Bill Meier [Thu, 3 Jun 2010 18:56:39 +0000 (18:56 -0000)]
From Sven Eckelmann: Change recursion for aggregated packets to iteration.
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
svn path=/trunk/; revision=33075
Stig Bjørlykke [Thu, 3 Jun 2010 13:53:03 +0000 (13:53 -0000)]
Improved readability when displaying seconds with hours and minutes.
svn path=/trunk/; revision=33074
Jörg Mayer [Thu, 3 Jun 2010 13:04:22 +0000 (13:04 -0000)]
- Add tap-sv.c and packet-sv.c to the list of files to build
- Whitespace fixes
- Add Fedora 64 bit to the list of platforms where cmake should
work
svn path=/trunk/; revision=33073
Anders Broman [Thu, 3 Jun 2010 08:22:08 +0000 (08:22 -0000)]
Use g_hash_table_new_full().
svn path=/trunk/; revision=33072
Anders Broman [Thu, 3 Jun 2010 07:47:07 +0000 (07:47 -0000)]
From Pascal Quantin:
Avoid triggering a malformed packet error when decoding a simple UE terminated Detach Request when the EMM cause IE is not present:
svn path=/trunk/; revision=33071
Jaap Keuter [Thu, 3 Jun 2010 07:38:27 +0000 (07:38 -0000)]
Whitespace/indentation/code style cleanup.
svn path=/trunk/; revision=33070
Jeff Morriss [Thu, 3 Jun 2010 02:23:36 +0000 (02:23 -0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4832 :
Add field 'nfs.ops.count' in the detail pane of NFSv4 calls and replies that
displays the number of operations in NFSv4 COMPOUND requests/replies.
From me: change the blurb wording a bit.
svn path=/trunk/; revision=33069
Jeff Morriss [Thu, 3 Jun 2010 02:15:32 +0000 (02:15 -0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4830 :
Display the fsid (filesystem ID) in decimal as well as hex in the "attributes"
section of the header in NFSv3/v4 replies.
svn path=/trunk/; revision=33068
Jeff Morriss [Thu, 3 Jun 2010 02:05:52 +0000 (02:05 -0000)]
From Peter Harris via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4820 :
Mesa moved its API description file again.
Also, while I'm here, I noticed that they stopped using signed tags, so add
--tags to "git describe" for a better description of the mesa version used to
build the X11 dissector.
svn path=/trunk/; revision=33067
Bill Meier [Thu, 3 Jun 2010 02:03:32 +0000 (02:03 -0000)]
From: Sven Eckelmann:Add support for v10 packet format
"v10 of the packet format was added recently and could be added
to the wireshark dissector"
See: Bug #4833: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4833
From me:
- Fix a compile error: ...version=tvb_get_ntohs...
- Fix a missing = NULL.
svn path=/trunk/; revision=33066
Guy Harris [Thu, 3 Jun 2010 01:22:18 +0000 (01:22 -0000)]
Sorry, I forgot that 8.6. UDVM Cycles says
Note that the number of UDVM cycles MUST NOT be increased if a
request for additional compressed data fails.
so we *shouldn't* increase the cycle count further when
SIGCOMP_INSTR_INPUT_BYTES fails. That does *NOT* of course, mean that
we shouldn't increase the cycle count by 1 for a failed INPUT-BYTES
instruction - that would leave UDVM vulnerable to infinite loops (as per
bug 4826), and I *really* doubt that was their intent; presumably, it
means it should not be increased *by the number of cycles for the
additional data*:
Additionally, if the UDVM successfully requests n bits of
compressed data using one of the INPUT instructions then the
number of available UDVM cycles is increased by n *
cycles_per_bit once the instruction has been executed.
if the attempt to get that additional data fails.
svn path=/trunk/; revision=33065
Bill Meier [Thu, 3 Jun 2010 00:52:08 +0000 (00:52 -0000)]
Add back a few 'if (check_col()...' removed by me in a previous commit.
Possibly it's better to use an 'if (checkcol()' if the enclosed call to
'col_...' has "complex" arguments.
svn path=/trunk/; revision=33064
Gerald Combs [Thu, 3 Jun 2010 00:42:21 +0000 (00:42 -0000)]
From Reinhard Speyerer via bug 4779:
From reading the rawshark(1) manpage my assumption was that rawshark
could be used like
$ /usr/bml/bin/rawshark -s -r test.pcap -d encap:EN10MB ...
However rawshark either expects the -r argument to be -
(read from stdin) or a pipe which results in the following error
message:
rawshark: ".../test.pcap" is neither an interface nor a pipe
The proposed rawshark.pod patch updates the -r description to
the implemented rawshark functionality.
The patch also applies to the current SVN version.
svn path=/trunk/; revision=33063
Bill Meier [Thu, 3 Jun 2010 00:26:27 +0000 (00:26 -0000)]
From Sven Eckelmann: Synchronize bat dissector with batadv dissector
"Different people made changes to enhance the batman-adv dissector. It seems
that the batman dissector wasn't touched and misses those changes. Following
patchset should improve the dissector the same way Gerald Combs, Guy Harris and
Bill Meier improved batman-adv."
See Bug #4384: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4834
From me: Add back a few 'if (check_col()) ...';
I probably went just a bit too far in changes I made in packet-batadv.c
svn path=/trunk/; revision=33062
Gerald Combs [Wed, 2 Jun 2010 22:16:49 +0000 (22:16 -0000)]
Increment the cycle count no matter what. Increase the cycle count
further when SIGCOMP_INSTR_INPUT_BYTES fails. Fixes the infinite loop
found in bug 4826.
svn path=/trunk/; revision=33061
Bill Meier [Wed, 2 Jun 2010 21:36:24 +0000 (21:36 -0000)]
From Sven Eckelmann: Fix endless recursive loop
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
svn path=/trunk/; revision=33060
Anders Broman [Wed, 2 Jun 2010 19:29:14 +0000 (19:29 -0000)]
From David Bond:
Added the IEEE defined ether types for TRILL and Layer 2 ISIS. Also had ISIS
register itself with the ethertype dissector.
References:
http://www.postel.org/pipermail/rbridge/2010-May/003998.html
http://tools.ietf.org/html/draft-ietf-isis-layer2-05
http://tools.ietf.org/html/draft-ietf-trill-rbridge-protocol-16
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4825
svn path=/trunk/; revision=33059
Jaap Keuter [Wed, 2 Jun 2010 19:01:16 +0000 (19:01 -0000)]
Set Subversion properties right.
svn path=/trunk/; revision=33058
Bill Meier [Wed, 2 Jun 2010 19:00:20 +0000 (19:00 -0000)]
Misc changes:
- Clear info col before beginning dissection;
- Remove some uneeded forward declarations;
- Remove some ... = NULL initializers;
- Display protocol as BATADV_??? if unknown type;
- '(gwflags & 0x7C) >> 3' ==> '(gwflags & 0x78) >> 3'
svn path=/trunk/; revision=33057
Gerald Combs [Wed, 2 Jun 2010 18:13:00 +0000 (18:13 -0000)]
From Chris Maynard via bug 4014:
This trivial patch merely displays the ICMP ID and sequence # in the Info
column.
svn path=/trunk/; revision=33056
Bill Meier [Wed, 2 Jun 2010 18:11:17 +0000 (18:11 -0000)]
check_col() no longer required;
Use col_add_fstr() instead of col_clear()/col_append_fstr() combo.
svn path=/trunk/; revision=33055
Stig Bjørlykke [Wed, 2 Jun 2010 17:59:18 +0000 (17:59 -0000)]
Added packet-batadv.c
svn path=/trunk/; revision=33054
Guy Harris [Wed, 2 Jun 2010 17:33:45 +0000 (17:33 -0000)]
Fix incorrect fetch of version field.
svn path=/trunk/; revision=33053
Gerald Combs [Wed, 2 Jun 2010 17:10:55 +0000 (17:10 -0000)]
From Sven Eckelmann via but 2631:
The wireless meshing protocol B.A.T.M.A.N. Advanced changed their packet format
in such a way that now versions can be identified and so correct dissection of
the packets can be supported by wireshark.
Since it is a ever moving target it is very possible that the packet format is
changing slightly. The dissector was written in such a way that new version can
be supported relative easy.
I hope that it sufficient for the inclusion in wireshark.
I tried to fuzzing it some hours and no error was reported.
From me:
Initialize our dissector handles.
Merge packet-batadv.h into packet-batadv.c. It isn't included anywhere else.
Fuzz 500 passes using attached capture files.
svn path=/trunk/; revision=33052
Jeff Morriss [Wed, 2 Jun 2010 16:01:51 +0000 (16:01 -0000)]
Initialize no_vs_avps_ext with a pointer to a valid 'match' function so we don't crash in val_to_str_ext() if an AVP from an unknown vendor is encountered.
svn path=/trunk/; revision=33051
Graeme Lunt [Wed, 2 Jun 2010 15:09:11 +0000 (15:09 -0000)]
Definition of certificatePolicies certificate extension and removal of warnings
svn path=/trunk/; revision=33050
Graeme Lunt [Wed, 2 Jun 2010 14:58:42 +0000 (14:58 -0000)]
CA Version certificate extension
svn path=/trunk/; revision=33049
Graeme Lunt [Wed, 2 Jun 2010 14:42:57 +0000 (14:42 -0000)]
Bug 3597 - implicit octet string that is constructed causes PRES/FTAM dissect failure
Introduced some state to remember last dissected Tag/Length so that they can be recalled if an IMPLICIT tag is encountered and stripped. This allows its to be determined if the value has a constructed value - and so can be reassembled.
In this case, it is a IMPLICIT constructed OCTET STRING at the presentation layer.
Many thanks to Fred Gruman for identifying - and apologies for the delay in commiting.
svn path=/trunk/; revision=33048
Graeme Lunt [Wed, 2 Jun 2010 13:36:10 +0000 (13:36 -0000)]
Minor change to remember the object identifier.
svn path=/trunk/; revision=33047
Graeme Lunt [Wed, 2 Jun 2010 13:33:37 +0000 (13:33 -0000)]
Updated get_ber_length to handle multiple nested indefinite length encodings.
svn path=/trunk/; revision=33046
Anders Broman [Wed, 2 Jun 2010 10:50:39 +0000 (10:50 -0000)]
Clean up a bit, fix indent.
svn path=/trunk/; revision=33045
Anders Broman [Wed, 2 Jun 2010 06:17:02 +0000 (06:17 -0000)]
Update value_strings with IE names.
svn path=/trunk/; revision=33043
Gerald Combs [Wed, 2 Jun 2010 00:30:25 +0000 (00:30 -0000)]
From Jim Young via bug 4331:
This patch adds a new '-S' option to editcap that will rewrite timestamps of
packets to insure that the new capture file is in strict chronological order.
This option's primary use case is to fixup the occasional timestamps that have
a negative delta time relative to previous packet.
This feature is related to (but does not depend on) capinfos enhancement
submitted in bug #4315 which helps identify tracefiles with "out-of-order"
packets.
svn path=/trunk/; revision=33042
Gerald Combs [Wed, 2 Jun 2010 00:24:03 +0000 (00:24 -0000)]
From Jim Young via bug 4049:
This patch adds a new '-o' option to capinfos (enabled by default) to report if
the packets within a particular capture file are in strict chronological time
order or not.
svn path=/trunk/; revision=33041
Gerald Combs [Wed, 2 Jun 2010 00:20:12 +0000 (00:20 -0000)]
Rebuild the IEC 61850 dissector.
svn path=/trunk/; revision=33040
Gerald Combs [Tue, 1 Jun 2010 23:27:16 +0000 (23:27 -0000)]
From Michael Bernhard via bug 3398 with minor fixups:
I've created a ASN.1 dissector for the IEC 61850 Sampled Values protocol. It
dissects ethernet frames of the IEC 61850-9-2LE specification form the UCA
International User Group.
There is also a new TAP for tshark (-R sv) which extracts the important
information of the frame and allows to create plots (with external tools) of
the sampled values.
I've developed under Linux (Ubuntu 8.10) but everything should be in place for
successful compilation under Windows.
It would be great if this dissector could be included in wireshark. I'm looking
forward for your comments.
svn path=/trunk/; revision=33039
Anders Broman [Tue, 1 Jun 2010 22:23:22 +0000 (22:23 -0000)]
Remove the now unused value_strings.
svn path=/trunk/; revision=33038
Anders Broman [Tue, 1 Jun 2010 22:22:09 +0000 (22:22 -0000)]
- Traffic flow template miss dissected, use de_sm_tflow_temp()
insted.
- Dissect vendor id of private message.
svn path=/trunk/; revision=33037
Gerald Combs [Tue, 1 Jun 2010 22:20:15 +0000 (22:20 -0000)]
From Kovarththanan Rajaratnam via bug 3500:
Sébastien's initial commit [1] didn't contain support for embedding Python on
Windows.
[1] http://anonsvn.wireshark.org/viewvc?view=rev&revision=28529
From me:
Comment out PYTHON_EMBED for now.
Start a list of known Python+CRT versions.
Add get_wspython_dir to libwireshark.def.
svn path=/trunk/; revision=33036
Stephen Fisher [Tue, 1 Jun 2010 18:33:16 +0000 (18:33 -0000)]
Per Jaap's suggestion on -dev list: remove "with new_packet_list" from
version output since it has been the default for a while now and show
"with old_packet_list" if compiled as such.
svn path=/trunk/; revision=33035
Stephen Fisher [Tue, 1 Jun 2010 18:32:03 +0000 (18:32 -0000)]
There's no need to assign numerical values to the enum values.
svn path=/trunk/; revision=33034
Jaap Keuter [Tue, 1 Jun 2010 18:10:21 +0000 (18:10 -0000)]
From Herbert Lischka:
Lori made a simple change to the bacapp.c file for segmentation parsing.
Basically all fragments have some common data in the APDU which is useful to
see parsed in the tree.
I added support for vendor numbers bigger than 255.
Corrected Info column for "message fragment" and "message reassembled"
svn path=/trunk/; revision=33033
Graeme Lunt [Tue, 1 Jun 2010 09:25:51 +0000 (09:25 -0000)]
The Permitted-Actions-Attribute is exported from ftam-exp.cnf as DISPLAY = BASE_HEX. This causes a runtime error and so we override the definition here until we can find the correct fix.
svn path=/trunk/; revision=33032
Stig Bjørlykke [Tue, 1 Jun 2010 07:31:10 +0000 (07:31 -0000)]
Fixed a comment.
svn path=/trunk/; revision=33031
Anders Broman [Tue, 1 Jun 2010 07:26:08 +0000 (07:26 -0000)]
From Pascal Quantin:
Decode the EIA0 (null integrity algorithm) bit in EMM messages. This was introduced in 3GPP 24.301 CR-0422 (Release 9.2) and is also used by the LTSI (LTE/SAE Trial Initiative) for interoperability tests between constructors (with Release 8 equipments). I also updated the description of EEA0 as stated in 24.302 release 9.2.
svn path=/trunk/; revision=33030
Guy Harris [Tue, 1 Jun 2010 03:37:51 +0000 (03:37 -0000)]
capture() can, in some cases, return FALSE when the capture succeeds;
back out the change to check its return value until we fix that.
Also back out the test suite changes to look for an error exit for
invalid capture filters and interfaces.
svn path=/trunk/; revision=33029
Guy Harris [Mon, 31 May 2010 19:37:26 +0000 (19:37 -0000)]
Wireshark requires routines from libm, such as ceil(), so link with it;
we shouldn't rely on getting it pulled in by other shared libraries, as
1) there's no guarantee that the other shared libraries we use
are linked with it or will continue to be linked with it;
2) there's no guarantee that we're even linking dynamically;
3) it fails on Fedora 13 as part of a change to catch programs
that implicitly (or explicitly) assume, in their build
procedures, that they'll get libraries linked in as a result
of linking with other libraries.
svn path=/trunk/; revision=33028
Anders Broman [Mon, 31 May 2010 05:13:27 +0000 (05:13 -0000)]
From Ian Schorr:
NFS Dissector needs FH support for EMC Celerra.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4813
svn path=/trunk/; revision=33027
Jaap Keuter [Sun, 30 May 2010 21:39:41 +0000 (21:39 -0000)]
From Chris Maynard:
Fix for bug 4810 so PPP/USB dissector registers for IF_CLASS_CDC_DATA
- in addition to IF_CLASS_UNKNOWN and IF_CLASS_VENDOR_SPECIFIC, for those rare
occasions that the right set of circumstances arise where PPP traffic will be
(correctly) encapsulated in a USB frame of that interface class.
svn path=/trunk/; revision=33026
Gerald Combs [Sun, 30 May 2010 15:03:31 +0000 (15:03 -0000)]
[Automatic manuf and enterprise-numbers update for 2010-05-30]
svn path=/trunk/; revision=33023
Jaap Keuter [Sun, 30 May 2010 10:51:44 +0000 (10:51 -0000)]
From Matteo Valdina
There are two typos in the RTCP TMMBR packets:
1. In the dissector of RTCP TMMBR is written "messured" instead of measured.
2. In the text title field is written TMMBN instead on TMMBR and vice-versa.
svn path=/trunk/; revision=33022
Jaap Keuter [Sun, 30 May 2010 10:28:21 +0000 (10:28 -0000)]
From Chris Maynard:
Fix for bug 4807 to handle compressed (NULL) address and control bytes.
The problem seems to be that the address and control bytes are missing,
presumably because they are compressed per section 3.2 of
http://tools.ietf.org/html/rfc1662. The attached patch tries to account for
that.
The patch also fixes another bug. If the hdlc framing character, 0x7e, is not
present, but the address and control fields are, then the offset might need to
be 3 bytes instead of only 2 bytes if the control field is escaped. Sometimes
it is escaped and sometimes it isn't, so we need to handle both cases.
svn path=/trunk/; revision=33021
Anders Broman [Sat, 29 May 2010 22:29:09 +0000 (22:29 -0000)]
Increase the base size to 100 000 we are using more than that.
svn path=/trunk/; revision=33020
Jeff Morriss [Sat, 29 May 2010 03:35:32 +0000 (03:35 -0000)]
Include glib.h (for g_snprintf).
svn path=/trunk/; revision=33019
Jeff Morriss [Sat, 29 May 2010 03:34:05 +0000 (03:34 -0000)]
Add braces to avoid an ambiguous else
svn path=/trunk/; revision=33018
Jeff Morriss [Sat, 29 May 2010 03:33:28 +0000 (03:33 -0000)]
Put the optional objects in EXTRA..SOURCES instead of EXTRA_DIST.
Put the optional objects in a _DEPENDENCIES rule so they actually get built
when needed.
Use libtool to make these objects. Remove AC variables that are no longer
needed.
svn path=/trunk/; revision=33017
Jeff Morriss [Sat, 29 May 2010 01:00:52 +0000 (01:00 -0000)]
Make inet_aton an optional object on *NIX again
svn path=/trunk/; revision=33016
Jeff Morriss [Sat, 29 May 2010 00:34:08 +0000 (00:34 -0000)]
Remove a couple more references to the optional objects (that are now in wsutil)
svn path=/trunk/; revision=33015
Gerald Combs [Fri, 28 May 2010 23:00:29 +0000 (23:00 -0000)]
From Karl Heinz Wolf via bug 3571 (with minor changes):
Patch for the SIP dissector: the raw SIP message can be shown with our without
the "\r\n". User may want to remove the \r\n for clarity (by selecting a
checkbox).
svn path=/trunk/; revision=33014
Jeff Morriss [Fri, 28 May 2010 20:37:18 +0000 (20:37 -0000)]
Add a missing variable from wsgetopt
svn path=/trunk/; revision=33013
Jeff Morriss [Fri, 28 May 2010 20:19:55 +0000 (20:19 -0000)]
Move some code (including the optional objects) into libwsutil
svn path=/trunk/; revision=33012
Gerald Combs [Fri, 28 May 2010 18:04:56 +0000 (18:04 -0000)]
From Jakub Zawadzki via bug 4273:
After appending new record set packet_list->columnized to FALSE.
From me:
Use g_ptr_array_sort_with_data instead of g_qsort_with_data in case the
GPtrArray internals ever change.
svn path=/trunk/; revision=33011
Jeff Morriss [Fri, 28 May 2010 13:09:12 +0000 (13:09 -0000)]
Fix the Windows build
svn path=/trunk/; revision=33010
Jörg Mayer [Fri, 28 May 2010 11:48:29 +0000 (11:48 -0000)]
Remaining fixes for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4788
- Compile the python code directly into epan - don't link it in as
a static lib.
- Call make-init-lua.pl with the top level directory instead of the
current directory. Change make-init-lua.pl accordingly.
svn path=/trunk/; revision=33009
Jörg Mayer [Fri, 28 May 2010 11:18:04 +0000 (11:18 -0000)]
Add proto_help.c to the list of files.
svn path=/trunk/; revision=33008
Bill Meier [Fri, 28 May 2010 01:37:32 +0000 (01:37 -0000)]
Add svn:keywords & svn:eol-style properties
svn path=/trunk/; revision=33007
Guy Harris [Fri, 28 May 2010 01:09:28 +0000 (01:09 -0000)]
Use return rather than exit in main().
Return 2 for a capture error - we mainly use 1 for command-line syntax
errors (rather than, say, filter syntax errors or an invalid interface).
Now that TShark exits with an error status when given an invalid capture
filter or invalid interface, check for "error" rather than "success" as
an exit status.
svn path=/trunk/; revision=33006
Gerald Combs [Thu, 27 May 2010 23:55:04 +0000 (23:55 -0000)]
Add cf_fake_continue_tail() which is called when real-time capture
updates are off and which sets the capture file state to a value that
won't cause an assertion when the user stops capturing. Fixes bug 4035.
svn path=/trunk/; revision=33005
Bill Meier [Thu, 27 May 2010 23:46:01 +0000 (23:46 -0000)]
Fix bug #4735: tshark returns 0 on non-valid filter and interface.
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4735
svn path=/trunk/; revision=33004
Jaap Keuter [Thu, 27 May 2010 21:54:58 +0000 (21:54 -0000)]
From Steven McCoy:
AFI fields are 2 bytes i.s.o. 1.
From me, several more size changes and decode cleanup.
svn path=/trunk/; revision=33003
Gerald Combs [Thu, 27 May 2010 21:17:55 +0000 (21:17 -0000)]
fopen -> ws_fopen
svn path=/trunk/; revision=33002
Gerald Combs [Thu, 27 May 2010 19:54:02 +0000 (19:54 -0000)]
Protocol Help requires GLib 2.6+. Add newlines. Fixup whitespace.
svn path=/trunk/; revision=33001
Jeff Morriss [Thu, 27 May 2010 19:13:26 +0000 (19:13 -0000)]
Copy the (no longer Win32-specific) description of the -B option to the Wireshark man page.
svn path=/trunk/; revision=33000
Jeff Morriss [Thu, 27 May 2010 19:11:53 +0000 (19:11 -0000)]
Document the maximum number of files in a ring buffer, including a warning about using large numbers of files.
svn path=/trunk/; revision=32999
Gerald Combs [Thu, 27 May 2010 18:00:46 +0000 (18:00 -0000)]
Set RINGBUFFER_MAX_NUM_FILES to 100000. Use it to generate file names.
Add RINGBUFFER_WARN_NUM_FILES and use it to print a warning. Print
warnings when we change the number of ringbuffer files.
svn path=/trunk/; revision=32998
Gerald Combs [Thu, 27 May 2010 17:57:10 +0000 (17:57 -0000)]
Add .11s to Sam Leffler's entry. We haven't used Alain Magloire's
snprintf.c for almost four years. Remove the entry.
svn path=/trunk/; revision=32997
Anders Broman [Thu, 27 May 2010 16:24:44 +0000 (16:24 -0000)]
Add string_replace to exported functions.
svn path=/trunk/; revision=32996
Gerald Combs [Thu, 27 May 2010 15:51:25 +0000 (15:51 -0000)]
From Edgar Gladkich:
This is an extension to the Wireshark context sensitive protocol help. Rows in
TreeView window are analyzed and suitable help file (as HTML) is opened in a
browser.
The help part (large file, 23 MB) of the Protocol Help can be downloaded under
www.inacon.com/dowload/stuff/protocol_help.tar.gz
This protocol help "light" provides descriptive content for the most frequently
used standard protocols, including IP, TCP or SMTP.
From me:
Changes:
Rename "ph_" in some function names to "proto_help_". Move the protocol
help code to its own module.
Make a bunch of functions static. Remove unused code.
Use browser_open_url() instead of a custom function.
Increase the logging levels. Don't clobber the normal log handler.
Update some Doxygen comments to match the format in the rest of the code
base.
Removed GTK version checks. We've been 2.x only for a while.
Move ph_replace_string to string_replace() in epan/strutil.[ch].
Fix a bunch of memory leaks.
Add a NULL pointer check.
Reformat the overview menu label.
Document the file format and locations.
Add Edgar to AUTHORS.
svn path=/trunk/; revision=32995
Bill Meier [Thu, 27 May 2010 15:47:34 +0000 (15:47 -0000)]
Reword two error messages as per Bug #4518.
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4518
svn path=/trunk/; revision=32994
Anders Broman [Thu, 27 May 2010 14:05:20 +0000 (14:05 -0000)]
From Pascal Quantin:
Prettify decoding of EPS NAS messages.
svn path=/trunk/; revision=32993
Jörg Mayer [Thu, 27 May 2010 10:49:33 +0000 (10:49 -0000)]
Fix for the LUA part of bug
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4788
- Don't build the wslua stuff as a (static) library, build the
stuff directly into epan instead.
The wspython remains to be done.
svn path=/trunk/; revision=32992
Anders Broman [Thu, 27 May 2010 08:12:58 +0000 (08:12 -0000)]
From Tamás Regõs:
Updated Experimental-Result-Code AVP 298.
svn path=/trunk/; revision=32991
Guy Harris [Thu, 27 May 2010 06:11:28 +0000 (06:11 -0000)]
Data frames, not management frames, can have a mesh header.
svn path=/trunk/; revision=32990
Gerald Combs [Thu, 27 May 2010 03:24:04 +0000 (03:24 -0000)]
Remove a couple of items from the "known bugs" list.
svn path=/trunk/; revision=32989
Guy Harris [Thu, 27 May 2010 01:13:49 +0000 (01:13 -0000)]
Make -q not a capture option again - it's used by tshark even when not
capturing, and thus even when we build without pcap.
svn path=/trunk/; revision=32988
Gerald Combs [Thu, 27 May 2010 00:49:01 +0000 (00:49 -0000)]
Make sure our prefix length is > 0 before lopping off the last
character. Fixes bug 4797.
svn path=/trunk/; revision=32987
Guy Harris [Thu, 27 May 2010 00:48:08 +0000 (00:48 -0000)]
Clean up the error reporting. An EOF from the sync pipe when capturing
is just an indication that the capture child exited; don't treat it as
an error, unless the child process exits with an abnormal status.
As tshark sends a "stop capture" indication to the child when it's
^C'ed, the child will exit and we'll get an EOF from the capture pipe;
don't make SIGINT etc. interrupt system calls, so they don't cause reads
from the capture pipe to get EINTR errors.
svn path=/trunk/; revision=32986
Gerald Combs [Wed, 26 May 2010 23:29:56 +0000 (23:29 -0000)]
Another attempt at bug 4669: Properly set the previous-displayed-packet
timestamp when we're recalculating reference times.
Remove an unused variable. Add whitespace & comment fixups.
svn path=/trunk/; revision=32985
Anders Broman [Wed, 26 May 2010 21:39:24 +0000 (21:39 -0000)]
From Jakub Zawadzki:
One more change from wtap_seek_read to cf_read_frame.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4666
svn path=/trunk/; revision=32984
Jaap Keuter [Wed, 26 May 2010 21:23:45 +0000 (21:23 -0000)]
From Brian Woodard:
User Defined CIGI packets with a packet size greater than 127 bytes are
displayed as Malformed. Instead, treat size as unsigned integers.
svn path=/trunk/; revision=32983
Jaap Keuter [Wed, 26 May 2010 21:10:02 +0000 (21:10 -0000)]
From Hadar Shoham:
Change DHCPv6 option 17.8 to be the same as BOOTP option 43.8
CableLabs specs treat 43.8\17.8 inconsistently as either binary (3 byte)
or string (6 byte)
Additional cleanup and extension of interface ID presentation by me.
svn path=/trunk/; revision=32982
Gerald Combs [Wed, 26 May 2010 19:44:40 +0000 (19:44 -0000)]
Have new_packet_list_queue_draw() redraw the packet detail as well. Call
new_packet_list_queue_draw() whenever we mark/unmark frames. Fixes bug
4669.
svn path=/trunk/; revision=32981
Anders Broman [Wed, 26 May 2010 19:11:23 +0000 (19:11 -0000)]
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
Jaap Keuter [Wed, 26 May 2010 19:06:17 +0000 (19:06 -0000)]
Update name resolving description.
svn path=/trunk/; revision=32979
Bill Meier [Wed, 26 May 2010 16:21:19 +0000 (16:21 -0000)]
Reference the 'interlink' plugin dir as an example (rather than agentx
which is no longer a plugin).
Fix a typo.
svn path=/trunk/; revision=32978
Martin Mathieson [Wed, 26 May 2010 15:51:47 +0000 (15:51 -0000)]
Add a tooltip.
svn path=/trunk/; revision=32977
Martin Mathieson [Wed, 26 May 2010 15:20:10 +0000 (15:20 -0000)]
Add some tooltips.
svn path=/trunk/; revision=32976
Bill Meier [Wed, 26 May 2010 14:35:06 +0000 (14:35 -0000)]
proto_registrar_dump_fields: output "" for blurb if blurb is a zero-length string.
svn path=/trunk/; revision=32975
Martin Mathieson [Wed, 26 May 2010 13:53:17 +0000 (13:53 -0000)]
Expert severity was still overlapping with bits length, so separate them.
svn path=/trunk/; revision=32974
Anders Broman [Wed, 26 May 2010 11:51:41 +0000 (11:51 -0000)]
Try to optimize a bit.
svn path=/trunk/; revision=32973