sharpe [Wed, 22 Dec 2004 02:40:33 +0000 (02:40 +0000)]
Add a dissection for the GET_NETWORK_FILE_OPEN_INFO and make some stuff that
we do in several places into a subroutine. We need to do it also with the
4-byte time stamps that are dissected all over the place.
I had thought that that last unknown in the returned structure might be
a count of the number of clients that have the file open, but a simple test
suggests that that is not the case.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12812
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 22 Dec 2004 01:51:00 +0000 (01:51 +0000)]
In the "rdconvertXXXtostr()" routines, check that the length passed in
is >= 0 (if it's not, that's a bug), and make the buffer index and total
length variables int as well, to match the length.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12811
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 22 Dec 2004 01:42:54 +0000 (01:42 +0000)]
Move the RADIUS_TIMESTAMP, RADIUS_INTEGER4_TAGGED, and RADIUS_UNKNOWN
case branches up, so the case branches are in the same order as the
elements of the enum are, and add length checks to RADIUS_TIMESTAMP and
RADIUS_INTEGER4_TAGGED.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12810
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 22 Dec 2004 00:30:39 +0000 (00:30 +0000)]
Properly declare a variable as volatile, as the longjmp done by the
exception mechanism might clobber it otherwise.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12809
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 22 Dec 2004 00:23:55 +0000 (00:23 +0000)]
Add some checks to make sure the AVP length is large enough for the item
we're fetching from the AVP.
In the case of a tagged string, if the length is 2 (meaning the data
length is 0), assume there's no tag.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12808
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 21 Dec 2004 23:26:01 +0000 (23:26 +0000)]
Fix one comment, and put in another one giving a note about where you
can get the protocol specs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12807
f5534014-38df-0310-8fa8-
9805f1628bb7
obiot [Tue, 21 Dec 2004 21:17:44 +0000 (21:17 +0000)]
From Victor Stratan: GSM SMS fixes:
- Corrected incorrect Timezone output due to byte overflow.
- Added descriptions for address string decoding.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12806
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 21 Dec 2004 20:36:50 +0000 (20:36 +0000)]
Use "format_text()" on strings, to better handle non-printable
characters.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12805
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 21 Dec 2004 20:03:47 +0000 (20:03 +0000)]
Put the strings for the X-Mms-Previously-Sent-By header under the MMSE
tree rather than at the top level.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12804
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 21 Dec 2004 19:28:48 +0000 (19:28 +0000)]
Make the array for the "setup method" for RTP, RTCP, and T.38
conversations large enough to hold the maximum setup method size plus a
trailing '\0'. Make the maximum setup method size 7, so that when the
trailing '\0' is included the total array length is a power of 2. (The
longest string currently used is "Skinny", which fits in 7 characters).
This fixes problems in the RTP and RTCP dissectors similar to the one
found in the T.38 dissector.
Undo the previous change to packet-t38.c, as it's now safe to store in
method[MAX_T38_SETUP_METHOD_SIZE], because the array now has
MAX_T38_SETUP_METHOD_SIZE+1 characters.
(Should we use "strlcpy()", and supply our own "strlcpy()" if the system
and/or C library doesn't supply it? Its semantics are a bit cleaner
than those of the "strncpy()"/null-terminate idiom, perhaps making it
less likely that mistakes of this sort will be made.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12803
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Tue, 21 Dec 2004 17:05:14 +0000 (17:05 +0000)]
from metze
make ethereal handle gss-api encrypted ldap blobs
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12802
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Tue, 21 Dec 2004 16:44:11 +0000 (16:44 +0000)]
abs_time_to_str() returns a staticly allocated string. dont g_free() it.
fix two instances of wrong parameter list to proto_tree_add_string_format()
if we call proto_tree_string() the hf field has to be of a string format as well.
now it dissects christophe's capture without dumping core but it looks weird.
mmse and telco people can read the specs and find ut what it wrong.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12801
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Tue, 21 Dec 2004 13:18:08 +0000 (13:18 +0000)]
Abhijit Menon-Sen:
- Make port configurable via prefs
- Highlight keywords in addition to values in hexpane
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12800
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Tue, 21 Dec 2004 12:30:24 +0000 (12:30 +0000)]
Giles Scott: Add Wlan tap
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12799
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Tue, 21 Dec 2004 12:26:43 +0000 (12:26 +0000)]
Small Whitespacechange
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12798
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Tue, 21 Dec 2004 10:02:42 +0000 (10:02 +0000)]
Again, some warnings removed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12797
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Tue, 21 Dec 2004 03:50:14 +0000 (03:50 +0000)]
Fix an off-by-one error when terminating a string.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12796
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 20 Dec 2004 23:24:13 +0000 (23:24 +0000)]
Abhijit Menon-Sen: Postgres v3 support
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12795
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 20 Dec 2004 22:51:05 +0000 (22:51 +0000)]
Get rid of extra include of <string.h>.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12794
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Mon, 20 Dec 2004 22:29:24 +0000 (22:29 +0000)]
Removed some of the unix related warnings. I'll remove the remaining DCOM related ones in the next days, step by step (by looking at the buildbot output).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12793
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 20 Dec 2004 22:25:13 +0000 (22:25 +0000)]
Include <string.h> to declare various functions.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12792
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 20 Dec 2004 22:13:48 +0000 (22:13 +0000)]
Use "plurality()" rather than locally-defined "PLURALIZE()" macros, and
get rid of the definition of "PLURALIZE()" in modules that don't use it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12791
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Mon, 20 Dec 2004 16:15:29 +0000 (16:15 +0000)]
Remove an unneeded "ntohl()" call.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12790
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 20 Dec 2004 13:32:08 +0000 (13:32 +0000)]
At least in some cases some Marconi 2810 send packets with
the locally assigned flag set.
Update manuf, while I'm at it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12789
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 20 Dec 2004 10:56:25 +0000 (10:56 +0000)]
Add NL to last line
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12788
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 20 Dec 2004 10:49:12 +0000 (10:49 +0000)]
Found by Buildbot Solaris: isprint.h include only works on glib2 systems
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12787
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 20 Dec 2004 09:53:27 +0000 (09:53 +0000)]
Put in a stub "dissector" for LDAP_FILTER EXTENSIBLE, so we can at least
dissect packets containing that filter type.
Note that if a dissector for a particular operation fails, we should
stop dissecting rather than trying to dissect the controls.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12786
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 20 Dec 2004 08:44:10 +0000 (08:44 +0000)]
g_strescape only takes one parameter in glib 1.x
this makes ethereal compile for those of us that are not on the bleeding edge.
(gtk1 is much better anyway)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12785
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 20 Dec 2004 00:00:06 +0000 (00:00 +0000)]
- Diplay SSID in mangemntframes
- Display unprintable characters in SSID as '.' (SSID charaters
are of type octet, not alphanum).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12784
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 17:26:23 +0000 (17:26 +0000)]
removed some gcc warnings (hopefully)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12783
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 16:49:34 +0000 (16:49 +0000)]
add some IRemUnknown dissectors
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12782
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 16:30:25 +0000 (16:30 +0000)]
tweak some comments
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12781
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 16:29:08 +0000 (16:29 +0000)]
add dissection of RemoteActivation method
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12780
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 16:13:05 +0000 (16:13 +0000)]
add a lot of dissect stuff to the OXID resolver, moved some details of the DUALSTRINGARRAY to packet-dcom.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12779
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 16:04:09 +0000 (16:04 +0000)]
bugfix: remove empty line, probably caused by eol confusion
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12778
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 14:08:03 +0000 (14:08 +0000)]
renamed all DCOM related interface dissectors from packet-dcerpc-... to packet_dcom_... and add DCOM IDispatch dissector (incomplete, but better than nothing... ;-)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12777
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 13:46:09 +0000 (13:46 +0000)]
(on behalf of the PROFIBUS Nutzerorganisation e.V. Deutschland):
another part of the PROFINET dissectors (PN-CBA, including a lot of generic DCOM dissection) still some work to be done ...
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12776
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Sun, 19 Dec 2004 10:30:33 +0000 (10:30 +0000)]
Merge dissection of EndpointMapper interfaces of version 3 and 4 into one file, as the dissection of both interface versions are (currently) identical. (Jaime, could you please check, if EPM4 dissection is still working well?)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12775
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 19 Dec 2004 07:18:04 +0000 (07:18 +0000)]
add detection to TCP Analysis to detect and flag segments that will completely fill the window advertized from the other side.
I.e. when a segment is seen that would (as far as ethereal can tell from the ACKs it has seen in the other direction) fill the window completely.
It is similar to but not exactly the same as the XeroWindow detection since there are many instances where ZeroWindow detection would not work (i.e. an ACK where win==0 since many many situations occur where the window is full but no zerowindowack is ever generated)
Someone that has good english could, please, update the Wiki with this option.
It is very very useful to spot performance issues where the tcp window size is too small to accomodate the enmd-to-end latency.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12774
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 19 Dec 2004 04:10:05 +0000 (04:10 +0000)]
abort trying to dissect ldap controls if the header doesnt look right.
it will not solve the problem in the c06- testmenageri capture that
contains unknown types of ldap commands but it will at least
stop the ldap controls dissector from dumping core.
someone interested in ldap might want to look at those "unknown ldap packets"
in the trace.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12773
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 19 Dec 2004 04:04:49 +0000 (04:04 +0000)]
Giles Scott: Port weak key detection from Airsnort
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12772
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 19 Dec 2004 03:30:46 +0000 (03:30 +0000)]
mark some fields as GENERATED fields
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12771
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 19 Dec 2004 03:19:53 +0000 (03:19 +0000)]
the mid values in smb are too unreliable for request/response matching since they wrap so quickly.
This has the effect that if you have a capture file with a hole in it, sa say when snoop or similar stops capturing packets for a while while writing the data to disk you often end up with a packet just after the hole that is a response packet and which ethereal mistakenly matches with a request/response from before the hole.
now, when the first response is seen to a request remove the entry from the unmatched table so that no other response can match the same request.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12770
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 18 Dec 2004 22:09:06 +0000 (22:09 +0000)]
make ndmp use tcp_dissect_pdus()
so that it will track pdu boundaries properly
not tracking pdu boundaries caused pain since it would miss too many
commands
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12769
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 17 Dec 2004 20:42:35 +0000 (20:42 +0000)]
Remove debugging output.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12768
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 17 Dec 2004 20:41:14 +0000 (20:41 +0000)]
Work around a bug in the strftime() code in the Windows version of Perl.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12767
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 17 Dec 2004 19:27:46 +0000 (19:27 +0000)]
When the LMP dissector rejects a packet because it {is, isn't} UDP, let
some other dissector have it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12766
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 17 Dec 2004 19:14:24 +0000 (19:14 +0000)]
From Stefan Metzmacher: basic decoding for LDAP Controls.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12765
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 17 Dec 2004 10:09:32 +0000 (10:09 +0000)]
Don't start up a splash screen if "-G" is specified, even if we weren't
configured with libpcap support.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12764
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Thu, 16 Dec 2004 19:36:23 +0000 (19:36 +0000)]
Patch for Mate Plugin.
From Luis Ontanon:
- moves mate configuration from proto_register to proto_register_handoff
- add the config file protocol preference
- every item (gop,gog,pdu) has it's own ett
- the tap doesn't do nothing, it just primes the tree
- analyze_frame() what once was the tap now is called by the dissector
- should work with tethereal now (to be tested)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12763
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 16 Dec 2004 19:06:52 +0000 (19:06 +0000)]
From Thomas Boehne: Fix the version.conf status message and improve code
readability.
Fix a bug in my previous checkin, so that svnversion.h will be created
even when the ".svn/" directory isn't present.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12762
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 15 Dec 2004 17:50:11 +0000 (17:50 +0000)]
From Yaniv Kaul: add the CCM_POST method.
Tweak indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12761
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 15 Dec 2004 09:25:48 +0000 (09:25 +0000)]
From Peter Johansson: "template" conversations - if one is recognized,
the template is left around, and a new conversation is created with
the wildcards in the template un-wildcarded.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12757
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 15 Dec 2004 09:10:07 +0000 (09:10 +0000)]
From Yaniv Kaul: DCERPC-over-HTTP(!) support. (But why didn't whoever
came up with that not go whole hog and implement RFC 3093?)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12756
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 15 Dec 2004 04:25:22 +0000 (04:25 +0000)]
Add a "pkg_format" option, which is used to format the AM_INIT_AUTOMAKE
macro in configure.in and the VERSION macro in config.nmake.
Add a "-p/--package-version" command-line flag, which is used to set the
package version.
Add a "%#" format string code, which substitutes the SVN revision number.
Running "make-version.pl -p" will append "-SVN-xxxxx" to Ethereal's
version strings, including the automake tarball and NSIS installer names.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12755
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Tue, 14 Dec 2004 13:41:36 +0000 (13:41 +0000)]
Fix the following gcc-4 error:
==============
packet-ocsp.c:191: error: static declaration of 'Version_vals' follows non-static declaration
packet-x509af.h:39: error: previous declaration of 'Version_vals' was here
packet-ocsp.c: In function 'dissect_ocsp_T_response':
packet-ocsp.c:398: warning: pointer targets in passing argument 5 of 'dissect_ber_identifier' differ in signedness
packet-ocsp.c:398: warning: pointer targets in passing argument 7 of 'dissect_ber_identifier' differ in signedness
make[4]: *** [packet-ocsp.lo] Error 1
==============
This fix is in the generated file only - please fix in the right
source file too.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12751
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 14 Dec 2004 08:20:32 +0000 (08:20 +0000)]
From Victor Stratan: correct offset calculation and add TP-PID decoding
in SMS-SUBMIT-REPORT decoding based on 3GPP TS 23.040 V6.5.0 9.2.3.11.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12750
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 14 Dec 2004 08:15:13 +0000 (08:15 +0000)]
In the "PPP in HDLC-Like Framing" items, consider the starting delimiter
part of the packet's data.
If a packet has a starting and ending frame delimiter - i.e., the
delimiter at the end is followed by another delimiter - consider the
ending delimiter part of the first packet's raw data.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12749
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 13 Dec 2004 22:19:03 +0000 (22:19 +0000)]
Don't display the end delimiter as a fragment and change the bytes higligted with "PPP DATA" to exclude
the delimiters(or shold they both be included?)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12748
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Mon, 13 Dec 2004 21:35:59 +0000 (21:35 +0000)]
Update Xplugin_table.h, too. (Just by regenerating the X-files of the plugin api)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12747
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 21:11:13 +0000 (21:11 +0000)]
change some signatures for some ber helpers from unsigned to signed
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12746
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 12:53:35 +0000 (12:53 +0000)]
get rid of some asn2eth warnings for x509ce
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12745
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 12:43:48 +0000 (12:43 +0000)]
remove some asn2eth warnings
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12744
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 11:59:48 +0000 (11:59 +0000)]
change the incorrect BER_UNI_TAG_TeletextString into BER_UNI_TAG_TeletexString
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12743
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 11:51:20 +0000 (11:51 +0000)]
remove some asn2eth warnings
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12742
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 13 Dec 2004 10:10:51 +0000 (10:10 +0000)]
Add a protocol layer for the raw byte stream for PPP in HDLC-like
framing, and put the raw packet and fragment data at that layer.
Add a common routine to dissect un-escaped PPP data that might have 0xff
0x03, and use it both for the raw PPP in HDLC-like framing and for
processing un-escaped data.
Check for an escape byte not followed by another byte (e.g., because the
packet is too short).
Handle the case where a chunk of that raw byte data doesn't begin with
0x7e, but starts with cruft from a previous PPP packet split across
lower-level packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12741
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 08:15:34 +0000 (08:15 +0000)]
update of the asn2eth compiler to use the types ber_[choice|sequence]_t instead of ber_[choice|sequence]
regenerated all dissectors
fixed the choice/sequence struct to use unsigned entities for class and tag
(to reduce some compiler warning and because it should be signed quantities)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12740
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 05:31:58 +0000 (05:31 +0000)]
yet another GeneralizedTime change
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12739
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 04:36:01 +0000 (04:36 +0000)]
yet another plugin update for GeneralizedTime
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12738
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Mon, 13 Dec 2004 03:40:45 +0000 (03:40 +0000)]
rename generalized_time to the new name GeneralizedTime in the plugin directory.
I didnt notice it since i never comple with plugins.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12737
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 13 Dec 2004 01:34:35 +0000 (01:34 +0000)]
Get rid of an unused parameter.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12736
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Sun, 12 Dec 2004 23:40:44 +0000 (23:40 +0000)]
Update for Mate from Luis Ontanon:
- make rd static (no purpose for it to be global)
- remove outdated comments
- add "PduCriteria" feature (as already stated in the wiki)
- add "DiscardUnassignedPdu" feature (as already stated in the wiki)
- removed ".Id" from abbrev for "mate.item_name"
- in radius.mate: Don't use the port to determine the Gop key.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12735
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 23:33:40 +0000 (23:33 +0000)]
some cmip updates to handle m-Action and m-Action-confirmed
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12734
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 22:59:43 +0000 (22:59 +0000)]
make the unknown_ber helper try to dissect NumericString and ENUMERATED when it encounters them
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12733
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 22:47:24 +0000 (22:47 +0000)]
update the helper for BER GeneralizedTime to handle implicit tag and update all dissectors using GeneralizedTime
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12732
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 22:19:00 +0000 (22:19 +0000)]
update to the ber CHOICE helper to make it handle (i hope) a CHOICE inside a CHOICE properly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12731
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Dec 2004 20:28:18 +0000 (20:28 +0000)]
Dissect PPP messages of ethertype 0x8881
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12730
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Sun, 12 Dec 2004 17:59:01 +0000 (17:59 +0000)]
Update the declaration of dissect_ber_integer() in the plugin api
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12729
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Sun, 12 Dec 2004 16:58:59 +0000 (16:58 +0000)]
Fixes for Mate Plugin:
As suggested by Martin Regner:
- Use strtod() instead of strtof()
From Luis Ontanon:
- changes the id of mate items to be integer (the old string ID
imposed a lenght limit and as mate fileds had become dynamic it makes
no more sense anymore)
- fixes a huge avp leak on reinit (every avp object was leaked when a
new file was loaded)
- adds the "Lib" AVP to the Action=Include AVPL to include definitions
>from matelib
- rename mate.[dll/so] to zzmate.[dll/so] so it gets initialized as
the very last protocol (so that fields from every dissector can be
used).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12728
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sun, 12 Dec 2004 16:46:09 +0000 (16:46 +0000)]
Add IMSI to the tree if it's built.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12727
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 12 Dec 2004 15:22:41 +0000 (15:22 +0000)]
Build with ssl and kerberos
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12726
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 01:29:21 +0000 (01:29 +0000)]
minor updates, get rid of temporary files during dissection
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12725
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 01:14:03 +0000 (01:14 +0000)]
updates from tomas and anders
create some missing makefiles for autogenerated dissectors
finish the transition to the new ber integer dissetor helper signature
and regenerate all ber dissectors
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12724
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 00:24:21 +0000 (00:24 +0000)]
remove the function with the old signature for ber integer dissection
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12723
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 00:20:49 +0000 (00:20 +0000)]
i couldnt find the source to this one so i changed the autogenerated one. switch to use the new signature for ber integer dissection
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12722
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 00:17:15 +0000 (00:17 +0000)]
update gsmmap to use the new signature for the ber integer dissection helper
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12721
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 00:12:23 +0000 (00:12 +0000)]
move kerberos over to use the new signature for ber integer dissection helper
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12720
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 12 Dec 2004 00:09:05 +0000 (00:09 +0000)]
update h248 to use the new integer dissector phasing out useage ofg the old dissector so we later can switch over.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12719
f5534014-38df-0310-8fa8-
9805f1628bb7
obiot [Sat, 11 Dec 2004 23:47:12 +0000 (23:47 +0000)]
From Victor Stratan:
GSM SMS fixes:
- Made Timezone view human readable based on 3GPP TS 23.040 V6.5.0 (9.2.3.11).
- TP-UDHI field - located within bit no 6 one more place was left over from
previous patch by Viorel Suman made on 9 Dec 2004.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12718
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 11 Dec 2004 23:15:25 +0000 (23:15 +0000)]
Fix another lengt issue, and comment out some other faulty code - to tired to fix it now.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12717
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Sat, 11 Dec 2004 01:00:17 +0000 (01:00 +0000)]
New Plugin from Luis Ontanon:
MATE -- Meta Analysis and Tracing Engine
Won't be compiled by default.
It is still not possible to link the plugin on Win32.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12716
f5534014-38df-0310-8fa8-
9805f1628bb7
lroland [Sat, 11 Dec 2004 00:13:27 +0000 (00:13 +0000)]
Add functions to the old and the new plugin api for the MATE Plugin.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12715
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Fri, 10 Dec 2004 17:26:11 +0000 (17:26 +0000)]
Don't add the length twice if tree is built.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12713
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 10 Dec 2004 16:14:08 +0000 (16:14 +0000)]
PacketCable byte view highlighting was offset 4 bytes for many tree view items.
Fix the offset.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12712
f5534014-38df-0310-8fa8-
9805f1628bb7
ulfl [Fri, 10 Dec 2004 15:18:29 +0000 (15:18 +0000)]
add dissection of PN-IO IOxS field (should removed the gcc warning), some more code cleanup
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12711
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 10 Dec 2004 11:20:48 +0000 (11:20 +0000)]
Get rid of C++/C99-style comments - not all C compilers accept them.
Fix some indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12710
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 9 Dec 2004 23:25:01 +0000 (23:25 +0000)]
The PacketCable MM code was displaying the secondary record keeping server
IP address where it should have displayed the CCC ID.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12708
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 9 Dec 2004 22:17:50 +0000 (22:17 +0000)]
From Brian Caswell:
The ACL parser will attempt to decode as many ACE structures as are
specified in the ACL structure. If the number of ACE structures is
sufficiently large with one of the ACE structures specifying a size of
0, then the ACL parser will parse that ACE structure repeatedly,
eventually causing a denial of service to Ethereal.
I've attached a diff against HEAD that corrects the problem. The diff
also corrects a few decoding errors in the NT ACL & ACE structures. A
pcap is attached that reproduces the problem.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12706
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 9 Dec 2004 21:58:45 +0000 (21:58 +0000)]
Remove a duplicate entry.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12704
f5534014-38df-0310-8fa8-
9805f1628bb7
obiot [Thu, 9 Dec 2004 21:50:27 +0000 (21:50 +0000)]
From Viorel Suman.
Various GSM SMS fixes:
- Wrong positions of the fields, located within the first octet
of the GSM SMS TPDU.
- One byte is skipped during RP-ERROR vs. RP-ACK detecting:
Offset must be increased only when RP-ERROR is detected in
order to avoid one byte skipping.
- Improper dissect method is used to dissect SMS-DELIVER-REPORT.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12703
f5534014-38df-0310-8fa8-
9805f1628bb7