obnox/wireshark/wip.git
13 years agoProvide not only copyright information, but a GPL blurb, in all the
guy [Wed, 21 Dec 2005 08:59:52 +0000 (08:59 +0000)]
Provide not only copyright information, but a GPL blurb, in all the
version/usage messages.

Put newlines at the end of various version strings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16870 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoadd dissection of two more NTCreateAndX bits :
sahlberg [Wed, 21 Dec 2005 08:48:59 +0000 (08:48 +0000)]
add dissection of two more NTCreateAndX bits :
open by file id
and
backup intent

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16869 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom jaap Keuter:
etxrab [Tue, 20 Dec 2005 18:38:13 +0000 (18:38 +0000)]
From jaap Keuter:
Taking a random dissector from the list on the Wiki I picked packet-enip.c. Nothing wrong with this one, I still ememified it.

From Bart Braem:
packet-mip.c does not have support for all registration denials by the foreign agent, code 77 was left out. The attached patch fixes that.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16868 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd ASN1 code from some more 3GPP2 dockuments.
etxrab [Tue, 20 Dec 2005 18:26:28 +0000 (18:26 +0000)]
Add ASN1 code from some more 3GPP2 dockuments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16867 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agopacket-rnsap.[hc] were added to Makefile.common but missing from svn
jmayer [Tue, 20 Dec 2005 09:23:42 +0000 (09:23 +0000)]
packet-rnsap.[hc] were added to Makefile.common but missing from svn

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16866 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agopacket-radius.c, packet-xml.c:
jmayer [Tue, 20 Dec 2005 08:35:53 +0000 (08:35 +0000)]
packet-radius.c, packet-xml.c:
        Fix a memory leak found by valgrind:
        Although dir isn't a directory it may still use memory

packet-xml.c:
        Reformat the relevant function in packet-xml.c to be readable on systems
        where a tab is 8 spaces.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16865 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd dissection of RNSAP, not complete yet.
etxrab [Tue, 20 Dec 2005 07:22:33 +0000 (07:22 +0000)]
Add dissection of RNSAP, not complete yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16864 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoMake sure we don't try to close an already-closed file.
gerald [Tue, 20 Dec 2005 02:50:04 +0000 (02:50 +0000)]
Make sure we don't try to close an already-closed file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16863 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFix some asn1 errors and insert the new code to call TCAP.
etxrab [Mon, 19 Dec 2005 19:39:42 +0000 (19:39 +0000)]
Fix some asn1 errors and insert the new code to call TCAP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16862 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoGet rid of some GCC warnings about unused code.
etxrab [Mon, 19 Dec 2005 19:36:32 +0000 (19:36 +0000)]
Get rid of some GCC warnings about unused code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16861 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd dissection of Error parameters hopfully geting rid of some GCC warnings.
etxrab [Mon, 19 Dec 2005 19:34:52 +0000 (19:34 +0000)]
Add dissection of Error parameters hopfully geting rid of some GCC warnings.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16860 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoregister the m3ua dissector by name
lego [Mon, 19 Dec 2005 19:21:32 +0000 (19:21 +0000)]
register the m3ua dissector by name

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16859 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAvoid a warning if release_cause == 0
lego [Mon, 19 Dec 2005 19:20:31 +0000 (19:20 +0000)]
Avoid a warning if release_cause == 0

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16858 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd support for Juniper GGSN generated pcap files.
lego [Mon, 19 Dec 2005 19:18:20 +0000 (19:18 +0000)]
Add support for Juniper GGSN generated pcap files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16857 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom John Sullivan:
etxrab [Mon, 19 Dec 2005 06:48:07 +0000 (06:48 +0000)]
From John Sullivan:
Three patches here:

eth-ed-2.diff
-------------

1) The handling of HashSet Answer messages was wrong
2) Add dissection of some more eMule extension packets to do with
   error recovery

eth-bt-1.diff
-------------

New versions of the Azureus BitTorrent client implement a new extension to the protocol, which is effectively a text based encapsulation of the binary BitTorrent protocol, embedded within the BitTorrent protocol. Who knows why they thought that was a good idea, but this patch can pick apart their new headers.

eth-bt-2.diff
-------------

By registering a normal dissector as well as the heuristic one, BitTorrent shows up on the Decode As... list so you can manually override its mistake.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16856 f5534014-38df-0310-8fa8-9805f1628bb7

13 years ago"Fix" for warning: enumeration value 'TS_NOT_SET' not handled in switch
jmayer [Sun, 18 Dec 2005 23:29:37 +0000 (23:29 +0000)]
"Fix" for warning: enumeration value 'TS_NOT_SET' not handled in switch
   Just g_assert until someone who understands the code checks in a real
   fix.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16855 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agowarning: no newline at end of file
jmayer [Sun, 18 Dec 2005 23:23:21 +0000 (23:23 +0000)]
warning: no newline at end of file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16854 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agowarning: C++ style comments are not allowed in ISO C90
jmayer [Sun, 18 Dec 2005 23:22:47 +0000 (23:22 +0000)]
warning: C++ style comments are not allowed in ISO C90

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16853 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agowarning: function declaration isn't a prototype
jmayer [Sun, 18 Dec 2005 23:18:06 +0000 (23:18 +0000)]
warning: function declaration isn't a prototype

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16852 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUpdate from samba tree revision 12205 to 12325
jmayer [Sun, 18 Dec 2005 22:40:49 +0000 (22:40 +0000)]
Update from samba tree revision 12205 to 12325
============================ Samba log start ============
------------------------------------------------------------------------
r12205 | jelmer | 2005-12-13 02:56:04 +0100 (Tue, 13 Dec 2005) | 2 lines

Support 'TFS' command in conformance files

------------------------------------------------------------------------
r12206 | jelmer | 2005-12-13 14:14:23 +0100 (Tue, 13 Dec 2005) | 2 lines

Fix some issues in NOEMIT

------------------------------------------------------------------------
============================ Samba log end ==============

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16851 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoIndent authors' e-mail addresses with tabs (so the list is properly
guy [Sun, 18 Dec 2005 20:54:47 +0000 (20:54 +0000)]
Indent authors' e-mail addresses with tabs (so the list is properly
aligned in the About box).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16850 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUse tabs to indent all credits.
guy [Sun, 18 Dec 2005 19:46:38 +0000 (19:46 +0000)]
Use tabs to indent all credits.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16849 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoRe-UTF-8ify.
guy [Sun, 18 Dec 2005 19:41:49 +0000 (19:41 +0000)]
Re-UTF-8ify.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16848 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Michael Rozhavsky:
etxrab [Sun, 18 Dec 2005 19:01:46 +0000 (19:01 +0000)]
From Michael Rozhavsky:
In my previous patch I forgot to add a OOBResync flag to the DBD packet flags field. This patch adds this flag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16847 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoWork in progress ANSI MAP dissector.
etxrab [Sun, 18 Dec 2005 18:17:29 +0000 (18:17 +0000)]
Work in progress ANSI MAP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16846 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Martin Warnes
etxrab [Sun, 18 Dec 2005 18:15:24 +0000 (18:15 +0000)]
From Martin Warnes
Attached a small patch to top level Makefile.am to include the recently
added diamter data files chargecontrol.xml and TGPPSh.xml

From jaaap Keuter:
I've polished up the README.malloc describing ememified memory management. It's basically the same information, but made a bit more accessable. All this in response to bug 511

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16845 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Greg Morris:
etxrab [Sun, 18 Dec 2005 18:13:05 +0000 (18:13 +0000)]
From Greg Morris:
-  New Dissector Novell Cluster Services

1. Changes Dir Handle Type from Boolean to val string
2. Changes Search Mode from Boolean to val string
3. Adds a number of additional attribute definitions
4. Adds file migration state values
5. Adds missing return values
6. Adds NCP 90,150 "File Migration Request"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16844 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agouse #ifdef SHOW_WELCOME_PAGE for the currently disabled welcome page instead of simpl...
ulfl [Sun, 18 Dec 2005 11:36:06 +0000 (11:36 +0000)]
use #ifdef SHOW_WELCOME_PAGE for the currently disabled welcome page instead of simply #if 0

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16843 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoIf we're going to use a handle for the data handle, we need to get a
guy [Sun, 18 Dec 2005 11:19:25 +0000 (11:19 +0000)]
If we're going to use a handle for the data handle, we need to get a
handle for that dissector.  This fixes bug 637.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16842 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUpdate tcap.cnf to generate the current packet-tcap.c
guy [Sun, 18 Dec 2005 11:08:38 +0000 (11:08 +0000)]
Update tcap.cnf to generate the current packet-tcap.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16841 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoGet rid of an unused variable.
guy [Sun, 18 Dec 2005 10:59:45 +0000 (10:59 +0000)]
Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16840 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoSquelch a compiler warning.
guy [Sun, 18 Dec 2005 10:58:47 +0000 (10:58 +0000)]
Squelch a compiler warning.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16839 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoGet rid of an unused variable.
guy [Sun, 18 Dec 2005 10:51:41 +0000 (10:51 +0000)]
Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16838 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoGet rid of an unused variable.
guy [Sun, 18 Dec 2005 10:42:29 +0000 (10:42 +0000)]
Get rid of an unused variable.

Fix a typo in svn:keywords.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16837 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoreassembling as enabled by default (the default was changed from disabled to enabled...
ulfl [Sun, 18 Dec 2005 03:42:01 +0000 (03:42 +0000)]
reassembling as enabled by default (the default was changed from disabled to enabled some time ago)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16836 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoremove // comments
lego [Sat, 17 Dec 2005 21:17:58 +0000 (21:17 +0000)]
remove // comments

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16835 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoHave tcap subdissectors registering using functions provided by tcap and tcap manage...
lego [Sat, 17 Dec 2005 16:55:45 +0000 (16:55 +0000)]
Have tcap subdissectors registering using functions provided by tcap and tcap manage ssn registration.

In packet-sccp.c avoid not having a binding.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16834 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoWin32 bugfix: peeking the signal_pipe at capture_loop start seems to be unreliable
ulfl [Sat, 17 Dec 2005 00:19:47 +0000 (00:19 +0000)]
Win32 bugfix: peeking the signal_pipe at capture_loop start seems to be unreliable

Instead, simply keep the signal_pipe setting directly from the command line which is working well

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16833 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoboth eug and edg still mentioned Ethereal 0.10.12
ulfl [Sat, 17 Dec 2005 00:16:37 +0000 (00:16 +0000)]
both eug and edg still mentioned Ethereal 0.10.12

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16832 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoadd work in progress srvsvc.idl.
sahlberg [Fri, 16 Dec 2005 22:06:52 +0000 (22:06 +0000)]
add work in progress srvsvc.idl.

This idl file is required by wkssvc.idl since wkssvc references Platform_id

There are still some minor changes required for pidl to prettify the output for both wkssvc and srvsvc before these two dissectors should be used.

note that this idl is significantly different from the samba4 idl since it contains all the additional functions and structures the handwritten dissector has that is lacking from s4 idl.

it is expected that s4 will take up the authorative version of this idl soon so there will only be one master copy of this idl.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16831 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoInclude the latest diameter.xml files
etxrab [Fri, 16 Dec 2005 20:58:50 +0000 (20:58 +0000)]
Include the latest diameter.xml files

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16830 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agomodify the tool tip "Nodes in the diagram are identified with network source and...
etxrab [Fri, 16 Dec 2005 20:54:24 +0000 (20:54 +0000)]
modify the tool tip "Nodes in the diagram are identified with network source and destination address (like SS7 point codes)" remove the section between parenthesis

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16829 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoA patch for packet-ospf.c is attached:
etxrab [Fri, 16 Dec 2005 20:37:45 +0000 (20:37 +0000)]
A patch for packet-ospf.c is attached:
 - Fix the handling of the DN-bit of options field.
 - Add a new function dissect_ospf_bitfield() to dissect a bitfield
   such as options, flags. The following functions are merged by
   using this function.
     - dissect_ospf_lls_extended_options()
     - dissect_ospf_dbd()
     - dissect_ospf_options()
     - dissect_ospf_v3_prefix_options()
 - dissect the flags and prefix-options bitfield.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16828 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAs per Olivier Jacques mail,
etxrab [Fri, 16 Dec 2005 20:36:09 +0000 (20:36 +0000)]
As per Olivier Jacques mail,
"preferences/mtp3 must be changed accordingly (it is explicitly indicated that the "network address format" is ..."
Change the text and som names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16827 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoIf "CLIENTNAME" is set (which indicates that we're using RDP) use
gerald [Fri, 16 Dec 2005 17:53:44 +0000 (17:53 +0000)]
If "CLIENTNAME" is set (which indicates that we're using RDP) use
"not tcp port 3389" instead of "not ip host $CLIENTNAME", since it
seems to be more reliable.

Make sure we remove dumpcap.obj when we clean.

This also tests the content-type "text/plain; charset=utf-8" for commit
messages.  Maybe Stig B's name will show up correctly now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16826 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoSome updates
jmayer [Fri, 16 Dec 2005 17:52:05 +0000 (17:52 +0000)]
Some updates

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16825 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoDon't link dumpcap against libethereal etc.
jmayer [Fri, 16 Dec 2005 17:05:37 +0000 (17:05 +0000)]
Don't link dumpcap against libethereal etc.
It might be, that I've removed too many options:

in that case, replace
@PCAP_LIBS@
by some of
@PCAP_LIBS@ @SOCKET_LIBS@ @NSL_LIBS@

and let me know which of the options are needed

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16824 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoJaap Keuter:
jmayer [Fri, 16 Dec 2005 16:40:31 +0000 (16:40 +0000)]
Jaap Keuter:
I'm seeing a variant of the registered Ethernet address for MS NLB
multicast being used.

Changed to remove "multicast" from the name as it isn't a multicast
address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16823 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Jaap Keuter:
etxrab [Fri, 16 Dec 2005 16:37:03 +0000 (16:37 +0000)]
From Jaap Keuter:
- Editcap
Mikko Tiihonen filed bug 379 including a patch for editcap. This wasn't picked up so far. I've ported the patch to svn 16820 and included a documentation patch.

-packet-ieee80211.c
Radek Vokal of RedHat filed a bug found by Vladimir Kondratiev of Intel in the 802.11 dissector. Radek provided a sample capture and Vladimir a oneliner patch. I've ported the patch to svn 16820 and tested it against the provided capture. Works well.

-From Kan Sasaki
A patch for packet-ospf.c is attached:
 - Fix the handling of the DN-bit of options field.
 - Add a new function dissect_ospf_bitfield() to dissect a bitfield
   such as options, flags. The following functions are merged by
   using this function.
     - dissect_ospf_lls_extended_options()
     - dissect_ospf_dbd()

     - dissect_ospf_options()
     - dissect_ospf_v3_prefix_options()
 - dissect the flags and prefix-options bitfield.

- lldp Bugfix Bug 596  LLDP TIA Network Policy Decode is not correct

- Camel make it possible to dissect based on OID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16822 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Jaap Keuter:
etxrab [Fri, 16 Dec 2005 16:31:46 +0000 (16:31 +0000)]
From Jaap Keuter:
Bug 373 complains about a field type. Trivial fix attached.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16821 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoDeclare the GTK 2.6 as the official mainline now!!!
ulfl [Fri, 16 Dec 2005 08:20:22 +0000 (08:20 +0000)]
Declare the GTK 2.6 as the official mainline now!!!

(as per mailing list discussions and mainly as the Gimp windows port also uses this version)

fix the NSIS install settings for GTK 2.6 of GTK-Wimp

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16820 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agosome minor fixes: logging and comments fixed
ulfl [Fri, 16 Dec 2005 07:43:24 +0000 (07:43 +0000)]
some minor fixes: logging and comments fixed

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16819 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Michael Rozhavsky:
etxrab [Fri, 16 Dec 2005 07:37:28 +0000 (07:37 +0000)]
From Michael Rozhavsky:

This patch adds support for draft-nguyen-ospf-lls-05.txt, draft-nguyen-ospf-oob-resync-05.txt and draft-nguyen-ospf-restart-05.txt. These are an alternative way to do OSPF graceful restart.

These drafts are implemented by cisco and several other vendors that want to interoperate with cisco. My patch adds a dissectors for LLS TLVs.

I had to modify the existing ospf dissector as it assumed that all the data after IP header is OSPF packet. This is not true anymore and probably was not true before as well.

Also please find attached an example of OSPF packets with LLS data blocks.
--

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16818 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Jacques, Olivier (OCBU-Test Infra)
etxrab [Fri, 16 Dec 2005 07:20:13 +0000 (07:20 +0000)]
From Jacques, Olivier (OCBU-Test Infra)

> here is a small patch for the flow graph feature. It allows
> to have SS7 nodes (network indicator/point codes) to be
> recognized as nodes in the graphs.
> The patch consists in using "pinfo->net_src" or
> "pinfo->net_dst" instead of "pinfo->src" or "pinfo->dst".
> I did some tests with other IP protocols and behavior was
> still the same as before. But I do not guaranty that it
> doesn't have some bad side effects for some protocols.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16817 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Grame Lunt:
etxrab [Fri, 16 Dec 2005 07:18:52 +0000 (07:18 +0000)]
From Grame Lunt:
The new oid_resolv.c OID handling is more strict on what an OID is. It now requires the OID string representation to be a sequence of dotted integers - particularly when looking up an associated name.

The X.411 and DISP dissectors have [ab]used the OID handling to support the dissection of x.411 standard-extensions (which are indicated by a single
integer) and where the OID is sufficient by itself (disp). Have a look at x411.cnf and disp.cnf

Attached is a small patch to restore the previous functionality in the new handling. If this is something you don't wish to continue to support in the OID handling, then I'll look at alternate mechanisms.

Graeme

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16816 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoGet rid of duplicted dissector tables for MTP3 Service indicator and SCCP ssn:s
etxrab [Fri, 16 Dec 2005 07:05:50 +0000 (07:05 +0000)]
Get rid of duplicted dissector tables for MTP3 Service indicator and SCCP ssn:s

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16815 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Graeme Lunt:
etxrab [Fri, 16 Dec 2005 06:47:22 +0000 (06:47 +0000)]
From Graeme Lunt:
* DOP - This has now been successfully tested and so is now enabled by default and workaround code removed.
Also now uses the correct EXPORTs from the other modules/dissectors.

* X509SAT - Most of the selected attributes are now supported in addition to the DirectoryString syntax attributes. This includes restoring the correct DirectoryString syntax and also providing the basic syntaxes (e.g. OBJECT IDENTIFIER, PrintableString). The latter requires a sed line in the Makefile which I assume should be OK? Not all the SAT can be defined in x509sat - so some have been included in x509if and x509af - though x509sat.cnf contains the master list and references the other dissectors where appropriate.

(I still prefer a syntax registration approach but I don't think that is going to be agreed in the short term.)

* X509IF - a mechanism to register some formating, based upon the hf_index, that is used in the cnf file.

* A couple of fixes identified by Stig.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16814 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Stig B
sahlberg [Fri, 16 Dec 2005 00:32:12 +0000 (00:32 +0000)]
From Stig B
Patch for COTP reassembly.

There does not seem to be any reasonable or cleaner way to fix COTP
reassembly than adding the frame.[ch] patch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16813 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agofrom Jaap K
sahlberg [Thu, 15 Dec 2005 23:17:01 +0000 (23:17 +0000)]
from Jaap K

fix for bug 306

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16812 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoupdate to modbus/tcp
sahlberg [Thu, 15 Dec 2005 22:54:33 +0000 (22:54 +0000)]
update to modbus/tcp

Make the dissector new-style and add simple (better than nothing) heuristics so that it can reject some packets that are obviously not modbus.

change the constants to upper case

 the horrors:
replace two instances where tvb_memcpy()  were used to read straight into a structure to instead read the structure field by field using tvb_get_...()
This may allow the modbus dissector to actually work.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16811 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFix themeing for GTK+ 2.8. This hasn't been tested under 2.6 or 2.4.
gerald [Thu, 15 Dec 2005 19:12:51 +0000 (19:12 +0000)]
Fix themeing for GTK+ 2.8.  This hasn't been tested under 2.6 or 2.4.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16810 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoMake sure we install the libpng and cairo DLLs if needed.
gerald [Thu, 15 Dec 2005 03:36:17 +0000 (03:36 +0000)]
Make sure we install the libpng and cairo DLLs if needed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16809 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUse the reported length, not the length, to figure out how much to
guy [Thu, 15 Dec 2005 02:44:26 +0000 (02:44 +0000)]
Use the reported length, not the length, to figure out how much to
dissect (so that we report a packet cut short by the snapshot length).

Get rid of an unused variable..

As we restore "pinfo->fragmented" from "save_fragmented" regardless of
whether we're defragmenting or not, we have to save its previous value
in "save_fragmented" regardless of whether we're defragmenting or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16808 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoremove the setting of no longer required command line options:
ulfl [Thu, 15 Dec 2005 00:48:59 +0000 (00:48 +0000)]
remove the setting of no longer required command line options:

-H (Hide capture info dialog)
-m (font to use)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16807 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoremove a missplaced comment
ulfl [Thu, 15 Dec 2005 00:46:23 +0000 (00:46 +0000)]
remove a missplaced comment

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16806 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agouse capture_opts_trim_iface() instead of duplicated code
ulfl [Thu, 15 Dec 2005 00:45:29 +0000 (00:45 +0000)]
use capture_opts_trim_iface() instead of duplicated code

various minor code cleanup

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16805 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFix Bug 628 Bugzilla 2.18.3
etxrab [Wed, 14 Dec 2005 21:46:56 +0000 (21:46 +0000)]
Fix Bug 628  Bugzilla 2.18.3
CAMEL - Connect decoding error
- Calledparty number included first two octets

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16804 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd possibility to try to dissect IP over TIPC.
etxrab [Wed, 14 Dec 2005 21:40:04 +0000 (21:40 +0000)]
Add possibility to try to dissect IP over TIPC.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16803 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd support for GLib/GTK+ 2.8. Point to the latest tag.
gerald [Wed, 14 Dec 2005 21:19:39 +0000 (21:19 +0000)]
Add support for GLib/GTK+ 2.8.  Point to the latest tag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16802 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Jaap Keuter:
etxrab [Wed, 14 Dec 2005 21:14:57 +0000 (21:14 +0000)]
From Jaap Keuter:
> Two patch files are attached adding UDP-Lite dissection to the UDP
> dissector. Wiki page is available at the normal location, including
> sample captures courtesy of Gerrit Renker of the University of
> Aberdeen Electronics Research Group. The patch has been tested with
> both the sample captures and Fuzz test.

And add Marc Petit-Huguenin to AUTHORS

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16801 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd makefiles
etxrab [Wed, 14 Dec 2005 21:04:42 +0000 (21:04 +0000)]
Add makefiles

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16800 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Grame Lunt:
etxrab [Wed, 14 Dec 2005 21:02:56 +0000 (21:02 +0000)]
From Grame Lunt:
Attached is a patch that updates -

* DOP - This has now been successfully tested and so is now enabled by default and workaround code removed.
Also now uses the correct EXPORTs from the other modules/dissectors.

* X509SAT - Most of the selected attributes are now supported in addition to the DirectoryString syntax attributes. This includes restoring the correct DirectoryString syntax and also providing the basic syntaxes (e.g. OBJECT IDENTIFIER, PrintableString). The latter requires a sed line in the Makefile which I assume should be OK? Not all the SAT can be defined in x509sat - so some have been included in x509if and x509af - though x509sat.cnf contains the master list and references the other dissectors where appropriate.

(I still prefer a syntax registration approach but I don't think that is going to be agreed in the short term.)

* X509IF - a mechanism to register some formating, based upon the hf_index, that is used in the cnf file.

* A couple of fixes identified by Stig.

Note the patc for dop did not apply don't regenerate dissectors yet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16799 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Graeme Lunt:
etxrab [Wed, 14 Dec 2005 20:45:15 +0000 (20:45 +0000)]
From Graeme Lunt:
Here is a patch for packet-ber.c that only includes the upgraded dissect_unknown_ber()

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16798 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFrom Marc Petit-Huguenin
etxrab [Wed, 14 Dec 2005 20:43:39 +0000 (20:43 +0000)]
From Marc Petit-Huguenin

This is a patch that add support for the latest drafts[1] in the STUN dissectors. I choose to add TURN directly in the STUN dissector instead of creating a new dissector because of the decision at the latest IETF meeting[2] to redefine TURN as an use case of STUN.

[1] ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-ietf-behave-rfc3489bis-02.txt
ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-rosenberg-midcom-turn-08.txt
ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-camarillo-midcom-turn-ipv6-00.txt
[2] http://www3.ietf.org/proceedings/05nov/minutes/behave.txt

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16797 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUse src and dst instead of net_src.
etxrab [Wed, 14 Dec 2005 20:01:21 +0000 (20:01 +0000)]
Use src and dst instead of net_src.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16796 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoClose the dictionary files after reading from them.
lego [Wed, 14 Dec 2005 09:50:11 +0000 (09:50 +0000)]
Close the dictionary files after reading from them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16795 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoupdate Ethereal command line options -D and -i
ulfl [Wed, 14 Dec 2005 09:43:16 +0000 (09:43 +0000)]
update Ethereal command line options -D and -i

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16794 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agodocument latest command line changes:
ulfl [Wed, 14 Dec 2005 09:16:30 +0000 (09:16 +0000)]
document latest command line changes:

new: -D to list interfaces
changed: -i will also accept indices (rather than complete names only)

text copied from the tethereal.pod file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16793 f5534014-38df-0310-8fa8-9805f1628bb7

13 years ago"a & b == c" is, in C, parsed as "a & (b == c)" - and if b and c are the
guy [Wed, 14 Dec 2005 07:33:07 +0000 (07:33 +0000)]
"a & b == c" is, in C, parsed as "a & (b == c)" - and if b and c are the
same, and have only one bit set, "(a & b) == c", which is what is
intended, is the same as "a & b".

In addition, we don't want to do desegmentation if "isup_apm_desegment"
isn't set, so that test should be ANDed with the other two tests.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16792 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoConstify a bunch of arguments and variables, to squelch compiler
guy [Wed, 14 Dec 2005 07:29:38 +0000 (07:29 +0000)]
Constify a bunch of arguments and variables, to squelch compiler
warnings.

Include "wiretap/libpcap.h" in "capture_loop.h", to get its declarations
of data structures for headers in libpcap files.  This lets us remove
the includes of "wiretap/libpcap.h from files including
"capture_loop.h".

Make "log_func_ignore()" in "tethereal.c" static, and declare some of
its arguments unused.  Also get rid of an unused variable.

Include <pcap.h> before including "wiretap/wtap-capture.h", to declare
"struct pcap_pkthdr".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16791 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agohmmm, the include sequence might be important too ...
ulfl [Wed, 14 Dec 2005 01:45:09 +0000 (01:45 +0000)]
hmmm, the include sequence might be important too ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16790 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoadd missing include
ulfl [Wed, 14 Dec 2005 00:10:23 +0000 (00:10 +0000)]
add missing include

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16789 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoadd a new directory 'test', currently containing an alpha test (using some simple...
ulfl [Tue, 13 Dec 2005 23:15:20 +0000 (23:15 +0000)]
add a new directory 'test', currently containing an alpha test (using some simple bash scripts) of the ethereal/tethereal command line parameters. See the file README.test for details.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16788 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoHUGE STEP (hopefully toward the right direction):
ulfl [Tue, 13 Dec 2005 22:48:58 +0000 (22:48 +0000)]
HUGE STEP (hopefully toward the right direction):
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.

concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.

remove redundant code from dumpcap.c

this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16787 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agowe don't use the command line option -W any longer, remove it from a comment
ulfl [Tue, 13 Dec 2005 22:35:28 +0000 (22:35 +0000)]
we don't use the command line option -W any longer, remove it from a comment

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16786 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agomake get_if_name() parameter if_text const, it's not changed inside
ulfl [Tue, 13 Dec 2005 22:33:55 +0000 (22:33 +0000)]
make get_if_name() parameter if_text const, it's not changed inside

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16785 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agowe are opening the file for writing....
lego [Tue, 13 Dec 2005 22:08:37 +0000 (22:08 +0000)]
we are opening the file for writing....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16784 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agohandle sccp connections.
lego [Tue, 13 Dec 2005 22:07:09 +0000 (22:07 +0000)]
handle sccp connections.
(first step towards RANAP analysis).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16783 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAvoid the default sccp.ssn range to overwrite sccp.ssns of other dissectors.
lego [Tue, 13 Dec 2005 22:04:02 +0000 (22:04 +0000)]
Avoid the default sccp.ssn range to overwrite sccp.ssns of other dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16782 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoChange reassembly to include first empty segment, check if SLR exists.
etxrab [Tue, 13 Dec 2005 21:14:54 +0000 (21:14 +0000)]
Change reassembly to include first empty segment, check if SLR exists.
Change pinfo->src/dst to use SS7 address for reassembly to use the correct key.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16781 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoThrow an exception if we have an invalid offset. Fixes bug 585.
gerald [Tue, 13 Dec 2005 17:00:03 +0000 (17:00 +0000)]
Throw an exception if we have an invalid offset.  Fixes bug 585.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16780 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoFix some bit mask tests - & has lower priority than !=, so "a & b != c"
guy [Tue, 13 Dec 2005 10:59:33 +0000 (10:59 +0000)]
Fix some bit mask tests - & has lower priority than !=, so "a & b != c"
means "a & (b != c)", not "(a & b) != c".

Put in a comment noting a potential problem with defragmentation,
pointed out by a compiler warning that apm_Segmentation_local_ref might
not be set before it's used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16779 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoEscape question marks when they could be interpreted as part of a
guy [Tue, 13 Dec 2005 10:54:11 +0000 (10:54 +0000)]
Escape question marks when they could be interpreted as part of a
trigraph.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16778 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoAdd tvb_fake_unicode().
guy [Tue, 13 Dec 2005 10:09:52 +0000 (10:09 +0000)]
Add tvb_fake_unicode().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16777 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoUpdate from samba tree revision 12185 to 12205
jmayer [Tue, 13 Dec 2005 09:30:09 +0000 (09:30 +0000)]
Update from samba tree revision 12185 to 12205
============================ Samba log start ============
------------------------------------------------------------------------
r12205 | jelmer | 2005-12-13 02:56:04 +0100 (Tue, 13 Dec 2005) | 2 lines

Support 'TFS' command in conformance files

------------------------------------------------------------------------
============================ Samba log end ==============

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16776 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoupdate the work-in-progress pidl generated wkssvc dissector and add a conformance...
sahlberg [Tue, 13 Dec 2005 07:53:52 +0000 (07:53 +0000)]
update the work-in-progress pidl generated wkssvc dissector and add a conformance file using the new nice TFS conformance file directive

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16775 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoswap Trip/Close as per bug 579
sahlberg [Tue, 13 Dec 2005 06:36:30 +0000 (06:36 +0000)]
swap Trip/Close as per bug 579

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16774 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoasn2eth.py:
gerald [Tue, 13 Dec 2005 03:48:26 +0000 (03:48 +0000)]
asn2eth.py:

Catch a TypeError that gets thrown if we don't use any conversion
specifiers during string formatting.

H.248:

Don't dereference a null pointer.  Fixes bug 626.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16773 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agoWe should really do quit Ethereal if user asked us to do so with the -Q option!
ulfl [Tue, 13 Dec 2005 02:09:14 +0000 (02:09 +0000)]
We should really do quit Ethereal if user asked us to do so with the -Q option!

Update the window title, right after the fixed capture finished. This might be required if the loading of the capture file afterwards just fails, leaving the title unchanged.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16772 f5534014-38df-0310-8fa8-9805f1628bb7

13 years agodon't try to close wtap, if we couldn't load the wiretap file
ulfl [Tue, 13 Dec 2005 01:17:36 +0000 (01:17 +0000)]
don't try to close wtap, if we couldn't load the wiretap file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@16771 f5534014-38df-0310-8fa8-9805f1628bb7