packet-dcerpc-eventlog.c  Tue Mar 27 17:45:04 2007
@@ -22,7 +22,7 @@
#include packet-windows-common.h
#include packet-dcerpc-eventlog.h

-#ifdef _WIN32
+#ifdef _MSC_VER
/* disable: warning C4018: '' : signed/unsigned mismatch */
#pragma warning(disable:4018)
#endif
diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-megaco.c 
.\epan\dissectors\packet-megaco.c
--- SVN-Latest\epan\dissectors\packet-megaco.c  Tue Mar 27 17:18:52 2007
+++ .\epan\dissectors\packet-megaco.c   Tue Mar 27 17:53:27 2007
@@ -67,7 +67,7 @@
#define PORT_MEGACO_TXT 2944
#define PORT_MEGACO_BIN 2945

-#ifdef _WIN32
+#ifdef _MSC_VER
/* disable: warning C4013: 'xy' undefined; assuming extern returning int */
#pragma warning(disable:4013)
#endif
diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-user_encap.c 
.\epan\dissectors\packet-user_encap.c
--- SVN-Latest\epan\dissectors\packet-user_encap.c  Tue Mar 27 17:18:48 2007
+++ .\epan\dissectors\packet-user_encap.c   Tue Mar 27 17:54:59 2007
@@ -36,7 +36,7 @@
#include epan/uat.h
#include epan/emem.h

-#ifdef _WIN32
+#ifdef _MSC_VER
/* disable: warning C4090: 'XY' : different 'const' qualifiers */
#pragma warning(disable:4090)
#endif
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] pragma warning

[Gisle Vanem]

Graham Bloice [EMAIL PROTECTED] wrote:

 Gisle Vanem wrote:
 The #pragma warning() statements are MSVC specific. So
 embed them inside #ifdef _MSC_VER.
 
 
 I always thought unrecognised #pragma directives were ignored.  I take
 it that MinGw barfs on them in some way?

MingW ignores them, but with a warning. I thought we should strive
to reduce the number of warnings. Hence my patch.

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] sockaddr_storage on Win32

[Gisle Vanem]

The #ifdef's in capture_wpcap_packet.c and gtk/capture_if_details_dlg.c
assumes that only MSVC is used to build on Win32. MingW works just
fine.

MingW defines WINVER == 0x400, but it does have sockaddr_storage.

Why can't the structure be moved to a common .h-file? (to keep the
.c-files more clean). Patch attached.

--gv

--- SVN-Latest\capture_wpcap_packet.c   Mon Mar 26 17:52:42 2007
+++ capture_wpcap_packet.c  Tue Mar 27 01:24:07 2007
@@ -51,7 +51,7 @@
 *
 * copied from RFC2553 (and slightly modified because of datatypes) ...
 * XXX - defined more than once, move this to a header file */
-#if (WINVER = 0x0400)
+#if (WINVER = 0x0400)  defined(_MSC_VER)
typedef unsigned short eth_sa_family_t;

/*
@@ -82,7 +82,7 @@
  /* __ss_pad1, __ss_align fields is 112 */
};
/* ... copied from RFC2553 */
-#endif /* WINVER */
+#endif /* WINVER  _MSC_VER */


#include Packet32.h
--- SVN-Latest\gtk\capture_if_details_dlg.c Mon Mar 26 17:51:39 2007
+++ gtk\capture_if_details_dlg.cTue Mar 27 01:19:21 2007
@@ -35,6 +35,7 @@

#include wtap.h
#include time.h
+#include ctype.h

#include globals.h
#include file.h
@@ -59,7 +60,7 @@
 *
 * copied from RFC2553 (and slightly modified because of datatypes) ...
 * XXX - defined more than once, move this to a header file */
-#if (WINVER = 0x0400)
+#if (WINVER = 0x0400)  defined(_MSC_VER)
typedef unsigned short eth_sa_family_t;

/*
@@ -90,7 +91,7 @@
  /* __ss_pad1, __ss_align fields is 112 */
};
/* ... copied from RFC2553 */
-#endif /* WINVER */
+#endif /* WINVER  _MSC_VER */

#include Packet32.h
#include windows.h
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] pragma warning

[Gisle Vanem]

Ulf Lamping [EMAIL PROTECTED] wrote:

 If you still have such problems, please note.

There's still some in generated files. It seems someone added the pragmas after 
they where autogenerated. IMHO the #pragma should go elsewhere. But
where, should be left to the experts.

A patch for now:

diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c 
.\epan\dissectors\packet-dcerpc-dfs.c
--- SVN-Latest\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:18:50 2007
+++ .\epan\dissectors\packet-dcerpc-dfs.c Tue Mar 27 17:44:53 2007
@@ -22,7 +22,7 @@
 #include packet-windows-common.h
 #include packet-dcerpc-dfs.h
 
-#ifdef _WIN32
+#ifdef _MSC_VER
 /* disable: warning C4101: 'xy' : unreferenced local variable */
 #pragma warning(disable:4101)
 #endif
diff -u3 -Hb -r SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c 
.\epan\dissectors\packet-dcerpc-eventlog.c
--- SVN-Latest\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:18:52 2007
+++ .\epan\dissectors\packet-dcerpc-eventlog.c Tue Mar 27 17:45:04 2007
@@ -22,7 +22,7 @@
 #include packet-windows-common.h
 #include packet-dcerpc-eventlog.h
 
-#ifdef _WIN32
+#ifdef _MSC_VER
 /* disable: warning C4018: '' : signed/unsigned mismatch */
 #pragma warning(disable:4018)
 #endif

diff -u3 -Hb -r SVN-Latest\plugins\giop\packet-cosnaming.c 
.\plugins\giop\packet-cosnaming.c
--- SVN-Latest\plugins\giop\packet-cosnaming.c Tue Mar 27 17:18:48 2007
+++ .\plugins\giop\packet-cosnaming.c Wed Mar 28 05:20:33 2007
@@ -48,7 +48,7 @@
 G_MODULE_EXPORT const gchar version[] = 0.0.1;
 #endif
 
-#ifdef _WIN32
+#ifdef _MSC_VER
 /* disable warning: unreference local variable */
 #pragma warning(disable:4101)
 #endif

And for airpcap.h:

diff -u3 -Hb -r SVN-Latest\airpcap.h .\airpcap.h
--- SVN-Latest\airpcap.h Tue Jan 02 23:26:52 2007
+++ .\airpcap.h Wed Mar 28 03:49:39 2007
@@ -24,8 +24,10 @@
 
 #include epan/crypt/wep-wpadefs.h  /* WEP_KEY_MAX_SIZE */
 
+#ifdef _MSC_VER
 /* This disables a VS warning for zero-sized arrays. All the compilers we 
support have that feature */
 #pragma warning( disable : 4200)
+#endif
 
 #ifdef __cplusplus
 extern C {

---
--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] epan_strcasestr() to epan/strutil.c

[Gisle Vanem]

The file epan/dissectors/packet-k12.c uses the function
strcasestr() which is not available on e.g. Windows. So I cooked
up a patch to epan/strutil.c to add epan_strcasestr() (is there a more 
suited place for such a function?)


Attached in diffs-3.txt

--gv

--- SVN-Latest\epan\strutil.c   Mon Feb 05 12:13:00 2007
+++ epan\strutil.c  Wed Feb 07 13:49:17 2007
@@ -966,3 +966,17 @@
return strl+strs;
}
#endif
+
+char *
+epan_strcasestr(const char *haystack, const char *needle)
+{
+   gsize hlen = strlen(haystack);
+   gsize nlen = strlen(needle);
+
+   while (hlen-- = nlen) {
+   if (!g_strncasecmp(haystack, needle, nlen))
+   return (char*) haystack;
+   haystack++;
+   }
+   return NULL;
+}
--- SVN-Latest\epan\strutil.h   Fri Jan 12 17:23:56 2007
+++ epan\strutil.h  Wed Feb 07 13:44:40 2007
@@ -205,6 +205,16 @@
 */
char * convert_string_case(const char *string, gboolean case_insensitive);

+/** Finds the first occurence of string 'needle' in string 'haystack'.
+ *  The matching is done in a case insensitive manner.
+ *
+ * @param haystack The string possibly containing the substring
+ * @param needle The substring to be searched
+ * @return A pointer into 'haystack' where 'needle' is first found.
+ *   Otherwise it returns NULL.
+ */
+char * epan_strcasestr(const char *haystack, const char *needle);
+
/* g_strlcat() does not exist in GLib 1.2[.x] */
#if GLIB_MAJOR_VERSION  2
gsize g_strlcat(gchar *dst, gchar *src, gsize size);
--- SVN-Latest\epan\libwireshark.defMon Feb 05 12:12:57 2007
+++ epan\libwireshark.def   Wed Feb 07 13:48:25 2007
@@ -245,6 +245,7 @@
epan_get_version
epan_init
epan_base64_decode
+epan_strcasestr
ether_to_str
ex_opt_add
ex_opt_count
--- SVN-Latest\epan\dissectors\packet-k12.c Mon Feb 05 12:13:00 2007
+++ epan\dissectors\packet-k12.cWed Feb 07 13:29:10 2007
@@ -38,6 +38,7 @@
#include epan/emem.h
#include epan/uat.h
#include epan/expert.h
+#include epan/strutil.h
#include packet-sscop.h

typedef struct _k12_hdls_t {
@@ -135,7 +136,7 @@

if (! handles ) {
for (i=0 ; i  nk12_handles; i++) {
-   if ( strcasestr(pinfo-pseudo_header-k12.stack_file, 
k12_handles[i].match) ) {
+   if ( 
epan_strcasestr(pinfo-pseudo_header-k12.stack_file, k12_handles[i].match) ) {
handles = k12_handles[i].handles;
break;
}
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] airpcap.c

[Gisle Vanem]

--- SVN-Latest\epan\crypt\airpdcap.cFri Jan 12 17:23:52 2007
+++ epan\crypt\airpdcap.c   Tue Jan 16 11:59:58 2007
@@ -1663,7 +1663,7 @@
else
output_string = g_strdup_printf(%s:%s:%s,
STRING_KEY_TYPE_WPA_PWD,dk-key-str,
-   format_text((guchar *)dk-ssid-data, 
dk-ssid-len);
+   format_text((guchar *)dk-ssid-data, 
dk-ssid-len));
}
else if(dk-type == AIRPDCAP_KEY_TYPE_WPA_PMK)
{

---

Please test your changes (compile it) before checking in !

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] packet-kerberos.c

[Gisle Vanem]

* epan/crypt/crypt-md5.h must come after glib.h because of
  'guint8' etc.

* Include wiretap/file_util.h because of eth_fopen().

--- SVN-Latest\epan\dissectors\packet-kerberos.cWed Jan 03 17:26:35 2007
+++ epan\dissectors\packet-kerberos.c   Tue Jan 16 12:44:55 2007
@@ -71,12 +71,12 @@
 #include nettle/des.h
 #include nettle/cbc.h
 #endif
-#include epan/crypt/crypt-md5.h
 #include sys/stat.h  /* For keyfile manipulation */
 #endif

 #include glib.h

+#include epan/crypt/crypt-md5.h
 #include epan/packet.h

 #include epan/strutil.h
@@ -96,6 +96,8 @@
 #include epan/dissectors/packet-dcerpc.h

 #include epan/dissectors/packet-gssapi.h
+
+#include wiretap/file_util.h

 #define UDP_PORT_KERBEROS  88
 #define TCP_PORT_KERBEROS  88


--

PS. What's up with the mailing-list software? Every message looks like
crap; all line-endings are missing. Is the ML-software running on a Mac?

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] [Patch] libwireshark.def

[Gisle Vanem]

Some missing exports (needed by airpdcap*.c):

--- SVN-Latest\epan\libwireshark.defTue Jan 16 11:07:52 2007
+++ epan\libwireshark.def   Tue Jan 16 13:08:05 2007
@@ -91,6 +91,8 @@
 convert_string_to_hex
 copy_prefs
 crc16_ccitt_tvb
+crc32_ccitt
+crc32_ccitt_table   DATA
 create_dissector_handle
 create_persconffile_dir
 data_out_file   DATA
@@ -641,6 +643,7 @@
 rtp_payload_type_vals   DATA
 rtp_payload_type_short_valsDATA
 running_in_build_directory
+sha1_hmac
 scsi_mmc_vals  DATA
 scsi_smc_vals  DATA
 scsi_sbc_vals  DATA

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] packet-kerberos.c

[Gisle Vanem]

Gisle Vanem [EMAIL PROTECTED] wrote:

 I.e. double newlines are collapsed into one:
 
  line 1
 
  line 2

That message got received okay. Presumably because it contained a
Content-type: multipart/mixed;... in the header.

--gv

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

Re: [Wireshark-dev] [Patch] packet-kerberos.c

[Gisle Vanem]

Sake Blok [EMAIL PROTECTED] wrote:

 Looks like your mailserver is messing things up. In the attached rawmessage 
 there is a line:
 X-MIME-Autoconverted: from base64 to 8bit by bryggen.bgnett.no id 
 =l0GCELid030303
 When I look at the same message in my mailbox, it is still base64encoded. 
 When I mannualy decode the data, 
 I do get to see allnewlines (as does my mail-client).

Okay, I've resubscribed from another account. So this problem should vanish.
But what about the patch itself?

--gv
___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev

[Wireshark-dev] Airpcap patches

[Gisle Vanem]

Here are some patches needed to build using HAVE_AIRPCAP
on MingW:

* airpcap.h needs 'WEP_KEY_MAX_SIZE' from epan/crypt/wep-wpadefs.h.

* airpcap_loader.h needs epan/crypt/airpdcap_user.h and definition of
 'decryption_key_t'.

* epan/crypt/airpdcap_interop.h defines 'ntohs()' before winsock2.h
 gets included. Thus creating a parse error later on.

Attached.

--gv

diff -u3 -Hb -r SVN-Latest\airpcap.h .\airpcap.h
--- SVN-Latest\airpcap.hThu Dec 28 17:39:24 2006
+++ .\airpcap.h Tue Jan 02 12:48:30 2007
@@ -22,6 +22,8 @@
#if !defined(AIRPCAP_H__EAE405F5_0171_9592_B3C2_C19EC426AD34__INCLUDED_)
#define AIRPCAP_H__EAE405F5_0171_9592_B3C2_C19EC426AD34__INCLUDED_

+#include epan/crypt/wep-wpadefs.h  /* WEP_KEY_MAX_SIZE */
+
/* This disables a VS warning for zero-sized arrays. All the compilers we 
support have that feature */
#pragma warning( disable : 4200)

diff -u3 -Hb -r SVN-Latest\airpcap_loader.h .\airpcap_loader.h
--- SVN-Latest\airpcap_loader.h Thu Dec 28 17:39:24 2006
+++ .\airpcap_loader.h  Tue Jan 02 11:34:44 2007
@@ -28,6 +28,8 @@
#ifndef __AIRPCAP_LOADER_H__
#define __AIRPCAP_LOADER_H__

+#include epan/crypt/airpdcap_user.h
+
/* Error values from get_airpcap_interface_list(). */
#define CANT_GET_AIRPCAP_INTERFACE_LIST 0   /* error getting list */
#define NO_AIRPCAP_INTERFACES_FOUND 1   /* list is empty */
diff -u3 -Hb -r SVN-Latest\epan\crypt\airpdcap_interop.h 
.\epan\crypt\airpdcap_interop.h
--- SVN-Latest\epan\crypt\airpdcap_interop.hTue Jan 02 10:15:35 2007
+++ .\epan\crypt\airpdcap_interop.h Tue Jan 02 13:03:40 2007
@@ -2,7 +2,7 @@
#define _AIRPDCAP_INTEROP_H

/**
- * Cast data types commonly used in Windows (e.g. UINT16) to theirf
+ * Cast data types commonly used (e.g. UINT16) to their
 * GLib equivalents.
 */

@@ -57,7 +57,12 @@
typedef gsize   size_t;
#endif

+#ifdef WIN32
+#include winsock2.h  /* ntohs() */
+#endif
+
#ifndef ntohs
+#undef ntohs
#define ntohs(value)g_ntohs(value)
#endif

___
Wireshark-dev mailing list
Wireshark-dev@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-dev