16 years agoFrom Olivier Biot: fix WTP sub-PDU size presentation in the protocol
guy [Thu, 8 May 2003 18:49:20 +0000 (18:49 +0000)]
From Olivier Biot: fix WTP sub-PDU size presentation in the protocol
tree (display size in decimal instead of the highlighted bytes).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7653 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThe authentication data field in "simple password" authentication is 64
guy [Thu, 8 May 2003 10:16:31 +0000 (10:16 +0000)]
The authentication data field in "simple password" authentication is 64
bits, or 8 bytes; that means that, if it's to be interpreted as a
string, it should be extracted into an 8+1 byte buffer, leaving room for
a trailing '\0', and that means the buffer size argument to
"tvb_get_nstringz0()" should be 8+1 as well.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7652 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Biot:
guy [Thu, 8 May 2003 08:36:25 +0000 (08:36 +0000)]
From Olivier Biot:

* Add decoding of Basic authentication scheme for the Authorization
  and Proxy-Authorization headers, and create a summary line
  with proto_item_append_text().
* Update Warning header decoding: warn code mapping to warn text,
  and create a summary line with proto_item_append_text().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7651 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Stephen Shelley: the unit ID and function code fields in the Modbus
guy [Thu, 8 May 2003 00:42:28 +0000 (00:42 +0000)]
From Stephen Shelley: the unit ID and function code fields in the Modbus
header are unsigned - make them so.

While we're at it, make them "guint8" rather than "guchar", to make it
explicit that they're one byte long.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7650 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Biot: if we have PYTHON defined, use the Python script
guy [Thu, 8 May 2003 00:18:47 +0000 (00:18 +0000)]
From Olivier Biot: if we have PYTHON defined, use the Python script
rather than the shell script to make "register.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7649 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoWhoops - had that test reversed.
tpot [Wed, 7 May 2003 07:12:50 +0000 (07:12 +0000)]
Whoops - had that test reversed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7648 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't try and dissect a zero length NTLM response as a NTLMv2 response.
tpot [Wed, 7 May 2003 04:32:59 +0000 (04:32 +0000)]
Don't try and dissect a zero length NTLM response as a NTLMv2 response.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7647 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoParse a NTLMv2 response blob as documented in
tpot [Wed, 7 May 2003 04:07:45 +0000 (04:07 +0000)]
Parse a NTLMv2 response blob as documented in
http://ubiqx.org/cifs/SMB.html#8, para

Convert some magic numbers to constants in dissect_ntlmssp_address_list()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7646 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Yaniv Kaul: show MBZ flags as either OK if 0 or incorrect if not 0.
guy [Wed, 7 May 2003 03:00:32 +0000 (03:00 +0000)]
From Yaniv Kaul: show MBZ flags as either OK if 0 or incorrect if not 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7645 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDeclare "host_name_lookup_process()" regardless of whether HAVE_GNU_ADNS
guy [Mon, 5 May 2003 08:20:01 +0000 (08:20 +0000)]
Declare "host_name_lookup_process()" regardless of whether HAVE_GNU_ADNS
is defined (as it's defined, and called, regardless of whether
HAVE_GNU_ADNS is defined), and get rid of the extra declarations of the
ADNS support routines.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7644 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Yaniv Kaul: handle DNSSEC DO/OK bit in OPT pseudo-RR.
guy [Mon, 5 May 2003 08:14:31 +0000 (08:14 +0000)]
From Yaniv Kaul: handle DNSSEC DO/OK bit in OPT pseudo-RR.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7643 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Mark C. Brown:
guy [Mon, 5 May 2003 01:01:36 +0000 (01:01 +0000)]
From Mark C. Brown:

Following fixes for nettl (HP-UX):

1) Fixed 11.X timestamp issue
      there is no difference in 10.X/11.X timestamps, so no
      need to shift 11.X timestamps
2) Fixed NS_LS_DRIVER trace record handling
      now works rather than throwing "...network type that
      Ethereal doesn't support" error
3) Fixed handling of traces with sliced packets (nettl -m xx)
      now uses correct packet and capture lengths
4) Additional ethernet card support
      now handles btlan[1,3-6],gelan,igelan,intl100 driver
      trace records

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7642 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoProvide stub versions of "host_name_lookup_init()",
guy [Mon, 5 May 2003 00:53:06 +0000 (00:53 +0000)]
Provide stub versions of "host_name_lookup_init()",
"host_name_lookup_process()", and "host_name_lookup_cleanup()" if we
don't have GNU ADNS, so that Ethereal compiles without GNU ADNS.

Declare the argument lists of "host_name_lookup_init()" and
"host_name_lookup_cleanup()" as empty, C89-style, rather than as

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7641 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support for asynchronous DNS updates using the GNU ADNS library.
gerald [Sun, 4 May 2003 18:50:56 +0000 (18:50 +0000)]
Add support for asynchronous DNS updates using the GNU ADNS library.
Support can be enabled at configure time by using "--with-adns=DIR".
If support is enabled, async queries happen whenever host name resolution
is enabled.  Do we need a separate preference for async queries?

Currently, only IPv4 reverse queries are supported.  I can add IPv4 forward
lookup support, but I don't have any way to test IPv6 queries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7640 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdated the version 06 of the ID support to version 08. Therefore versions
tuexen [Sun, 4 May 2003 09:43:49 +0000 (09:43 +0000)]
Updated the version 06 of the ID support to version 08. Therefore versions
02 and 08 are now supported.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7639 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agofixed a bug in te handling of the message type field for version 06 of the ID.
tuexen [Sun, 4 May 2003 09:33:15 +0000 (09:33 +0000)]
fixed a bug in te handling of the message type field for version 06 of the ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7638 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoSNMP dissector enhancements:
deniel [Sat, 3 May 2003 15:23:15 +0000 (15:23 +0000)]
SNMP dissector enhancements:

- display OID in info column

- preference added to disable such a display

- add new function new_format_oid to retrieve both
  decoded and non decoded OID strings

- add OID display filter for both decoded and non decoded strings

- add Error Status display filter

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7637 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd a note about the "val_to_string_repr" and "string_repr_len" for
guy [Sat, 3 May 2003 01:11:29 +0000 (01:11 +0000)]
Add a note about the "val_to_string_repr" and "string_repr_len" for
ftypes, and how to add them to more types and use them in more places.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7636 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoRename "proto_alloc_dfilter_string()" to
guy [Sat, 3 May 2003 00:48:37 +0000 (00:48 +0000)]
Rename "proto_alloc_dfilter_string()" to
"proto_construct_dfilter_string()", to more accurately reflect what it

Give it, and "proto_can_match_selected()", an "epan_dissect_t *"
argument, which replaces the raw data pointer argument to

For fields that don't have a type we can directly filter on, we don't
support filtering on the field as raw data if:

the "epan_dissect_t *" argument is null;

the data source tvbuff for the field isn't the tvbuff for the
"epan_dissect_t" in question (i.e., it's in the result of a
reassembly, and "frame[N:M]" can't get at it).

Trim the length the raw data in the case of such a field to the length
of the tvbuff for the "epan_dissect_t" in question, so we don't go past
it.  Fetch the raw data bytes to match from that tvbuff.

Have "proto_construct_dfilter_string()" return a null pointer if it
can't construct the filter string, and have "protocolinfo_packet()" in
the tap-protocolinfo tap ignore a field if
"proto_construct_dfilter_string()" can't construct a filter string for
it - and have it pass NULL as the "epan_dissect_t *", for now.  If
somebody decides it makes sense to dump out a "frame[N:M] =" value for
non-registered fields, it can be changed to pass "edt".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7635 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Tony Schene: AUTH_GSSAPI support.
guy [Fri, 2 May 2003 21:58:23 +0000 (21:58 +0000)]
From Tony Schene: AUTH_GSSAPI support.

Replace "proto_item_set_len()" with "proto_item_set_end()", and get rid
of the "old_offset" variables the "proto_item_set_len()" calls required.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7634 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Greg Morris: change the endianness of CCFilehandle to match other
guy [Fri, 2 May 2003 21:26:47 +0000 (21:26 +0000)]
From Greg Morris: change the endianness of CCFilehandle to match other

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7633 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFinal changes for 0.9.12.
gerald [Fri, 2 May 2003 00:46:18 +0000 (00:46 +0000)]
Final changes for 0.9.12.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7631 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Jeff Morriss: clean up some column setting calls (as a result of
guy [Thu, 1 May 2003 21:42:56 +0000 (21:42 +0000)]
From Jeff Morriss: clean up some column setting calls (as a result of
the recent changes to use the column fence stuff?).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7630 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Jeff Morriss: fetch both bytes of the message type in V2 and V6
guy [Thu, 1 May 2003 21:38:43 +0000 (21:38 +0000)]
From Jeff Morriss: fetch both bytes of the message type in V2 and V6

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7629 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthijs Melchior: don't export functions also implemented as
guy [Thu, 1 May 2003 21:10:43 +0000 (21:10 +0000)]
From Matthijs Melchior: don't export functions also implemented as
macros, and do export "except_pop()" and "except_setup_try()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7628 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix up the name of NetWkstaUserEnum and add NetWkstaTransportEnum
sharpe [Thu, 1 May 2003 19:51:37 +0000 (19:51 +0000)]
Fix up the name of NetWkstaUserEnum and add NetWkstaTransportEnum

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7627 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Olivier Biot:
guy [Thu, 1 May 2003 18:18:20 +0000 (18:18 +0000)]
From Olivier Biot:

* Support correct processing of code page switches
* Provide a new datatype containing scarce array of
  const value_string arrays (value_valuestring)
  allowing an efficient support for WBXML code pages.
* Minor fix (XML PI was always decoded without
  mapping known tokens)
* Add support for decoding of more WBXML content
  types (SyncML 1.0, SyncML 1.1, CHANNEL 1.0, EMN 1.0).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7626 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Jim McDonough: add names for some additional SAM messages.
guy [Thu, 1 May 2003 18:11:20 +0000 (18:11 +0000)]
From Jim McDonough: add names for some additional SAM messages.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7625 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: set "patable.p_asn1_string_decode" to point to
guy [Thu, 1 May 2003 18:05:27 +0000 (18:05 +0000)]
From Lars Roland: set "patable.p_asn1_string_decode" to point to
"asn1_string_decode()", not to "asn1_octet_string_decode()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7624 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoSome more hacking to add NetWkstaTransportEnum recognition and fill in
sharpe [Thu, 1 May 2003 17:53:22 +0000 (17:53 +0000)]
Some more hacking to add NetWkstaTransportEnum recognition and fill in
the two holes with unknowns.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7623 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoBump the version number to 0.9.12. Make NEWS and ChangeLog current.
gerald [Thu, 1 May 2003 03:09:54 +0000 (03:09 +0000)]
Bump the version number to 0.9.12.  Make NEWS and ChangeLog current.

The next release will likely be tomorrow (May 1).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7622 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdded the OS/2 info levels. Now only go a few of the NT ones left. About 15.
sharpe [Thu, 1 May 2003 00:43:37 +0000 (00:43 +0000)]
Added the OS/2 info levels. Now only go a few of the NT ones left. About 15.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7621 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd some more info levels to the NetWkstaSetInfo stuff ...
sharpe [Thu, 1 May 2003 00:23:47 +0000 (00:23 +0000)]
Add some more info levels to the NetWkstaSetInfo stuff ...

It is actually dissected in common with both GetInfo and SetInfo, but we
should never see many of these info levels with GetInfo.

There are some more levels to do, esp some relevant to OS/2 etc ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7620 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoComplete the dissection of NetWkstaSetInfo, wheeee, this is fun, plonk.
sharpe [Wed, 30 Apr 2003 23:53:42 +0000 (23:53 +0000)]
Complete the dissection of NetWkstaSetInfo, wheeee, this is fun, plonk.

There are still some info levels that are not dissected, so I will fill
those in over the next few days, unless someone else gets to it first.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7619 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThe typedefs in plugins/plugin_table.h must have "addr_" in front of the
guy [Wed, 30 Apr 2003 23:40:43 +0000 (23:40 +0000)]
The typedefs in plugins/plugin_table.h must have "addr_" in front of the
function name; make it so.

Eliminate the duplicate entry for "except_throw" and the duplicate code
for it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7618 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThis is fun, write a small bit of code in VC++, and I get another one
sharpe [Wed, 30 Apr 2003 23:31:51 +0000 (23:31 +0000)]
This is fun, write a small bit of code in VC++, and I get another one
of the WKSSVC RPCs. Here we have NetWkstaSetInfo, but we don't know the
info levels as yet. However, it looks like lmwksta.h has all the info we

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7617 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIncorporate the AODV6 dissector into the AODV dissector (AODV6 appears
guy [Wed, 30 Apr 2003 23:21:19 +0000 (23:21 +0000)]
Incorporate the AODV6 dissector into the AODV dissector (AODV6 appears
to just be an extension to AODV - and the dissectors use the same port,
which doesn't work unless there's only one dissector).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7616 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix up the overlap checks in the fragment_add_seq functions for
guy [Wed, 30 Apr 2003 22:13:05 +0000 (22:13 +0000)]
Fix up the overlap checks in the fragment_add_seq functions for
fully-reassembled packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7615 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoCosmetic cleanup of the NetWkstaGetInfo info level 502 reply structure ...
sharpe [Wed, 30 Apr 2003 22:00:22 +0000 (22:00 +0000)]
Cosmetic cleanup of the NetWkstaGetInfo info level 502 reply structure ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7614 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoContinue decoding info_502 from NetWkstaGetInfo ... still some cosmetic
sharpe [Wed, 30 Apr 2003 21:29:06 +0000 (21:29 +0000)]
Continue decoding info_502 from NetWkstaGetInfo ... still some cosmetic
stuff to do :-)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7613 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDissect part of an info level 502 for a NetWkstaGetInfo request ... rest
sharpe [Wed, 30 Apr 2003 20:26:02 +0000 (20:26 +0000)]
Dissect part of an info level 502 for a NetWkstaGetInfo request ... rest
later ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7612 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthijs Melchior: export the exception mechanism routines to
guy [Wed, 30 Apr 2003 19:19:15 +0000 (19:19 +0000)]
From Matthijs Melchior: export the exception mechanism routines to
plugins on platforms on which plugins need to use the table of functions
exported to plugins.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7611 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Kaloian Stoilov: add a subtree for the MSTI flags.
guy [Wed, 30 Apr 2003 18:55:32 +0000 (18:55 +0000)]
From Kaloian Stoilov: add a subtree for the MSTI flags.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7610 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAhhh, that is better. Now I can dissect the request properly.
sharpe [Wed, 30 Apr 2003 17:45:04 +0000 (17:45 +0000)]
Ahhh, that is better. Now I can dissect the request properly.

Why did they code the IDL such that an empty user info structure is sent
over in the request.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7609 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoComplete the dissection of NetWkstaEnumUsers with responses handled now.
sharpe [Wed, 30 Apr 2003 17:32:07 +0000 (17:32 +0000)]
Complete the dissection of NetWkstaEnumUsers with responses handled now.

However, while I get the info out, there is a problem in that I am not
quite sure that the IDL is correct and that entries read is handled properly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7608 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoModify tvb_get_nstringz*() to behave more like snprintf(). Make changes
gerald [Wed, 30 Apr 2003 02:35:28 +0000 (02:35 +0000)]
Modify tvb_get_nstringz*() to behave more like snprintf().  Make changes
where necessary to reflect the new behavior.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7607 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoTiny update
jmayer [Tue, 29 Apr 2003 23:58:00 +0000 (23:58 +0000)]
Tiny update

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7606 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThis fixes up the decode at the expense of adding some junk fields ...
sharpe [Tue, 29 Apr 2003 23:28:36 +0000 (23:28 +0000)]
This fixes up the decode at the expense of adding some junk fields ...
I can send a capture to anyone who wants ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7605 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoStart dissecting, but the IDL looks wrong. It looks like a couple of the
sharpe [Tue, 29 Apr 2003 23:14:46 +0000 (23:14 +0000)]
Start dissecting, but the IDL looks wrong. It looks like a couple of the
out parameters were included, like maybe the bufptr, and one of the other
fields that is a LPDWORD got included ... and prefmaxlen is further down ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7604 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd a "proto_item_set_end()" routine that sets the length of an item
guy [Tue, 29 Apr 2003 21:27:19 +0000 (21:27 +0000)]
Add a "proto_item_set_end()" routine that sets the length of an item
given a tvbuff/offset pair referring to the byte past the end of the
item.  Use it in one place in the SMB dissector (there are plenty of
other places where it could be used as well).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7603 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoConfirm a simple theory. Write small VC++ program to call NetWkstaEnumUsers
sharpe [Tue, 29 Apr 2003 21:06:27 +0000 (21:06 +0000)]
Confirm a simple theory. Write small VC++ program to call NetWkstaEnumUsers
and watch for the RPC to be sent. Grab RPC OpNum from trace, and increase
our knowledge of these RPCs.

Next to code up the dissectors, and then on to NetWkstaSetInfo etc. MSDN has
lots of info ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7602 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't export "osinl_subdissector_table" or "ppp_subdissector_table" -
guy [Tue, 29 Apr 2003 17:56:49 +0000 (17:56 +0000)]
Don't export "osinl_subdissector_table" or "ppp_subdissector_table" -
have other dissectors that use them fetch them with

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7601 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't export "ip_dissector_table" explicitly; now that we have
guy [Tue, 29 Apr 2003 17:24:35 +0000 (17:24 +0000)]
Don't export "ip_dissector_table" explicitly; now that we have
"find_dissector_table()", have the IPv6 and IPSEC dissectors fetch the
IP dissector table by name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7600 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoTypo fix, from Laurent Rabret.
guy [Tue, 29 Apr 2003 16:57:05 +0000 (16:57 +0000)]
Typo fix, from Laurent Rabret.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7599 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix display bug for interval. Interval was displayed as seconds and not in
sahlberg [Tue, 29 Apr 2003 08:47:20 +0000 (08:47 +0000)]
Fix display bug for interval.  Interval was displayed as seconds and not in
ms units.

Fix conversion bug when converting from float to integer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7598 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoiSNS support, from Garth Bushell.
guy [Tue, 29 Apr 2003 02:55:14 +0000 (02:55 +0000)]
iSNS support, from Garth Bushell.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7597 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd entries for March.
gerald [Tue, 29 Apr 2003 02:33:47 +0000 (02:33 +0000)]
Add entries for March.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7596 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Jean-Baptiste Marchand: fix typo in value_string table for LDAP
guy [Tue, 29 Apr 2003 02:15:32 +0000 (02:15 +0000)]
From Jean-Baptiste Marchand: fix typo in value_string table for LDAP
message types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7595 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Yaniv Kaul - remove the check for the SafeNet VID, as that's not
guy [Mon, 28 Apr 2003 20:03:37 +0000 (20:03 +0000)]
From Yaniv Kaul - remove the check for the SafeNet VID, as that's not
SafeNet's VID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7594 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Yaniv Kaul: check a reserved field against 0 (the RFC specifies it
guy [Mon, 28 Apr 2003 19:24:48 +0000 (19:24 +0000)]
From Yaniv Kaul: check a reserved field against 0 (the RFC specifies it
must be zero), and displays an indication of whether it's zero or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7593 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agodissect_nt_access_mask() sometimes ami is NULL.
sahlberg [Mon, 28 Apr 2003 10:42:14 +0000 (10:42 +0000)]
dissect_nt_access_mask()    sometimes ami is NULL.
check that it is non-NULL before we dereference it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7592 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMove the specific rights dissection function and name into a structure
tpot [Mon, 28 Apr 2003 04:44:54 +0000 (04:44 +0000)]
Move the specific rights dissection function and name into a structure
instead of passing them around as separate parameters.  This is a
prelude to adding generic and standard mapping to the access mask

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7591 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix several buffer and integer overflow issues discovered by Timo Sirainen.
gerald [Mon, 28 Apr 2003 04:03:26 +0000 (04:03 +0000)]
Fix several buffer and integer overflow issues discovered by Timo Sirainen.


  Lots of existing code assumes that you can safely do the following:

    #define MAX_BUF 64
    guint8 *buf[MAX_BUF];

    tvb_get_nstringz0 (tvb, offset, MAX_BUF, buf, &bytes_copied);

  In reality, tvb_get_nstringz*() can potentially write one byte past
  "buf".  Modify _tvb_get_nstringz() not to do that.


  Check for a valid BAP suboption length.


  Fix a possible integer overflow in dissect_group().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7590 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthijs Melchior: fix "asn1_bits_decode()", and make its API more
guy [Mon, 28 Apr 2003 00:31:26 +0000 (00:31 +0000)]
From Matthijs Melchior: fix "asn1_bits_decode()", and make its API more
closely resemble that of other decode routines.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7589 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNote some weirdness seen in some captures, where the direction flag in
guy [Sun, 27 Apr 2003 23:52:11 +0000 (23:52 +0000)]
Note some weirdness seen in some captures, where the direction flag in
the SMB isn't set on replies.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7588 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: document the "mgcp,rtd" tap for Ethereal, and improve
guy [Sun, 27 Apr 2003 21:52:24 +0000 (21:52 +0000)]
From Lars Roland: document the "mgcp,rtd" tap for Ethereal, and improve
the documentation for that tap for Tethereal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7587 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland: add routines to use when creating statistics windows
guy [Sun, 27 Apr 2003 21:50:59 +0000 (21:50 +0000)]
From Lars Roland: add routines to use when creating statistics windows
(at least with GTK+ 1.2[.x]), and make the MGCP statistics routine use
them.  The routines use a GtkCList and make it scrollable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7586 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUse "tvb_format_text()" to format the string in "cb_str_postprocess()",
guy [Sun, 27 Apr 2003 21:48:46 +0000 (21:48 +0000)]
Use "tvb_format_text()" to format the string in "cb_str_postprocess()",
to avoid problems with non-printable characters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7585 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoReplace some unchecked malloc calls by g_malloc.
deniel [Sun, 27 Apr 2003 20:57:58 +0000 (20:57 +0000)]
Replace some unchecked malloc calls by g_malloc.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7584 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdate some more names ...
sharpe [Sun, 27 Apr 2003 17:46:15 +0000 (17:46 +0000)]
Update some more names ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7583 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNewer build tools generate the following warning:
jmayer [Sun, 27 Apr 2003 09:16:36 +0000 (09:16 +0000)]
Newer build tools generate the following warning:

Makefile.am:99: `YFLAGS' is a user variable, you should not override it;
Makefile.am:99: use `AM_YFLAGS' instead.

Fix it in the proposed way.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7582 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support for level 102 info ...
sharpe [Sun, 27 Apr 2003 06:23:16 +0000 (06:23 +0000)]
Add support for level 102 info ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7581 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoLet's have the correct name for this sucker.
sharpe [Sun, 27 Apr 2003 06:16:57 +0000 (06:16 +0000)]
Let's have the correct name for this sucker.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7580 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd mode info levels for NetWkstaGetInfo. Praise be for MSDN :-)
sharpe [Sun, 27 Apr 2003 06:11:45 +0000 (06:11 +0000)]
Add mode info levels for NetWkstaGetInfo. Praise be for MSDN :-)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7579 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdded decoding of EnumServicesStatus request packets
sahlberg [Sun, 27 Apr 2003 06:05:43 +0000 (06:05 +0000)]
Added decoding of EnumServicesStatus request packets

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7578 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdded function QueryServiceLockStatus
sahlberg [Sun, 27 Apr 2003 04:38:10 +0000 (04:38 +0000)]
Added function QueryServiceLockStatus

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7577 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoCall dissect_nt_status() instead of dissect_ndr_uint32() when dissecting
tpot [Sun, 27 Apr 2003 04:33:10 +0000 (04:33 +0000)]
Call dissect_nt_status() instead of dissect_ndr_uint32() when dissecting
return status codes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7576 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdded decoding of the two functions LockServiceDatabase and UnlockServiceDatabase
sahlberg [Sun, 27 Apr 2003 02:33:02 +0000 (02:33 +0000)]
Added decoding of the two functions LockServiceDatabase and UnlockServiceDatabase

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7575 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdded dissectors for the functions : OpenSCManager and CloseServiceHandle
sahlberg [Sun, 27 Apr 2003 02:03:19 +0000 (02:03 +0000)]
Added dissectors for the functions :  OpenSCManager and CloseServiceHandle

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7574 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoClean up the example for the "-m" flag.
guy [Sun, 27 Apr 2003 00:50:06 +0000 (00:50 +0000)]
Clean up the example for the "-m" flag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7573 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNot all strings in MS interfaces are unicode.
sahlberg [Sun, 27 Apr 2003 00:49:14 +0000 (00:49 +0000)]
Not all strings in MS interfaces are unicode.

Rename cb_str_postprocess which handles unicode strings to cb_wstr_postprocess.

Add cb_str_postprocess which handles ASCII strings

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7572 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Matthijs Melchior:
guy [Sun, 27 Apr 2003 00:41:52 +0000 (00:41 +0000)]
From Matthijs Melchior:

-  added option -m to set maximum packet length
-  added option -T to generate TCP headers
-  UDP headers now have a correct checksum
-  default capture timestamp is current time, usec field counts packets
-  UDP and TCP headers are mutually exclusive
-  changed etherenet addresses, now sends from 1 -> 2 ....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7571 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix a typo.
guy [Sun, 27 Apr 2003 00:34:27 +0000 (00:34 +0000)]
Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7570 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoPut the new "-z" examples in boldface. (pod2man warns you about that.)
guy [Sat, 26 Apr 2003 05:38:07 +0000 (05:38 +0000)]
Put the new "-z" examples in boldface.  (pod2man warns you about that.)

Wrap some paragraphs to 80 columns.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7569 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFinish the dissection of what we know here. My, Ronnie has made this easy.
sharpe [Sat, 26 Apr 2003 00:44:21 +0000 (00:44 +0000)]
Finish the dissection of what we know here. My, Ronnie has made this easy.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7568 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNew DCERPC pipe for Windows service control. Implemented only stubs so far.
tpot [Sat, 26 Apr 2003 00:19:24 +0000 (00:19 +0000)]
New DCERPC pipe for Windows service control.  Implemented only stubs so far.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7567 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoBegin to parse wkssvc stuff ...
sharpe [Sat, 26 Apr 2003 00:00:30 +0000 (00:00 +0000)]
Begin to parse wkssvc stuff ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7566 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoShow the URL of the I-D giving information on Kerberos-over-TCP.
guy [Fri, 25 Apr 2003 21:30:42 +0000 (21:30 +0000)]
Show the URL of the I-D giving information on Kerberos-over-TCP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7565 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Tony Schene: Kerberos-over-TCP support.
guy [Fri, 25 Apr 2003 21:29:19 +0000 (21:29 +0000)]
From Tony Schene: Kerberos-over-TCP support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7564 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Tony Schene: after freeing saved authentication mechanism strings
guy [Fri, 25 Apr 2003 21:19:10 +0000 (21:19 +0000)]
From Tony Schene: after freeing saved authentication mechanism strings
in the "auth_info_items" list, and free all the items in that list, we
need to null out the pointer to that list to indicate that it's been
emptied out.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7563 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Tony Schene: initial stub Kerberos kadmin support.
guy [Fri, 25 Apr 2003 21:09:37 +0000 (21:09 +0000)]
From Tony Schene: initial stub Kerberos kadmin support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7562 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Lars Roland:
guy [Fri, 25 Apr 2003 20:54:18 +0000 (20:54 +0000)]
From Lars Roland:

Filter dialog for the MGCP statistics tap.

Routines for building GUI table displays for statistics taps.

Use the timestats.c routines in the SMB statistics tap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7561 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Greg Morris:
guy [Fri, 25 Apr 2003 20:36:29 +0000 (20:36 +0000)]
From Greg Morris:

1. Some NCP's that displayed the file/directory path in the
   summary window would display blank lines on Windows based
   machines.  This was due to unicode or non-displayable
   characters contained in the character string being added to
   the column data.  I made a change to format/strip out
   non-displayable characters prior to adding to the column

2. Moved ncp_req_hash_value struct to packet-ncp-int.h so that
   I can use it within a future dissector (NMAS).

Clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7560 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Greg Morris:
guy [Fri, 25 Apr 2003 20:33:16 +0000 (20:33 +0000)]
From Greg Morris:

NCP 123,62 did not display value for the set command. Set default
value to guint32.

Add some stuff for the Novell Modular Authentication Service.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7559 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoObscure email addresses and update entries.
gerald [Fri, 25 Apr 2003 15:04:32 +0000 (15:04 +0000)]
Obscure email addresses and update entries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7558 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoInitialize hf_bgp_cluster_list.
gerald [Fri, 25 Apr 2003 14:44:43 +0000 (14:44 +0000)]
Initialize hf_bgp_cluster_list.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7557 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix a compiler warning.
guy [Fri, 25 Apr 2003 05:50:20 +0000 (05:50 +0000)]
Fix a compiler warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7556 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDeclare as "extern" the exported functions, as this file is, when we
guy [Fri, 25 Apr 2003 05:39:33 +0000 (05:39 +0000)]
Declare as "extern" the exported functions, as this file is, when we
build some tables for plugins, used with the function names actually
referring to function pointer variables, which are not automatically

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7555 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix a comment.
guy [Thu, 24 Apr 2003 23:18:07 +0000 (23:18 +0000)]
Fix a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7554 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake the dialog box "transient for" the main window, as we do with other
guy [Thu, 24 Apr 2003 23:17:43 +0000 (23:17 +0000)]
Make the dialog box "transient for" the main window, as we do with other
pop-up dialogs.

If thee's already one such dialog, and the user asks for another one,
reactivate the old one (so it gets un-minimized if necessary), don't
just raise it.

Put the "Create Stat" button in a box, so it doesn't widen to the full
width of the window, and add a "Cancel" button to dismiss the dialog

Arrange that <ESC> dismisses the dialog box, and that typing <Enter> in
the filter dialog box activates the dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7553 f5534014-38df-0310-8fa8-9805f1628bb7