Guy Harris [Sun, 6 Jun 2010 19:14:32 +0000 (19:14 -0000)]
Rename wtap_dump_file_write_all() to wtap_dump_file_write(), and have
everybody use it; the places using the old wtap_dump_file_write() were
using it in the same way the old wtap_dump_file_write_all() did.
That also lets us get rid of wtap_dump_file_ferror().
Also, have the new wtap_dump_file_write() check for errors from
gzwrite() and fwrite() differently - the former returns 0 on error, the
latter can return a short write on error.
svn path=/trunk/; revision=33113
Anders Broman [Sun, 6 Jun 2010 16:25:41 +0000 (16:25 -0000)]
From Jim Young:
Remove unneeded "gtk_tree_path_free(path);" from case
"GDK_Return:" in tree_view_key_pressed_cb() that was reverted in r32957 to restore X11 functionality lost in refactored code from r32323.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4847
svn path=/trunk/; revision=33112
Gerald Combs [Sun, 6 Jun 2010 15:03:33 +0000 (15:03 -0000)]
[Automatic manuf and enterprise-numbers update for 2010-06-06]
svn path=/trunk/; revision=33109
Kovarththanan Rajaratnam [Sun, 6 Jun 2010 06:09:26 +0000 (06:09 -0000)]
Add 32bit Ubuntu 10.04 to supported platforms
svn path=/trunk/; revision=33108
Guy Harris [Sat, 5 Jun 2010 22:59:20 +0000 (22:59 -0000)]
From Rolf Fiedler: support for writing EyeSDN trace files.
svn path=/trunk/; revision=33107
Guy Harris [Sat, 5 Jun 2010 22:04:28 +0000 (22:04 -0000)]
First check for the new GTK+/OS X integration functions, then the old
ones; it appears that at least one user's -ligemacintegration has both
(see bug 4823), and we should choose the new ones in that case.
Also, always set have_ige_mac if we have the functions.
Fix tpyoes while we're at it.
svn path=/trunk/; revision=33106
Jaap Keuter [Sat, 5 Jun 2010 09:22:45 +0000 (09:22 -0000)]
From John Fitzgibbon:
When specifying SA keys for AES-CTR, Wireshark expects a key length of 160, 224
or 288 bits, (i.e. 128, 192 or 256 bits, followed by the 32 bit nonce value),
but gcry_cipher_setkey() in packet_ipsec.c fails, as it expects 128, 192 or 256
bits.
Omitting the nonce won't work -- even if Wireshark liked those key lengths,
gcrypt wouldn't be able to decrypt without it.
svn path=/trunk/; revision=33105
Guy Harris [Sat, 5 Jun 2010 02:19:45 +0000 (02:19 -0000)]
Clean up indentation.
svn path=/trunk/; revision=33104
Guy Harris [Sat, 5 Jun 2010 01:55:06 +0000 (01:55 -0000)]
Clarify an error message (and the corresponding comment).
Fix the no-libpcap build.
svn path=/trunk/; revision=33103
Gerald Combs [Sat, 5 Jun 2010 00:29:31 +0000 (00:29 -0000)]
Back out r33088 for now.
svn path=/trunk/; revision=33102
Jeff Morriss [Sat, 5 Jun 2010 00:25:46 +0000 (00:25 -0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4831 :
Add the data read/write length to the NFS tree so it is filterable.
From me: don't bother incrementing the offset just to decrement it again.
Change the hf info a bit.
(Ideally the RPC dissector would add the length to the tree not as a text
item; that is left for future work.)
svn path=/trunk/; revision=33101
Guy Harris [Sat, 5 Jun 2010 00:08:37 +0000 (00:08 -0000)]
Catch some cases that don't currently work.
svn path=/trunk/; revision=33100
Gerald Combs [Fri, 4 Jun 2010 23:16:31 +0000 (23:16 -0000)]
From Chris Maynard via bug 1546:
Add units to the rate.
svn path=/trunk/; revision=33099
Guy Harris [Fri, 4 Jun 2010 23:08:08 +0000 (23:08 -0000)]
Thou shalt not have a tap whose listener is always active; that means,
for example, that, if it's a TShark tap, TShark can never be run with
"-w -", as it means that TShark will always have to dissect the packets.
svn path=/trunk/; revision=33098
Jeff Morriss [Fri, 4 Jun 2010 20:52:02 +0000 (20:52 -0000)]
Add a preference that allows the user to decide if they want the calling and
called GTs (if RI=GT) put in the (pinfo) source and destination (and thus into
the source and destination columns).
This may help (if the PCs change but the GT does not) or hurt (if the GT or RI
change but the PCs do not) TCAP's ability to identify which messages belong to
which TCAP "session."
svn path=/trunk/; revision=33097
Jeff Morriss [Fri, 4 Jun 2010 20:48:45 +0000 (20:48 -0000)]
Use a gboolean to store a boolean and change the plurality on the preference name
svn path=/trunk/; revision=33096
Jeff Morriss [Fri, 4 Jun 2010 20:36:43 +0000 (20:36 -0000)]
Add a preference that allows the user to decide if they want the source and
destination address PC or GT (depending on the RI) put in the (pinfo) source and
destination (and thus into the source and destination columns).
This may help (if the IP addresses change but the PC or GT do not) or hurt (if
the PC, GT, or RI change but the IP addresses do not) TCAP's ability to identify
which messages belong to which TCAP "session."
svn path=/trunk/; revision=33094
Jeff Morriss [Fri, 4 Jun 2010 19:57:11 +0000 (19:57 -0000)]
Add BIN_DIR. If it is '.' then set WIRESHARK_RUN_FROM_BUILD_DIRECTORY so that we test plugins
svn path=/trunk/; revision=33093
Gerald Combs [Fri, 4 Jun 2010 19:49:12 +0000 (19:49 -0000)]
Add a checkapis target.
svn path=/trunk/; revision=33092
Jeff Morriss [Fri, 4 Jun 2010 19:37:31 +0000 (19:37 -0000)]
Increase LENGTH_OID a bit to give us more room for ACNs (probably more than will ever be used).
svn path=/trunk/; revision=33091
Guy Harris [Fri, 4 Jun 2010 19:29:26 +0000 (19:29 -0000)]
Fix comments.
svn path=/trunk/; revision=33090
Jeff Morriss [Fri, 4 Jun 2010 19:28:39 +0000 (19:28 -0000)]
tcaphash_context_t.oid is of size LENGTH_OID+1, not LENGTH_OID. Just use sizeof(tcaphash_context_t.oid) instead of LENGTH_OID so we can use that last byte. This allows us to retrieve the whole ACN when the ACN is LENGTH_OID bytes long.
svn path=/trunk/; revision=33089
Gerald Combs [Fri, 4 Jun 2010 18:45:02 +0000 (18:45 -0000)]
From Matt Poduska via bug 1957 (with minor changes):
New dissector (plugin) to support decode of the EPCglobal Low-Level Reader
protocol (see llrp.org for more information). This dissector has passed fuzz
testing.
svn path=/trunk/; revision=33088
Gerald Combs [Fri, 4 Jun 2010 18:28:02 +0000 (18:28 -0000)]
According to RFC 3220 section 7 the max UDVM message size is 65536,
not 65535. Hopefully fixes bug 4837.
svn path=/trunk/; revision=33087
Bill Meier [Fri, 4 Jun 2010 17:59:53 +0000 (17:59 -0000)]
From Samu Varjonen: Whitespace cleanup
Tabs converted to 8 spaces and trailing whitespaces removed, etc.
svn path=/trunk/; revision=33086
Gerald Combs [Fri, 4 Jun 2010 16:59:49 +0000 (16:59 -0000)]
If BIN_DIR is ".", set WIRESHARK_RUN_FROM_BUILD_DIRECTORY so that we
test plugins.
svn path=/trunk/; revision=33085
Graeme Lunt [Fri, 4 Jun 2010 15:07:17 +0000 (15:07 -0000)]
Description for netscape-cert-type bit 4 (e.g. see docs.sun.com/source/816-5531-10/poli_ext.htm#
1078885)
svn path=/trunk/; revision=33084
Graeme Lunt [Fri, 4 Jun 2010 14:36:53 +0000 (14:36 -0000)]
RCS 3280, which obsoletes RFC 2459, allows an IA5String CHOICE in the DisplayText of a UserNotice.
svn path=/trunk/; revision=33083
Stig Bjørlykke [Fri, 4 Jun 2010 12:14:18 +0000 (12:14 -0000)]
From Holger Freyther via bug 4841:
Add a new dissector for the NexusWare C7 MTP over UDP/TCP protocol. One of
NexusWare's example applications provide a way to forward MTP Level 3 messages
via UDP/TCP. This is a dissector for this protocol (which is lacking an IANA
assigned port).
svn path=/trunk/; revision=33082
Jaap Keuter [Fri, 4 Jun 2010 05:57:05 +0000 (05:57 -0000)]
Set the right DPI for PDF production.
svn path=/trunk/; revision=33081
Bill Meier [Fri, 4 Jun 2010 01:32:21 +0000 (01:32 -0000)]
From Sven Eckelmann: Remove recursion for aggregated packets in batman dissector
"Different developers wanted to have the recursive dissector for aggregated
packets changed to a iterative approach."
See Bug #4836: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4836
svn path=/trunk/; revision=33080
Bill Meier [Fri, 4 Jun 2010 00:45:37 +0000 (00:45 -0000)]
From Cal Turney: The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles.
"The method used in packet-nfs.c to calculate a 32-bit hash representing the
32-byte filehandle is faulty in that the hash often matches multiple
filehandles."
"This patch uses CRC-32 to calculate the hash.
We (EMC GNS) have tested this patch for the past two years and we have not
found a single case where the hash matched more than one filehandle."
See Bug #4839: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4839
svn path=/trunk/; revision=33079
Jaap Keuter [Thu, 3 Jun 2010 21:39:38 +0000 (21:39 -0000)]
Bring more texts and examples up to date.
svn path=/trunk/; revision=33078
Bill Meier [Thu, 3 Jun 2010 19:14:18 +0000 (19:14 -0000)]
Fix a gcc -Wshadow warning
svn path=/trunk/; revision=33077
Jeff Morriss [Thu, 3 Jun 2010 18:57:25 +0000 (18:57 -0000)]
Set the (pinfo) address if a PC is present (for now: regardless of whether routing is on GT or not).
svn path=/trunk/; revision=33076
Bill Meier [Thu, 3 Jun 2010 18:56:39 +0000 (18:56 -0000)]
From Sven Eckelmann: Change recursion for aggregated packets to iteration.
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
svn path=/trunk/; revision=33075
Stig Bjørlykke [Thu, 3 Jun 2010 13:53:03 +0000 (13:53 -0000)]
Improved readability when displaying seconds with hours and minutes.
svn path=/trunk/; revision=33074
Jörg Mayer [Thu, 3 Jun 2010 13:04:22 +0000 (13:04 -0000)]
- Add tap-sv.c and packet-sv.c to the list of files to build
- Whitespace fixes
- Add Fedora 64 bit to the list of platforms where cmake should
work
svn path=/trunk/; revision=33073
Anders Broman [Thu, 3 Jun 2010 08:22:08 +0000 (08:22 -0000)]
Use g_hash_table_new_full().
svn path=/trunk/; revision=33072
Anders Broman [Thu, 3 Jun 2010 07:47:07 +0000 (07:47 -0000)]
From Pascal Quantin:
Avoid triggering a malformed packet error when decoding a simple UE terminated Detach Request when the EMM cause IE is not present:
svn path=/trunk/; revision=33071
Jaap Keuter [Thu, 3 Jun 2010 07:38:27 +0000 (07:38 -0000)]
Whitespace/indentation/code style cleanup.
svn path=/trunk/; revision=33070
Jeff Morriss [Thu, 3 Jun 2010 02:23:36 +0000 (02:23 -0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4832 :
Add field 'nfs.ops.count' in the detail pane of NFSv4 calls and replies that
displays the number of operations in NFSv4 COMPOUND requests/replies.
From me: change the blurb wording a bit.
svn path=/trunk/; revision=33069
Jeff Morriss [Thu, 3 Jun 2010 02:15:32 +0000 (02:15 -0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4830 :
Display the fsid (filesystem ID) in decimal as well as hex in the "attributes"
section of the header in NFSv3/v4 replies.
svn path=/trunk/; revision=33068
Jeff Morriss [Thu, 3 Jun 2010 02:05:52 +0000 (02:05 -0000)]
From Peter Harris via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4820 :
Mesa moved its API description file again.
Also, while I'm here, I noticed that they stopped using signed tags, so add
--tags to "git describe" for a better description of the mesa version used to
build the X11 dissector.
svn path=/trunk/; revision=33067
Bill Meier [Thu, 3 Jun 2010 02:03:32 +0000 (02:03 -0000)]
From: Sven Eckelmann:Add support for v10 packet format
"v10 of the packet format was added recently and could be added
to the wireshark dissector"
See: Bug #4833: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4833
From me:
- Fix a compile error: ...version=tvb_get_ntohs...
- Fix a missing = NULL.
svn path=/trunk/; revision=33066
Guy Harris [Thu, 3 Jun 2010 01:22:18 +0000 (01:22 -0000)]
Sorry, I forgot that 8.6. UDVM Cycles says
Note that the number of UDVM cycles MUST NOT be increased if a
request for additional compressed data fails.
so we *shouldn't* increase the cycle count further when
SIGCOMP_INSTR_INPUT_BYTES fails. That does *NOT* of course, mean that
we shouldn't increase the cycle count by 1 for a failed INPUT-BYTES
instruction - that would leave UDVM vulnerable to infinite loops (as per
bug 4826), and I *really* doubt that was their intent; presumably, it
means it should not be increased *by the number of cycles for the
additional data*:
Additionally, if the UDVM successfully requests n bits of
compressed data using one of the INPUT instructions then the
number of available UDVM cycles is increased by n *
cycles_per_bit once the instruction has been executed.
if the attempt to get that additional data fails.
svn path=/trunk/; revision=33065
Bill Meier [Thu, 3 Jun 2010 00:52:08 +0000 (00:52 -0000)]
Add back a few 'if (check_col()...' removed by me in a previous commit.
Possibly it's better to use an 'if (checkcol()' if the enclosed call to
'col_...' has "complex" arguments.
svn path=/trunk/; revision=33064
Gerald Combs [Thu, 3 Jun 2010 00:42:21 +0000 (00:42 -0000)]
From Reinhard Speyerer via bug 4779:
From reading the rawshark(1) manpage my assumption was that rawshark
could be used like
$ /usr/bml/bin/rawshark -s -r test.pcap -d encap:EN10MB ...
However rawshark either expects the -r argument to be -
(read from stdin) or a pipe which results in the following error
message:
rawshark: ".../test.pcap" is neither an interface nor a pipe
The proposed rawshark.pod patch updates the -r description to
the implemented rawshark functionality.
The patch also applies to the current SVN version.
svn path=/trunk/; revision=33063
Bill Meier [Thu, 3 Jun 2010 00:26:27 +0000 (00:26 -0000)]
From Sven Eckelmann: Synchronize bat dissector with batadv dissector
"Different people made changes to enhance the batman-adv dissector. It seems
that the batman dissector wasn't touched and misses those changes. Following
patchset should improve the dissector the same way Gerald Combs, Guy Harris and
Bill Meier improved batman-adv."
See Bug #4384: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4834
From me: Add back a few 'if (check_col()) ...';
I probably went just a bit too far in changes I made in packet-batadv.c
svn path=/trunk/; revision=33062
Gerald Combs [Wed, 2 Jun 2010 22:16:49 +0000 (22:16 -0000)]
Increment the cycle count no matter what. Increase the cycle count
further when SIGCOMP_INSTR_INPUT_BYTES fails. Fixes the infinite loop
found in bug 4826.
svn path=/trunk/; revision=33061
Bill Meier [Wed, 2 Jun 2010 21:36:24 +0000 (21:36 -0000)]
From Sven Eckelmann: Fix endless recursive loop
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
svn path=/trunk/; revision=33060
Anders Broman [Wed, 2 Jun 2010 19:29:14 +0000 (19:29 -0000)]
From David Bond:
Added the IEEE defined ether types for TRILL and Layer 2 ISIS. Also had ISIS
register itself with the ethertype dissector.
References:
http://www.postel.org/pipermail/rbridge/2010-May/003998.html
http://tools.ietf.org/html/draft-ietf-isis-layer2-05
http://tools.ietf.org/html/draft-ietf-trill-rbridge-protocol-16
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4825
svn path=/trunk/; revision=33059
Jaap Keuter [Wed, 2 Jun 2010 19:01:16 +0000 (19:01 -0000)]
Set Subversion properties right.
svn path=/trunk/; revision=33058
Bill Meier [Wed, 2 Jun 2010 19:00:20 +0000 (19:00 -0000)]
Misc changes:
- Clear info col before beginning dissection;
- Remove some uneeded forward declarations;
- Remove some ... = NULL initializers;
- Display protocol as BATADV_??? if unknown type;
- '(gwflags & 0x7C) >> 3' ==> '(gwflags & 0x78) >> 3'
svn path=/trunk/; revision=33057
Gerald Combs [Wed, 2 Jun 2010 18:13:00 +0000 (18:13 -0000)]
From Chris Maynard via bug 4014:
This trivial patch merely displays the ICMP ID and sequence # in the Info
column.
svn path=/trunk/; revision=33056
Bill Meier [Wed, 2 Jun 2010 18:11:17 +0000 (18:11 -0000)]
check_col() no longer required;
Use col_add_fstr() instead of col_clear()/col_append_fstr() combo.
svn path=/trunk/; revision=33055
Stig Bjørlykke [Wed, 2 Jun 2010 17:59:18 +0000 (17:59 -0000)]
Added packet-batadv.c
svn path=/trunk/; revision=33054
Guy Harris [Wed, 2 Jun 2010 17:33:45 +0000 (17:33 -0000)]
Fix incorrect fetch of version field.
svn path=/trunk/; revision=33053
Gerald Combs [Wed, 2 Jun 2010 17:10:55 +0000 (17:10 -0000)]
From Sven Eckelmann via but 2631:
The wireless meshing protocol B.A.T.M.A.N. Advanced changed their packet format
in such a way that now versions can be identified and so correct dissection of
the packets can be supported by wireshark.
Since it is a ever moving target it is very possible that the packet format is
changing slightly. The dissector was written in such a way that new version can
be supported relative easy.
I hope that it sufficient for the inclusion in wireshark.
I tried to fuzzing it some hours and no error was reported.
From me:
Initialize our dissector handles.
Merge packet-batadv.h into packet-batadv.c. It isn't included anywhere else.
Fuzz 500 passes using attached capture files.
svn path=/trunk/; revision=33052
Jeff Morriss [Wed, 2 Jun 2010 16:01:51 +0000 (16:01 -0000)]
Initialize no_vs_avps_ext with a pointer to a valid 'match' function so we don't crash in val_to_str_ext() if an AVP from an unknown vendor is encountered.
svn path=/trunk/; revision=33051
Graeme Lunt [Wed, 2 Jun 2010 15:09:11 +0000 (15:09 -0000)]
Definition of certificatePolicies certificate extension and removal of warnings
svn path=/trunk/; revision=33050
Graeme Lunt [Wed, 2 Jun 2010 14:58:42 +0000 (14:58 -0000)]
CA Version certificate extension
svn path=/trunk/; revision=33049
Graeme Lunt [Wed, 2 Jun 2010 14:42:57 +0000 (14:42 -0000)]
Bug 3597 - implicit octet string that is constructed causes PRES/FTAM dissect failure
Introduced some state to remember last dissected Tag/Length so that they can be recalled if an IMPLICIT tag is encountered and stripped. This allows its to be determined if the value has a constructed value - and so can be reassembled.
In this case, it is a IMPLICIT constructed OCTET STRING at the presentation layer.
Many thanks to Fred Gruman for identifying - and apologies for the delay in commiting.
svn path=/trunk/; revision=33048
Graeme Lunt [Wed, 2 Jun 2010 13:36:10 +0000 (13:36 -0000)]
Minor change to remember the object identifier.
svn path=/trunk/; revision=33047
Graeme Lunt [Wed, 2 Jun 2010 13:33:37 +0000 (13:33 -0000)]
Updated get_ber_length to handle multiple nested indefinite length encodings.
svn path=/trunk/; revision=33046
Anders Broman [Wed, 2 Jun 2010 10:50:39 +0000 (10:50 -0000)]
Clean up a bit, fix indent.
svn path=/trunk/; revision=33045
Anders Broman [Wed, 2 Jun 2010 06:17:02 +0000 (06:17 -0000)]
Update value_strings with IE names.
svn path=/trunk/; revision=33043
Gerald Combs [Wed, 2 Jun 2010 00:30:25 +0000 (00:30 -0000)]
From Jim Young via bug 4331:
This patch adds a new '-S' option to editcap that will rewrite timestamps of
packets to insure that the new capture file is in strict chronological order.
This option's primary use case is to fixup the occasional timestamps that have
a negative delta time relative to previous packet.
This feature is related to (but does not depend on) capinfos enhancement
submitted in bug #4315 which helps identify tracefiles with "out-of-order"
packets.
svn path=/trunk/; revision=33042
Gerald Combs [Wed, 2 Jun 2010 00:24:03 +0000 (00:24 -0000)]
From Jim Young via bug 4049:
This patch adds a new '-o' option to capinfos (enabled by default) to report if
the packets within a particular capture file are in strict chronological time
order or not.
svn path=/trunk/; revision=33041
Gerald Combs [Wed, 2 Jun 2010 00:20:12 +0000 (00:20 -0000)]
Rebuild the IEC 61850 dissector.
svn path=/trunk/; revision=33040
Gerald Combs [Tue, 1 Jun 2010 23:27:16 +0000 (23:27 -0000)]
From Michael Bernhard via bug 3398 with minor fixups:
I've created a ASN.1 dissector for the IEC 61850 Sampled Values protocol. It
dissects ethernet frames of the IEC 61850-9-2LE specification form the UCA
International User Group.
There is also a new TAP for tshark (-R sv) which extracts the important
information of the frame and allows to create plots (with external tools) of
the sampled values.
I've developed under Linux (Ubuntu 8.10) but everything should be in place for
successful compilation under Windows.
It would be great if this dissector could be included in wireshark. I'm looking
forward for your comments.
svn path=/trunk/; revision=33039
Anders Broman [Tue, 1 Jun 2010 22:23:22 +0000 (22:23 -0000)]
Remove the now unused value_strings.
svn path=/trunk/; revision=33038
Anders Broman [Tue, 1 Jun 2010 22:22:09 +0000 (22:22 -0000)]
- Traffic flow template miss dissected, use de_sm_tflow_temp()
insted.
- Dissect vendor id of private message.
svn path=/trunk/; revision=33037
Gerald Combs [Tue, 1 Jun 2010 22:20:15 +0000 (22:20 -0000)]
From Kovarththanan Rajaratnam via bug 3500:
Sébastien's initial commit [1] didn't contain support for embedding Python on
Windows.
[1] http://anonsvn.wireshark.org/viewvc?view=rev&revision=28529
From me:
Comment out PYTHON_EMBED for now.
Start a list of known Python+CRT versions.
Add get_wspython_dir to libwireshark.def.
svn path=/trunk/; revision=33036
Stephen Fisher [Tue, 1 Jun 2010 18:33:16 +0000 (18:33 -0000)]
Per Jaap's suggestion on -dev list: remove "with new_packet_list" from
version output since it has been the default for a while now and show
"with old_packet_list" if compiled as such.
svn path=/trunk/; revision=33035
Stephen Fisher [Tue, 1 Jun 2010 18:32:03 +0000 (18:32 -0000)]
There's no need to assign numerical values to the enum values.
svn path=/trunk/; revision=33034
Jaap Keuter [Tue, 1 Jun 2010 18:10:21 +0000 (18:10 -0000)]
From Herbert Lischka:
Lori made a simple change to the bacapp.c file for segmentation parsing.
Basically all fragments have some common data in the APDU which is useful to
see parsed in the tree.
I added support for vendor numbers bigger than 255.
Corrected Info column for "message fragment" and "message reassembled"
svn path=/trunk/; revision=33033
Graeme Lunt [Tue, 1 Jun 2010 09:25:51 +0000 (09:25 -0000)]
The Permitted-Actions-Attribute is exported from ftam-exp.cnf as DISPLAY = BASE_HEX. This causes a runtime error and so we override the definition here until we can find the correct fix.
svn path=/trunk/; revision=33032
Stig Bjørlykke [Tue, 1 Jun 2010 07:31:10 +0000 (07:31 -0000)]
Fixed a comment.
svn path=/trunk/; revision=33031
Anders Broman [Tue, 1 Jun 2010 07:26:08 +0000 (07:26 -0000)]
From Pascal Quantin:
Decode the EIA0 (null integrity algorithm) bit in EMM messages. This was introduced in 3GPP 24.301 CR-0422 (Release 9.2) and is also used by the LTSI (LTE/SAE Trial Initiative) for interoperability tests between constructors (with Release 8 equipments). I also updated the description of EEA0 as stated in 24.302 release 9.2.
svn path=/trunk/; revision=33030
Guy Harris [Tue, 1 Jun 2010 03:37:51 +0000 (03:37 -0000)]
capture() can, in some cases, return FALSE when the capture succeeds;
back out the change to check its return value until we fix that.
Also back out the test suite changes to look for an error exit for
invalid capture filters and interfaces.
svn path=/trunk/; revision=33029
Guy Harris [Mon, 31 May 2010 19:37:26 +0000 (19:37 -0000)]
Wireshark requires routines from libm, such as ceil(), so link with it;
we shouldn't rely on getting it pulled in by other shared libraries, as
1) there's no guarantee that the other shared libraries we use
are linked with it or will continue to be linked with it;
2) there's no guarantee that we're even linking dynamically;
3) it fails on Fedora 13 as part of a change to catch programs
that implicitly (or explicitly) assume, in their build
procedures, that they'll get libraries linked in as a result
of linking with other libraries.
svn path=/trunk/; revision=33028
Anders Broman [Mon, 31 May 2010 05:13:27 +0000 (05:13 -0000)]
From Ian Schorr:
NFS Dissector needs FH support for EMC Celerra.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4813
svn path=/trunk/; revision=33027
Jaap Keuter [Sun, 30 May 2010 21:39:41 +0000 (21:39 -0000)]
From Chris Maynard:
Fix for bug 4810 so PPP/USB dissector registers for IF_CLASS_CDC_DATA
- in addition to IF_CLASS_UNKNOWN and IF_CLASS_VENDOR_SPECIFIC, for those rare
occasions that the right set of circumstances arise where PPP traffic will be
(correctly) encapsulated in a USB frame of that interface class.
svn path=/trunk/; revision=33026
Gerald Combs [Sun, 30 May 2010 15:03:31 +0000 (15:03 -0000)]
[Automatic manuf and enterprise-numbers update for 2010-05-30]
svn path=/trunk/; revision=33023
Jaap Keuter [Sun, 30 May 2010 10:51:44 +0000 (10:51 -0000)]
From Matteo Valdina
There are two typos in the RTCP TMMBR packets:
1. In the dissector of RTCP TMMBR is written "messured" instead of measured.
2. In the text title field is written TMMBN instead on TMMBR and vice-versa.
svn path=/trunk/; revision=33022
Jaap Keuter [Sun, 30 May 2010 10:28:21 +0000 (10:28 -0000)]
From Chris Maynard:
Fix for bug 4807 to handle compressed (NULL) address and control bytes.
The problem seems to be that the address and control bytes are missing,
presumably because they are compressed per section 3.2 of
http://tools.ietf.org/html/rfc1662. The attached patch tries to account for
that.
The patch also fixes another bug. If the hdlc framing character, 0x7e, is not
present, but the address and control fields are, then the offset might need to
be 3 bytes instead of only 2 bytes if the control field is escaped. Sometimes
it is escaped and sometimes it isn't, so we need to handle both cases.
svn path=/trunk/; revision=33021
Anders Broman [Sat, 29 May 2010 22:29:09 +0000 (22:29 -0000)]
Increase the base size to 100 000 we are using more than that.
svn path=/trunk/; revision=33020
Jeff Morriss [Sat, 29 May 2010 03:35:32 +0000 (03:35 -0000)]
Include glib.h (for g_snprintf).
svn path=/trunk/; revision=33019
Jeff Morriss [Sat, 29 May 2010 03:34:05 +0000 (03:34 -0000)]
Add braces to avoid an ambiguous else
svn path=/trunk/; revision=33018
Jeff Morriss [Sat, 29 May 2010 03:33:28 +0000 (03:33 -0000)]
Put the optional objects in EXTRA..SOURCES instead of EXTRA_DIST.
Put the optional objects in a _DEPENDENCIES rule so they actually get built
when needed.
Use libtool to make these objects. Remove AC variables that are no longer
needed.
svn path=/trunk/; revision=33017
Jeff Morriss [Sat, 29 May 2010 01:00:52 +0000 (01:00 -0000)]
Make inet_aton an optional object on *NIX again
svn path=/trunk/; revision=33016
Jeff Morriss [Sat, 29 May 2010 00:34:08 +0000 (00:34 -0000)]
Remove a couple more references to the optional objects (that are now in wsutil)
svn path=/trunk/; revision=33015
Gerald Combs [Fri, 28 May 2010 23:00:29 +0000 (23:00 -0000)]
From Karl Heinz Wolf via bug 3571 (with minor changes):
Patch for the SIP dissector: the raw SIP message can be shown with our without
the "\r\n". User may want to remove the \r\n for clarity (by selecting a
checkbox).
svn path=/trunk/; revision=33014
Jeff Morriss [Fri, 28 May 2010 20:37:18 +0000 (20:37 -0000)]
Add a missing variable from wsgetopt
svn path=/trunk/; revision=33013
Jeff Morriss [Fri, 28 May 2010 20:19:55 +0000 (20:19 -0000)]
Move some code (including the optional objects) into libwsutil
svn path=/trunk/; revision=33012
Gerald Combs [Fri, 28 May 2010 18:04:56 +0000 (18:04 -0000)]
From Jakub Zawadzki via bug 4273:
After appending new record set packet_list->columnized to FALSE.
From me:
Use g_ptr_array_sort_with_data instead of g_qsort_with_data in case the
GPtrArray internals ever change.
svn path=/trunk/; revision=33011
Jeff Morriss [Fri, 28 May 2010 13:09:12 +0000 (13:09 -0000)]
Fix the Windows build
svn path=/trunk/; revision=33010
Jörg Mayer [Fri, 28 May 2010 11:48:29 +0000 (11:48 -0000)]
Remaining fixes for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4788
- Compile the python code directly into epan - don't link it in as
a static lib.
- Call make-init-lua.pl with the top level directory instead of the
current directory. Change make-init-lua.pl accordingly.
svn path=/trunk/; revision=33009
Jörg Mayer [Fri, 28 May 2010 11:18:04 +0000 (11:18 -0000)]
Add proto_help.c to the list of files.
svn path=/trunk/; revision=33008