etxrab [Thu, 15 Sep 2005 05:38:37 +0000 (05:38 +0000)]
Replace the spnego dissector with an asn2eth generated one.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15810
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Sep 2005 05:22:20 +0000 (05:22 +0000)]
Rename TLV_INFO_MASK to TLV_INFO_LEN_MASK, to match TLV_TYPE_MASK.
Use "tvb_format_stringzpad()" rather than "tvb_format_text()" on
strings, as some of them are null-padded. (XXX - are they null-padded
or null-terminated?)
Clean up the TLV length checks, and do many more such checks.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15809
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Sep 2005 04:08:53 +0000 (04:08 +0000)]
We already define ETHERTYPE_LLDP in "etypes.h" - use that, don't define
our own.
Get rid of MAC_to_str() - ether_to_str() suffices.
Don't copy to on-the-stack fixed-size string buffers, just save the
results of various formatting calls as pointers.
Use tvb_format_text() to get displayable versions of text strings.
Use tvb_get_ipv4() and tvb_get_ipv6().
Don't put an item into the protocol tree as text and then put in a
hidden item that, if unhidden, would display the same or almost exactly
the same; just put the item into the tree unhidden.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15808
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Sep 2005 03:09:40 +0000 (03:09 +0000)]
Properly handle 64-bit integer constants (they don't happen by magic,
and the stuff you have to do is compiler-dependent, so use
G_GINT64_CONSTANT()).
Properly handle formatting 64-bit quantities (they don't format
correctly by magic, and the stuff you have to do is compiler-dependent,
so use PRI[duoxX]64).
Don't copy the result of tvb_bytes_to_str() to a string buffer and then
only use it as an argument to a "%s" - just use the result directly.
Don't copy constant strings to a buffer - just use the strings directly.
Fetch 64-bit integral quantities with tvb_get_ntoh64(); they're
presumably in a standard byte order, which is probably big-endian for
Internet-family protocols, and using tvb_memcpy() is *guaranteed* to be
wrong on some platforms.
Fix up a format string.
Fix up indentation a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15807
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 15 Sep 2005 03:03:29 +0000 (03:03 +0000)]
Squelch some warnings, fix some typoes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15806
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 14 Sep 2005 23:15:12 +0000 (23:15 +0000)]
fix wtap_dump_flush function name and don't check for it's return value. We don't do this check in Ethereal either and we will recognize problems at next write anyway ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15805
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 14 Sep 2005 21:57:30 +0000 (21:57 +0000)]
added compression support for capture file output. The Save/As dialog now has a checkbox "Compress with gzip"
currently limited to Ethereal and all the variants of libpcap filetypes only.
We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).
We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.
One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).
Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15804
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 14 Sep 2005 20:09:17 +0000 (20:09 +0000)]
add E_OUTOFMEMORY
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15803
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 19:14:23 +0000 (19:14 +0000)]
From Peter Johansson
I added a description for the call to DISSECTOR_ASSERT in proto.c to be
printed to stderr.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15802
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 19:11:23 +0000 (19:11 +0000)]
Fix a warning.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15801
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 19:06:54 +0000 (19:06 +0000)]
From Brian Bogora:
Our company (Mitel) has developed an LLDP-MED plug-in for Ethereal.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15800
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 18:40:16 +0000 (18:40 +0000)]
From Dinesh G Dutt
Support some new messages and fix a couple of bugs.
packet-fc.h - Added a #define for a Cisco MDS-specific frame called OHMS (online health mgmt srv) packet-fc.c - Support for OHMS frame, fixed an incorrect "malformed frame" error caused on ACK1 frames (they
don't contain anything but (encap hdr + FC hdr + encap trailer), fixed incorrect detection of
last-data-frame
packet-fcct.h - Support for new service type, "Fabric Controller", used in conjunction with FC-SW3 ESS message,
exported the service name value string definitions and
packet-fcct.c - Support for recognizing "Fabric Controller" service type and "vendor-specific" service
packet-fcswils.h - Support for ESS & MRRA messages, defined as part of FC-SW3 packet-fcswils.c - Support for ESS & MRRA messages, defined as part of FC-SW3
packet-scsi.c - Support for Verify and Write&Verify SBC commands.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15799
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 17:08:41 +0000 (17:08 +0000)]
Do the variable binding with dissect_ber_x() routines rather than asn1 ones.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15798
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 14 Sep 2005 17:04:36 +0000 (17:04 +0000)]
Dont't carsh if dissect_ber_null() isn't passed a hf_id.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15797
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Wed, 14 Sep 2005 16:06:11 +0000 (16:06 +0000)]
Allow dissection of dcerpc of short frames instead of aborting as soon as it is detected the pdu is "short"
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15796
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Wed, 14 Sep 2005 16:04:59 +0000 (16:04 +0000)]
for octet strings that span beyond the end of a "short" tvb, create a new subset tvb of what we have and use that instead of bailing out completely.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15795
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Wed, 14 Sep 2005 16:02:54 +0000 (16:02 +0000)]
when we have raw keberos inside the spnego blob, pass it as is over to
the kerberos dissector and do not strip the ber tag and lengths off
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15794
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 14 Sep 2005 08:59:41 +0000 (08:59 +0000)]
Have cf_retap_packets() take an argument that indicates whether to
generate columns; use cf_retap_packets instead of cf_redissect_packets()
when running taps (the general flow graph stat uses the Info column).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15793
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 14 Sep 2005 02:07:20 +0000 (02:07 +0000)]
fix #388: add /desktopicon and /quicklaunchicon command line options to the NSIS installer
update the User's Guide accordingly
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15792
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 23:46:42 +0000 (23:46 +0000)]
Move "Expert Info" from "Statistics" to "Analyze" menu item.
*significantly* improve performance (100000 infos from ~5min to 25sec!)
Add a simple severity based filter mechanism.
replace // style comments by /**/
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15791
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 19:01:08 +0000 (19:01 +0000)]
Turn around the sequence of PATH, so the former PATH will be in front of the newly added things.
This way, the cygwin link.exe command will be behind the link.exe from MSVC.
Also added a definition of the docbook dir, floating around in my personal file for a while. This will be needed if the User's Guide is included in the NSIS installer later.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15790
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Tue, 13 Sep 2005 19:01:01 +0000 (19:01 +0000)]
In smb_trans_defragment(), throw an exception if we encounter a too-large
fragment size. The limit is conservatively set at 65536 bytes. It may
have to be increased. Fixes bug 421.
Add an entry to the release notes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15789
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 18:45:52 +0000 (18:45 +0000)]
implement a way to add menu items to the "Analyze" menu
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15788
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 18:42:12 +0000 (18:42 +0000)]
don't crash with a NULL pointer exception, if "do not decode as" is used
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15787
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 18:40:58 +0000 (18:40 +0000)]
add to the protocol item a short description what a "Short Frame" is
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15786
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 18:39:26 +0000 (18:39 +0000)]
increment index of IID's in COL_INFO
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15785
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 18:38:19 +0000 (18:38 +0000)]
use the same name for menu item and dialog box title, use the right capitalization for both
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15784
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 16:56:28 +0000 (16:56 +0000)]
Get application ID from the packet.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15783
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 16:48:13 +0000 (16:48 +0000)]
From Peter Johansson
PATH contents one had before starting the build, that PATH is added to the new PATH variable 5 additional times
instead of 1.
I have made changes (supplied) to config.nmake that takes care of this
problem.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15782
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 13 Sep 2005 08:03:16 +0000 (08:03 +0000)]
don't simply remove the expert_info output at BoundsError, but add the comment from Guy why this (usually) isn't a bug (because of a short snapshot length).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15781
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 05:05:19 +0000 (05:05 +0000)]
From Ankur Aggarwal:
First phase of testing revealed the following errors
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15780
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 05:00:17 +0000 (05:00 +0000)]
From Stefan Metzmacher
Some updates to the winsrepl-dssector to add COL_INFO strings...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15779
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 04:53:36 +0000 (04:53 +0000)]
From Alejandro Vaquero.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15778
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 13 Sep 2005 04:51:49 +0000 (04:51 +0000)]
From Piros Lucian:
A new dissector - cimd dissector. CIMD stands for Computer Interface to Message Distribution and it's used to transfer short messages between applications and Nokia Short Message Service Center.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15777
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Sep 2005 04:00:47 +0000 (04:00 +0000)]
Move the definition of GNUC_FORMAT_CHECK() to its own header, use it in
column-utils.h, and add it to expert.h, so we check the arguments to
"expert_add_info_format()", at least if the format argument is a
constant string.
Fix some more calls to "expert_add_info_format()" to pass it a format
string.
Don't record BoundsError exceptions as expert events - they merely
reflect a capture done with a snapshot length too short to capture all
of the packet (any case where it's caused by something else is a bug).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15776
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Sep 2005 02:39:37 +0000 (02:39 +0000)]
Don't pass an arbitrary string from a packet to a routine expecting a
format string - the arbitrary string might contain "%" characters, so
the routine might then fetch arbitrary junk and try to use it as, for
example, a string pointer.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15775
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 13 Sep 2005 00:50:43 +0000 (00:50 +0000)]
Convert some more "tvb_memcpy()"s fetching IPv4 and IPv6 addresses to
calls to "tvb_get_ipv4()" and "tvb_get_ipv6()".
Fix a call in the BGP dissector to properly fetch an IEEE floating-point
number.
Update some I-D info.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15774
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 21:01:25 +0000 (21:01 +0000)]
Ignore files generated from dtd_grammar.lemon, dtd_parse.l, and
dtd_preparse.l.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15773
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Mon, 12 Sep 2005 20:10:44 +0000 (20:10 +0000)]
When jumping (e.g. using menu item Go/Go to Packet...) to a new packet which is currently not displayed, this newly selected packet will become the first in the packet list.
This is inconvenient, as most of the time (at least) I'm interested not only in the packets behind the newly selected one, but also to have some history *before* it.
So this change will scroll the packet list to have the selected packet after the first third of the packet list.
This change won't take effect if the new packet is already visible (only the selection is changed) or it's near the beginning or end of the packet list (so the whole beginning/end of the list is shown).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15772
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Mon, 12 Sep 2005 20:02:58 +0000 (20:02 +0000)]
add number of defragmented bytes to the expert info output
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15771
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 19:50:45 +0000 (19:50 +0000)]
Get rid of "dtd_grammar.out" on a "make distclean".
Get rid of all the Flex-generated (and Lemon-generated) files on a
"nmake -f Makefile.nmake distclean".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15770
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 19:32:35 +0000 (19:32 +0000)]
Add a header file to declare routines defined in lexer and used in
parser, or vice versa.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15769
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 15:54:20 +0000 (15:54 +0000)]
Again, "g_strdown()" doesn't return a value in GLib 1.2[.x].
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15768
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 07:55:14 +0000 (07:55 +0000)]
"g_strdown()" doesn't return a value in GLib 1.2[.x]; don't depend on it
doing so.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15767
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 07:44:11 +0000 (07:44 +0000)]
The previous checkin for packet-isup.c was accidentally checked in along
with some unrelated changes; it got rid of some calls to get IPv4/IPv6
addresses and add them to the protocol tree, replacing them with
proto_tree_add_item() calls, and fixed up the length of one protocol
tree item.
Note that we have (at least) three count 'em three different routines
for dissecting/displaying NSAPs (there might be more - I might have
missed some), and suggest that we might want to reduce that to one.
Update the URL for ICP values for IPv{4,6} addresses inside NSAPs.
Fix the offset in the call to add the IPv6 address part of an NSAP
containing such an address, and the length in the call adding the DSP
for an NSAP containing an IPv4 address.
Fix up indentation a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15766
f5534014-38df-0310-8fa8-
9805f1628bb7
tuexen [Mon, 12 Sep 2005 06:24:02 +0000 (06:24 +0000)]
In now supports also:
- http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctpimpguide-15.txt
- http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-addip-sctp-13.txt
- http://www.ietf.org/internet-drafts/draft-stewart-sctp-pktdrprep-02.txt
- http://www.ietf.org/internet-drafts/draft-ietf-tsvwg-sctp-auth-01.txt
- http://www.ietf.org/internet-drafts/draft-ladha-sctp-nonce-02.txt
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15765
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 12 Sep 2005 06:21:35 +0000 (06:21 +0000)]
Don't collide with the "regular" IPv6 defintions in at least some
platforms in ipv6-utils.h.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15764
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Mon, 12 Sep 2005 00:29:19 +0000 (00:29 +0000)]
fix fault defragmentation the same way as in the request/response path
Unfortunately, I don't have a capture file to test this...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15763
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Mon, 12 Sep 2005 00:16:57 +0000 (00:16 +0000)]
fix reassembling problem I've introduced yesterday, by using fragment_add_seq_next() function instead of fragment_add()
in addition, I had to implement fragment_get_reassembled() in addition to fragment_get(), which works with reassembled_table
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15762
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Sep 2005 22:31:36 +0000 (22:31 +0000)]
Fix a typo.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15761
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Sep 2005 22:25:33 +0000 (22:25 +0000)]
Frame numbers are unsigned, and they start at 1; 0 is what's used for
"unknown" for frame numbers. Note that in epan/frame_data.h, and make
the frame number in experts unsigned, and use 0 for "unknown", and
display it as an unsigned number - and, if it's 0, don't display it at
all.
Fix the signature of "expert_dlg_draw()" to match what a tap's draw
routine's signature is expected to be.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15760
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Sep 2005 22:19:41 +0000 (22:19 +0000)]
Add some braces to squelch a compiler warning.
Fix up indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15759
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 11 Sep 2005 21:25:37 +0000 (21:25 +0000)]
Replace tvb_memcpy() calls that extract IPv4 addresses into a guint32,
and that extract IPv6 addresses into a "struct e_in6_addr", with
tvb_get_ipv4() and tvb_get_ipv6() calls - except for some that we
remove, by using proto_tree_add_item(), rather than replacing.
Have epan/tvbuff.h include epan/ipv6-utils.h, to define "struct
e_in6_addr" (not necessary to declare the tvbuff routines, but including
it there means "struct e_in6_addr" is guaranteed to be defined before
those declarations, so we don't get compiler complaints if we define it
*after* those declarations).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15758
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 11 Sep 2005 21:10:26 +0000 (21:10 +0000)]
rename fragment_add_dcerpc -> fragment_add_dcerpc_dg to avoid confusion a bit,
as connection oriented (cn) and connectionless (dg) DCE/RPC uses different ways to handle defragmentation and this function is only used for dg
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15757
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 11 Sep 2005 21:10:20 +0000 (21:10 +0000)]
Get rid of dependency on format-oid.h
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15756
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 11 Sep 2005 17:15:00 +0000 (17:15 +0000)]
some things fixed, leftover from code cleanup (thanks to the buggy MSVC dependencies)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15755
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 11 Sep 2005 16:55:34 +0000 (16:55 +0000)]
I'm adding the "Expert Info" prototype now, as it seems to be in a state where others might have a look and probably already find it useful :-). Anyway, we can easily disable it at one or two places in the code if it get's in our way of a new release.
Please see: http://wiki.ethereal.com/Development/ExpertInfo for a complete overview of the intended feature and it's current state of implementation.
While I'm working on this, I've also added some more status result codes to the DCE/RPC and DCOM dissectors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15754
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 10 Sep 2005 19:43:41 +0000 (19:43 +0000)]
Add "tvb_get_ipv4()" and "tvb_get_ipv6()" addresses, to fetch IPv4 and
IPv6 addresses. Use "tvb_get_ipv4()" in the WINS Replication dissector,
so that it gets the right answer on little-endian *AND* big-endian
machines.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15753
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 10 Sep 2005 19:39:56 +0000 (19:39 +0000)]
In "dissect_sip()", return 0 if "dissect_sip_common()" returns a
negative value, so we reject the packet as "not SIP".
Add a "dissect_sip_tcp_heur()" that's heuristic - it'll return FALSE if
the first packet doesn't look like SIP, but once it's dissected one
packet it'll just treat subsequent SIP packets as continuations if they
don't look right.
Clean up indentation a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15752
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 18:59:02 +0000 (18:59 +0000)]
propperly handle the errors when loading a file fails.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15751
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 18:46:03 +0000 (18:46 +0000)]
don't use fgets() as MSVC does not implement it. use fgetc instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15750
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sat, 10 Sep 2005 18:33:32 +0000 (18:33 +0000)]
fix MSVC slash/backslash and other such problems, now getting:
dtd_preparse.obj : error LNK2001: Nichtaufgeloestes externes Symbol _fgetln
MSVC doesn't support fgetln!
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15749
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 18:00:28 +0000 (18:00 +0000)]
Make sure lemon is built before trying to use it
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15748
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 17:55:16 +0000 (17:55 +0000)]
fix the dtd_grammar.c rule
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15747
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 17:47:02 +0000 (17:47 +0000)]
nmake does not have the $^ macro
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15746
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Sat, 10 Sep 2005 17:29:15 +0000 (17:29 +0000)]
the dtd parser (still missing the glue) and few fixes to packet-xml.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15745
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sat, 10 Sep 2005 15:11:21 +0000 (15:11 +0000)]
fix DCE/RPC defragmentation, if both middle and last DCE/RPC fragments are in the same TCP desegmented data blob
reassemble.c:
I had to change the way the reassemble code works if the dissector is telling that more fragments *will* follow. In this case the reassemble code shouldn't try to reassemble already at that time ...
I've also changed the way if a fragment was already seen or not, as it's not enough to check for the frame number, in the scenario described above.
Unfortunately both changes *might* broke other protocols from reassemble properly. I've checked with excessive TCP desegmentation and it's still working without any changes :-)
packet-dcerpc.c:
use a tvb subset to limit the "end of bytes" processed in a single fragment dissect run, as each fragment has it's own DCE/RPC header (and isn't part of the stub data of the previous packet).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15744
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Fri, 9 Sep 2005 21:04:19 +0000 (21:04 +0000)]
NSIS warning removed: the label "lbl_winpcap_dont_install" is currently unused
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15743
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Fri, 9 Sep 2005 19:46:57 +0000 (19:46 +0000)]
Dissect "nbs-9".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15742
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Fri, 9 Sep 2005 16:19:51 +0000 (16:19 +0000)]
Add some 3GPP AVP:s
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15741
f5534014-38df-0310-8fa8-
9805f1628bb7
kukosa [Fri, 9 Sep 2005 15:36:39 +0000 (15:36 +0000)]
- dissect_per_choice() creates now only one level tree insted of two levels tree
- dissect_per_choice() rewritten
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15740
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Sep 2005 08:40:58 +0000 (08:40 +0000)]
From Bill Meier:
define "timezone" as "gint16", as it can be positive (west of
UTC) or negative (east of UTC);
update comments to refer to the new names for structure members;
say the precision of the time stamps is 1 nanosecond only if the
ticks per second is > 10 million;
fix the handling of files truncated exactly on a frame boundary.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15739
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Sep 2005 08:29:10 +0000 (08:29 +0000)]
From Didier Gautheron: pass error replies to the tap.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15738
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Sep 2005 08:20:16 +0000 (08:20 +0000)]
Update new RSVP host list and conversation stats to match recent changes
to the way command-line arguments and menu items for stats are done.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15737
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 9 Sep 2005 08:11:47 +0000 (08:11 +0000)]
Don't handle the ETHEREAL_STOCK_CAPTURE_START button if we don't have
libpcap - ETHEREAL_STOCK_CAPTURE_START isn't defined, and we can't
capture in any case, so we don't need that button.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15736
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Fri, 9 Sep 2005 00:22:37 +0000 (00:22 +0000)]
fix MSVC warning: sigcomp_state_hdlr.c(601) : warning C4101: 'partial_state_str' : unreferenced local variable
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15735
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 22:55:39 +0000 (22:55 +0000)]
the xml plugin was removed
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15734
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 22:51:12 +0000 (22:51 +0000)]
some content-types are now handled by xml
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15733
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Thu, 8 Sep 2005 21:36:40 +0000 (21:36 +0000)]
start with fdata->num = -1, so we don't have an uninitialised value while doing read_filter style dissection
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15732
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Thu, 8 Sep 2005 21:33:11 +0000 (21:33 +0000)]
(very minor) issue found while working on a new tap
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15731
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 21:21:05 +0000 (21:21 +0000)]
forgot the Id
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15730
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 21:18:58 +0000 (21:18 +0000)]
Let's migrate the xml dissector...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15729
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 21:14:24 +0000 (21:14 +0000)]
a new version of the xml dissector, look ma no lex!
mmh still missing the dtd parser...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15728
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 20:11:01 +0000 (20:11 +0000)]
fix the svn keywords and some comments that were out of date
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15727
f5534014-38df-0310-8fa8-
9805f1628bb7
lego [Thu, 8 Sep 2005 19:50:13 +0000 (19:50 +0000)]
an API for "bufferless" parsing of text tvbs
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15726
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 8 Sep 2005 15:01:16 +0000 (15:01 +0000)]
Fix more problems found by Steve Grubb, along with other changes:
Camel: Fix an off-by-one error. Don't alloc and free where it's not
needed. Remove an unused variable.
PPP and K12: Fix memory leaks.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15725
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Thu, 8 Sep 2005 12:39:02 +0000 (12:39 +0000)]
start making winsrepl into a new style dissector and use tcp_dissect_pdus()
also fix bugs 417 / 418
this dissector still needs to have heuristics to be added to it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15724
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Thu, 8 Sep 2005 10:12:12 +0000 (10:12 +0000)]
from M&Y Kaul
rename Wins to WINS
add some new decodes
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15723
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Thu, 8 Sep 2005 10:08:01 +0000 (10:08 +0000)]
from Michal & Yaniv Kaul
Updates to prettify the Bind ACK context handles
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15722
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Thu, 8 Sep 2005 09:42:19 +0000 (09:42 +0000)]
add description of the Windows installer command line parameters
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15721
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Thu, 8 Sep 2005 09:19:46 +0000 (09:19 +0000)]
set the window title of the Win32 debug console
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15720
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 7 Sep 2005 22:00:25 +0000 (22:00 +0000)]
close the capture interfaces dialog if the user pressed "Capture" or "Prepare"
this dialog is live capturing from all "known" interfaces while it's open, so huge system load is generated, which is not preferred while doing a real capture.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15719
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 7 Sep 2005 21:47:51 +0000 (21:47 +0000)]
don't wait for a keypress if this is a capture child. This was very annoying, as stopping a capture seems to freeze Ethereal, but it simply waits for a keypress on the capture_child's console window.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15718
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Wed, 7 Sep 2005 20:50:03 +0000 (20:50 +0000)]
MSVC don't like empty structs, add a dummy element to rsvp_session_ipv6_info
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15717
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 7 Sep 2005 20:49:16 +0000 (20:49 +0000)]
Add Valgrind core files to CLEANFILES.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15716
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 7 Sep 2005 20:09:40 +0000 (20:09 +0000)]
Add bounds checking in several places to the SigComp UDVM. Use memset()
instead of while loops to initialize variables. Use a define instead
of magic numbers. Don't use guint8s for counters. Add a corresponding
entry to the release notes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15715
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Wed, 7 Sep 2005 19:52:44 +0000 (19:52 +0000)]
From Manu Pathak
Make RSVP tappable
add hostlist and conversation listing for RSVP conversations
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15714
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 7 Sep 2005 15:40:59 +0000 (15:40 +0000)]
If dissect_ber_octet_string() gives us a null tvb, assume we have a malformed
packet and throw an exception. Don't pass the null tvb to tvb_length().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15713
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 7 Sep 2005 13:59:10 +0000 (13:59 +0000)]
Add patterns to svn:ignore.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15712
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Wed, 7 Sep 2005 13:29:44 +0000 (13:29 +0000)]
From Metze with minor changes.
New protocol
NBNS Replication support
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15711
f5534014-38df-0310-8fa8-
9805f1628bb7