git.samba.org - obnox/wireshark/wip.git/log

Fix "dissect_ndr_nt_UNICODE_STRING_str()" so that the "di->levels" value
is decremented after every level is appended to, so that it correctly
specifies the number of levels up the tree to which to append stuff.

Fix some arguments to various printing routines to specify the correct
level. This includes making "dissect_ndr_nt_UNICODE_STRING()" add 1 to
the level argument it's passed before passing it on to
"dissect_ndr_pointer()".

Add a "netlogon_dissect_UNICODE_STRING()" routine to put the fields of a
bunch of NDR_POINTER_REF UNICODE_STRING values into subtrees.

Fix the labels passed as arguments in a bunch of "dissect_ndr_pointer()"
calls.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5011 f5534014-38df-0310-8fa8-9805f1628bb7

From Heikki Vatiainen: fix the test for IS-IS virtual links.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5010 f5534014-38df-0310-8fa8-9805f1628bb7

CGMP-over-Ethernet II support, from Heikki Vatiainen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5009 f5534014-38df-0310-8fa8-9805f1628bb7

From Adam Sulmicki: state machine changes to update the state better,
and changes to the display items for LEAP challenges and responses.

Make the LEAP state per-conversation.

Get rid of some unneeded includes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5008 f5534014-38df-0310-8fa8-9805f1628bb7

Default to *not* using the UCD SNMP library, as the current versions
have buffer-overflow vulnerabilities that we can't avoid. You have to
ask for it explicitly if you want it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5007 f5534014-38df-0310-8fa8-9805f1628bb7

Update from Diana Eichert to remove the comments with her login name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5006 f5534014-38df-0310-8fa8-9805f1628bb7

From Diana Eichert: add a "-q" flag to Tethereal to suppress packet
count display.

Update the Tethereal man page to reflect the new option.

Update both the Ethereal and Tethereal man pages to use the same style
to describe options, e.g.

-Z Cause Ethereal to draw the mark of Zorro on the display.

rather than

-Z Causes Ethereal to draw the mark of Zorro on the display.

(some were using the first and some were using the second).

Update the Ethereal man page to do the same for menu items.

Update both the Ethereal and Tethereal man pages to better describe the
"-N" flag (by noting that any form of name resolution *not* specified in
the flag is turned *off*).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5005 f5534014-38df-0310-8fa8-9805f1628bb7

Attach to all frames containing LEAP messages an indication of the state
of the LEAP negotiation, so we can properly dissect the LEAP message
after the first pass through the packets.

For that to be computed correctly, EAP frames have to be dissected on
the first pass through the capture file, even if the protocol tree isn't
being generated; that means that RADIUS AVPs need to be dissected even
if the protocol tree isn't being generated.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5004 f5534014-38df-0310-8fa8-9805f1628bb7

Add a cleanup function to close a potential memory leak.

Get rid of an assigned-to-but-not-used variable.

From Steven French: add names for some additional calls.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5003 f5534014-38df-0310-8fa8-9805f1628bb7

For DCE RPC requests and replies, put an item into the protocol tree for
the sub-protocol containing the actual operation number (which isn't
necessarily the operation number in a connectionless reply's PDU;
sometimes the operation number in a connectionless reply appears to be
garbage, and it's not what we use to dissect the reply in any case), and
also giving the name of the operation, if we know it.

Show the authentication data in connectionless PDUs, if present, as an
item in the protocol tree.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5002 f5534014-38df-0310-8fa8-9805f1628bb7

Additional vendor (Issani) for Radius, and Issani VSA support for
Radius, from Jim Sienicki.

Put Jakob Schlyter into the contributors list in the Ethereal man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5001 f5534014-38df-0310-8fa8-9805f1628bb7

Improve the media payload type names some more, and add some new ones I
found in a Cisco document.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5000 f5534014-38df-0310-8fa8-9805f1628bb7

Use somewhat nicer names for the media payload types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4999 f5534014-38df-0310-8fa8-9805f1628bb7

From Todd Sabin: set the tvbuff length of the stub data for
connectionless calls to the fragment length.

Add value_string tables for authentication protocol and level values.

Show the authentication protocol in decimal in connectionless PDUs, just
as we do in connection-oriented PDUs.

Get the authentication level from connection-oriented request and reply
PDUs and, if it's DCE_C_AUTHN_LEVEL_PKT_PRIVACY, don't hand the stub
data to subdissectors, just show it as encrypted stub data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4998 f5534014-38df-0310-8fa8-9805f1628bb7

From Jakob Schlyter, add the "MESSAGE" method.

Add the "QAUTH" and "DO" methods as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4997 f5534014-38df-0310-8fa8-9805f1628bb7

Updates from Paul Erkkila.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4996 f5534014-38df-0310-8fa8-9805f1628bb7

Update to draft 11, from Mark Burton.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4995 f5534014-38df-0310-8fa8-9805f1628bb7

Updates from Paul E. Erkkila.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4994 f5534014-38df-0310-8fa8-9805f1628bb7

Produce ethereal-setup-$VERSION.exe instead of ethereal-setup.exe.
From Andrew C. Feren <aferen@cetacean.com>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4993 f5534014-38df-0310-8fa8-9805f1628bb7

The length argument to "fake_unicode()" is in characters, not bytes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4992 f5534014-38df-0310-8fa8-9805f1628bb7

When dissecting an SID with more than 4 authorities, increment the
offset to go past the last authority (the RID).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4991 f5534014-38df-0310-8fa8-9805f1628bb7

In "fake_unicode()", check to make sure we have all the data in the
string available in the tvbuff before we allocate the buffer; this means
that

1) we don't have to register a cleanup function to free the
   buffer if we throw an exception trying to fetch some of the
   data, because we won't even try to allocate the buffer if we
   don't have all the data

and

2) we won't try to allocate a buffer with a bogus too-large
   length, as if the length is too large, we'll throw an
   exception in the check.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4990 f5534014-38df-0310-8fa8-9805f1628bb7

Handle Read operations on IPC trees as DCE RPC.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4989 f5534014-38df-0310-8fa8-9805f1628bb7

Express the RID separately of more than 4 sub-authorities. It is always the
last sub-authority.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4988 f5534014-38df-0310-8fa8-9805f1628bb7

Treat WriteAndX operations on IPC trees as containing DCERPC call
information, just as is done for Write.

Squelch a compiler warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4987 f5534014-38df-0310-8fa8-9805f1628bb7

There is no guarantee that a buffer obtained using "tvb_get_ptr()" is
neatly aligned on a 2-byte or a 4-byte boundary, and there is no
guarantee that a misaligned pointer can be dereferenced without getting
a fault.

Furthermore, there is no guarantee that, even if you *can* dereference a
pointer to a 2-byte or 4-byte quantity in a packet, the resulting number
you get back is in the right byte order; the data in the packet might
have a different byte order from the machine on which you're running.

Therefore, we change "prs_uint8s()", "prs_uint16s()", and
"prs_uint32s()" to return the starting offset, in the tvbuff, of the
collection of 8-bit, 16-bit, or 32-bit integral values, rather than a
pointer to the raw packet data, and change their callers to fetch the
data using "tvb_get_guint8()", "tvb_get_letohs()", and
"tvb_get_letohl()" (the stuff in all the NT protocols is presumed to be
little-endian here). We also change "fake_unicode()" to take a tvbuff
and an offset, rather than a data pointer, as arguments, and to use
"tvb_get_letohs()" to fetch the Unicode characters (again, we assume
little-endian Unicode).

This requires "fake_unicode()" to establish a cleanup handler, so we
don't leak memory if it throws an exception.

We also make "fake_unicode()" use "g_malloc()" to allocate its buffer
(we weren't checking for allocation failures in any case; with
"g_malloc()", we'll abort on an allocation failure - if we can come up
with a cleverer way of handling them, fine), and the matching frees to
use "g_free()". (We also insert some missing frees....)

Fix some formats to print unsigned quantities with "%u", not "%d".

Don't append text to items in the tree for non-string values in
"dissect_ndr_nt_STRING_string()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4986 f5534014-38df-0310-8fa8-9805f1628bb7

From Adam Sulmicki: add support for NOTIFY and NAK EAP types, fix the
entry for the ID EAP type, and do some miscellaneous cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4985 f5534014-38df-0310-8fa8-9805f1628bb7

The data for EAP_TYPE_ID is just a string; display it with
"tvb_format_text()", as per Adam Sulmicki's suggestion.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4984 f5534014-38df-0310-8fa8-9805f1628bb7

From Adam Sulmicki: add all known EAP types.

Use "tvb_bytes_to_str()", not "tvb_format_text()", for binary data such
as challenges and responses.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4983 f5534014-38df-0310-8fa8-9805f1628bb7

Updates from Paul E. Erkkila.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4982 f5534014-38df-0310-8fa8-9805f1628bb7

Secondary addresses are NUL-terminated strings; treat them as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4981 f5534014-38df-0310-8fa8-9805f1628bb7

Tiny quota updates

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4980 f5534014-38df-0310-8fa8-9805f1628bb7

Fix some comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4979 f5534014-38df-0310-8fa8-9805f1628bb7

Set the length for topology change BPDUs to 4, and leave the length of
unknown BPDU types alone.

Use the tvbuff's length in as the length of the top-level protocol tree
item.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4978 f5534014-38df-0310-8fa8-9805f1628bb7

Use "set_actual_length()" to set the reported length of the packet's
tvbuff, so we don't increase it past what was in the packet.

For packets with unknown BPDU types, put the value of the type into the
Info column.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4977 f5534014-38df-0310-8fa8-9805f1628bb7

Give all the items in the packet filterable fields, including the
bitfields in the flags field.

Put a summary of the flags in the protocol tree item for the flags
field.

Give the Protocol Identifier and BPDU Type fields value_string tables.
Don't bother with "proto_tree_add_uint_format()" for fields with
value_string tables - use the default format.

Put the "Version 1 Length" field into Rapid Spanning Tree packets.

Don't fetch items until you put them into the protocol tree.

Make the length of the top-level item be the correct length of the
packet, including the "Version 1 Length" field in RST packets. (XXX -
should it be really short for Topology Change Notification packets?)

For packets with unknown BPDU types, put the value of the type into the
Info column.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4976 f5534014-38df-0310-8fa8-9805f1628bb7

The protocol ID is an 8-bit field in the DEC spanning tree protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4975 f5534014-38df-0310-8fa8-9805f1628bb7

Give all the items in the packet filterable fields, including the
bitfields in the flags field.

Put a summary of the flags in the protocol tree item for the flags
field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4974 f5534014-38df-0310-8fa8-9805f1628bb7

Allow "proto_item_append_text()" to an item that doesn't have a
representation string - set the representation string to the default
representation. This lets you append to an item that's been added with
"proto_tree_add_XXX" calls that don't explicitly format the
representation string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4973 f5534014-38df-0310-8fa8-9805f1628bb7

Put in desegmentation support.

Use "proto_tree_add_item()" to add items to the protocol tree; don't
fetch to a variable if the variable isn't later used (except for the
"unknown" fields). Put fields into the protocol tree as soon as they're
fetched, so that if an exception is thrown when dissecting a packet, the
fields that didn't cause an exception get put into the protocol tree.

Fix some typos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4972 f5534014-38df-0310-8fa8-9805f1628bb7

LDP support for draft-martini-l2circuit-encap-mpls for
Ethernet-over-MPLS, from Aamer Akhter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4971 f5534014-38df-0310-8fa8-9805f1628bb7

Quota updates. GetUserQuota implemented and support for list of userquota structures

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4970 f5534014-38df-0310-8fa8-9805f1628bb7

Add dissection of one more bit in Quota FS Flags bitmask

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4969 f5534014-38df-0310-8fa8-9805f1628bb7

Don't show a secondary address if the secondary address length is 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4968 f5534014-38df-0310-8fa8-9805f1628bb7

Skinny Client Control Protocol enhancements, from Paul E. Erkkila.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4967 f5534014-38df-0310-8fa8-9805f1628bb7

Cisco LEAP support, from Adam Sulmicki.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4966 f5534014-38df-0310-8fa8-9805f1628bb7

Add information about 64-bit integral field support.

Fix some items on the tvbuff accessors for integers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4965 f5534014-38df-0310-8fa8-9805f1628bb7

quota update partial NTGetUserQuota support

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4964 f5534014-38df-0310-8fa8-9805f1628bb7

Partial dissection of NT Set User Quota data block

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4963 f5534014-38df-0310-8fa8-9805f1628bb7

SMB Quota updates

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4962 f5534014-38df-0310-8fa8-9805f1628bb7

Updates for NT QUOTA in packet-smb.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4961 f5534014-38df-0310-8fa8-9805f1628bb7

Some minor bugfixes for netlogon

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4960 f5534014-38df-0310-8fa8-9805f1628bb7

From Aamer Akhter: LDP support for draft-martini-l2circuit-trans-mpls,
LDP status code updates, and small LDP cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4959 f5534014-38df-0310-8fa8-9805f1628bb7

Put an item into the protocol tree for the secondary address in a bind
ack PDU.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4958 f5534014-38df-0310-8fa8-9805f1628bb7

The service is just called "IPC"; the pipe is what's called "IPC$".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4957 f5534014-38df-0310-8fa8-9805f1628bb7

Whether the data returned from a read or sent in a write is DCERPC
traffic or not, that data doesn't include the padding; handle padding
if you're dissecting it as DCERPC traffic.

Don't treat the traffic as DCERPC traffic unless it's to the IPC$ share.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4956 f5534014-38df-0310-8fa8-9805f1628bb7

A double-click in a filter name in the list-of-filters dialog box should
activate the text widget into which the filter text is put only if
clicking "OK" in the list-of-filters dialog box does so. Make it so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4955 f5534014-38df-0310-8fa8-9805f1628bb7

There is no guarantee that, when processing an SMB response, "si->sip"
is non-null, as there's no guarantee that the corresponding SMB request
is in the capture. Check whether it's null before using it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4954 f5534014-38df-0310-8fa8-9805f1628bb7

Update the developer documentation to reflect current reality (or a
subset thereof).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4953 f5534014-38df-0310-8fa8-9805f1628bb7

A new type of DCERPC over SMB transport.
I have captures with w2k speaking DCERPC without using the normal
Transaction named pipes SMBs.
Instead DCERPC is just implemented ontop of ordinary read/write calls.

The smb dissector now examines TreeConnectAndX and stores the conversation/tid/type-of-share in a table for later access.
All SMB requests examine that hash table to find out if TID in the header refers
to a normal share or an IPC$ share.

Initial support in read/write SMB calls to detect if the operations are for an
IPC share and thus it assumes it must be DCERPC commands in the payload.
Desegmentation/Reassembly of these types of calls are not implemented yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4952 f5534014-38df-0310-8fa8-9805f1628bb7

XDMCP support, from Pasi Eronen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4951 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a couple of incorrect calls to "proto_tree_add_boolean()" to call
"proto_tree_add_item()" instead.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4950 f5534014-38df-0310-8fa8-9805f1628bb7

Pretty up Policy Handles.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4949 f5534014-38df-0310-8fa8-9805f1628bb7

Pretty up the SID dissector ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4948 f5534014-38df-0310-8fa8-9805f1628bb7

Moved the value_string for MS country codes from packet-dcerpc-nt.c to
packet-smb.c so that packet-smb-pipe.c can reference this struct as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4947 f5534014-38df-0310-8fa8-9805f1628bb7

Added error messages for invalid name and invalid form size.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4946 f5534014-38df-0310-8fa8-9805f1628bb7

From Andrew Feren: put all of Cisco's OUIs into manuf.tmpl.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4945 f5534014-38df-0310-8fa8-9805f1628bb7

From Andrew Feren: minor patch to correct what looks like a cut and
paste error in an error message. The wrong filename is being displayed
if manuf can't be opened for writing.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4944 f5534014-38df-0310-8fa8-9805f1628bb7

Added a value_string for the countreis which have their MS contry code listed
at www.unicode.org and made samr and netlogon use it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4943 f5534014-38df-0310-8fa8-9805f1628bb7

hf_netlogon_code did not have an hf_[] entry.

some cruft removed from LSA_SECURITY_DESCRIPTOR that is not used anymore since
we call the dissector in packet-smb.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4942 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4941 f5534014-38df-0310-8fa8-9805f1628bb7

Clean up the display of the top-level item for the NT ACE Flags, so that
there's a space after the colon, and so that there's no extra comma at the
end and only one space between the items.

Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4940 f5534014-38df-0310-8fa8-9805f1628bb7

Boost the maximum amount of indentation put into text output.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4939 f5534014-38df-0310-8fa8-9805f1628bb7

When defining the struct select_item, don't create an instance of that
struct, alsoc alled select_item, as it's not used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4938 f5534014-38df-0310-8fa8-9805f1628bb7

Make LSA_SECURITY_DESCRIPTOR dissector call dissect_nt_sec_desc()
instead of just displaying it as some hex string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4937 f5534014-38df-0310-8fa8-9805f1628bb7

Added mockups for LSA_SECRET and LSA_SECURITY_DESCRIPTOR inside
packet-dcerpc-netlocon.c so that SamDelta_reply packets will be dissected properly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4936 f5534014-38df-0310-8fa8-9805f1628bb7

Fixed bug in SAMDELTAS_request.
There is still a bug in the dissection of SAMDELTA_reply but this is due to
LSA_SECRET not being implemented yet which is embedded in one of the
netlogon structures.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4935 f5534014-38df-0310-8fa8-9805f1628bb7

Update dissect_ndr_nt_STRING so it can also accept FT_BYTES and for that type
display the data as a hexadecimal string.

Update netlogon so that nt and lm challenge response bytes are displayed
in hexadecimal form and not pseudo-ascii

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4934 f5534014-38df-0310-8fa8-9805f1628bb7

Give the "prevent/allow medium removal" command the right name (it's
"prevent/allow", not "prevent allow").

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4933 f5534014-38df-0310-8fa8-9805f1628bb7

From Dinesh Dutt: initial dissection of a variable-length CDB.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4932 f5534014-38df-0310-8fa8-9805f1628bb7

Get rid of unnecessary includes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4931 f5534014-38df-0310-8fa8-9805f1628bb7

Get rid of the "--enable-snmp" option; instead, use "--with-ucdsnmp".
Make the directory option to "--with-ucdsnmp" optional. Handle
"--with-ucdsnmp" similar to the way "--with-pcap" is handled.

Get rid of unnecessary #defines in "packet-cops.c".

Get rid of no-longer-necessary include of "dlfcn.h" in "packet-snmp.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4930 f5534014-38df-0310-8fa8-9805f1628bb7

Small fix for dissect_ndr_nt_UNICODE_STRING_str() in packet-dcerpc-nt.c
so that NETLOGON will not dump core (since netlogon has these structs as top
level reference pointers)

Addition of full netlogon dissection. Full in the sense as it assumes the idl
is correct and complete.
Many calls and fields are unknown so they get dissected with "unknown long,
contact ethereal-dev@... if you know what it is".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4929 f5534014-38df-0310-8fa8-9805f1628bb7

From Adam Sulmicki: use "proto_tree_add_uint()" rather than
"proto_tree_add_boolean()" for the "hf_eapol_keydes_key_index_indexnum"
field, as it's an FT_UINT8, not an FT_BOOLEAN.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4928 f5534014-38df-0310-8fa8-9805f1628bb7

In the message at the end that indicates how Ethereal was configured,
refer to "UCD SNMP" rather than just "SNMP".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4927 f5534014-38df-0310-8fa8-9805f1628bb7

Update various README and INSTALL files to reflect the requirement for
UCD SNMP 4.2.2 or later if you want MIB-reading support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4926 f5534014-38df-0310-8fa8-9805f1628bb7

"format_var()" returns a "malloc()"ed string, not a "g_malloc()"ed
string; free it with "free()", not "g_free()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4925 f5534014-38df-0310-8fa8-9805f1628bb7

If we're linking with the UCD SNMP library, make "format_oid()" append a
display of the symbolic form of the OID. Remove code that used to do
that outside of "format_oid()".

Export "format_oid()" from "packet-snmp.c" and use it in
"packet-cops.c".

Remove support for CMU SNMP and older versions of UCD SNMP from
"packet-cops.c", as it has been removed from the rest of Ethereal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4924 f5534014-38df-0310-8fa8-9805f1628bb7

Put "extern" in front of the function declaration.

Update Gerald's e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4923 f5534014-38df-0310-8fa8-9805f1628bb7

The "val_len" member of a "struct variable_list" should be set to the
length of the variable's value, in bytes, not the length of the BER
encoding of that variable's value. The latter setting means it won't be
correct for object IDs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4922 f5534014-38df-0310-8fa8-9805f1628bb7

Final patch in preparing for NETLOGON dissector.
Exported some functions from packet-dcerpc-samr.c and added two
more functions the netlogon dissector will need.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4921 f5534014-38df-0310-8fa8-9805f1628bb7

Move the STRING dissector to packet-dcerpc-nt.c and add one more parameter
to make it more similar to the UNICODE_STRING dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4920 f5534014-38df-0310-8fa8-9805f1628bb7

Rename samr_dissect_LOGON_HOURS() to dissect_ndr_nt_LOGON_HOURS() and
export it to other modules.
NETLOGON dissector (and others) will need this function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4919 f5534014-38df-0310-8fa8-9805f1628bb7

Moved dissect_ndr_nt_NTTIME() from packet-dcerpc-samr.c to packet-dcerpc-nt.c
since this function will be used by other NT services as well such as NETLOGON.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4918 f5534014-38df-0310-8fa8-9805f1628bb7

Remove code to show the presence, and version number, of the CMU SNMP
library, as we no longer support linking with that library.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4917 f5534014-38df-0310-8fa8-9805f1628bb7

Use "ds_set_int()", not "snmp_set_suffix_only()", to set the "print
suffixes only" setting.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4916 f5534014-38df-0310-8fa8-9805f1628bb7

Absolute and Relative times were swapped. Also add comment that there seems
to be an unknown special time constant : 0x40000000 00000000 that we dont know
yet what it means.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4915 f5534014-38df-0310-8fa8-9805f1628bb7

Use the "sprint_realloc_" routines in UCD SNMP 4.2.2 and later, rather
than the "sprint_" routines in UCD and CMU SNMP; the latter routines
have no bounds checking, and if you use them you cannot protect against
buffer overflows.

As we now require UCD SNMP 4.2.2 or later:

1) we no longer need code to support CMU SNMP;

2) we no longer need code to work around problems with UCD SNMP
4.1.1;

and, as we no longer use the "sprint_" routines, we no longer need code
to work around the changed API and ABI of those routines in some
nonstandard versions of the UCD SNMP library.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4914 f5534014-38df-0310-8fa8-9805f1628bb7

Don't use "proto_tree_add_string_format()" when
"proto_tree_add_string()" will suffice.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4913 f5534014-38df-0310-8fa8-9805f1628bb7

Use "dissect_ndr_nt_UNICODE_STRING_str()", not
"dissect_ndr_nt_UNICODE_STRING_string()", in
"samr_dissect_connect2_server()"; that eliminates an unnecessary extra
level of protocol tree.

That removes the last call to "dissect_ndr_nt_UNICODE_STRING_string()";
eliminate that routine.

In "dissect_ndr_nt_UNICODE_STRING()", initially create the subtree with
the name of the field as a string, so that if an exception is thrown
before the name is set, the subtree won't show up as blank when
displayed or printed.  Also pass in the name to "dissect_ndr_pointer()",
so the same happens for subtrees below it.  Append only the string data,
not its name, to items up the tree, as the name was put in when the item
was created.  Also, when adding a colon before the string, put a space
after the colon, as is done elsewhere in Ethereal.

When appending additional strings, put the blank before the new string,
not after it.

In "dissect_ndr_nt_STRING()", put the subtree into the string with the
name of the field, rather than just "String".  Pass in that name to
"dissect_ndr_pointer()", so subtrees below it get a name when they're
initially created.

Get rid of colons in the name string passed to "dissect_ndr_pointer()"
in some calls.  Supply a non-null name string in more calls to
"dissect_ndr_pointer()", and fix some calls to pass in the name of the
field being handed to "dissect_ndr_pointer()".

There's no need to fetch the entire "header_field_info" structure for a
protocol field in order to get the field's name - just use
"proto_registrar_get_name()" to get the name.

Use a length of -1, not 0, when creating a subtree whose length will be
set when the dissection of the items under the subtree is complete; that
way, if an exception is thrown while dissecting the items - which means
the item goes past the end of the tvbuff - the item will refer to all
data to the end of the tvbuff, rather than referring to nothing.

Fix a typo in the name of the "hf_samr_unknown_string" field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4912 f5534014-38df-0310-8fa8-9805f1628bb7