obnox/wireshark/wip.git
17 years agoFixed bug in SAMDELTAS_request.
sahlberg [Wed, 13 Mar 2002 09:03:28 +0000 (09:03 +0000)]
Fixed bug in SAMDELTAS_request.
There is still a bug in the dissection of SAMDELTA_reply but this is due to
LSA_SECRET not being implemented yet which is embedded in one of the
netlogon structures.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4935 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdate dissect_ndr_nt_STRING so it can also accept FT_BYTES and for that type
sahlberg [Wed, 13 Mar 2002 07:38:34 +0000 (07:38 +0000)]
Update dissect_ndr_nt_STRING so it can also accept FT_BYTES and for that type
display the data as a hexadecimal string.

Update netlogon so that nt and lm challenge response bytes are displayed
in hexadecimal form and not pseudo-ascii

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4934 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGive the "prevent/allow medium removal" command the right name (it's
guy [Wed, 13 Mar 2002 02:52:21 +0000 (02:52 +0000)]
Give the "prevent/allow medium removal" command the right name (it's
"prevent/allow", not "prevent allow").

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4933 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Dinesh Dutt: initial dissection of a variable-length CDB.
guy [Tue, 12 Mar 2002 11:30:45 +0000 (11:30 +0000)]
From Dinesh Dutt: initial dissection of a variable-length CDB.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4932 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGet rid of unnecessary includes.
guy [Tue, 12 Mar 2002 10:40:01 +0000 (10:40 +0000)]
Get rid of unnecessary includes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4931 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoGet rid of the "--enable-snmp" option; instead, use "--with-ucdsnmp".
guy [Tue, 12 Mar 2002 10:37:04 +0000 (10:37 +0000)]
Get rid of the "--enable-snmp" option; instead, use "--with-ucdsnmp".
Make the directory option to "--with-ucdsnmp" optional.  Handle
"--with-ucdsnmp" similar to the way "--with-pcap" is handled.

Get rid of unnecessary #defines in "packet-cops.c".

Get rid of no-longer-necessary include of "dlfcn.h" in "packet-snmp.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4930 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSmall fix for dissect_ndr_nt_UNICODE_STRING_str() in packet-dcerpc-nt.c
sahlberg [Tue, 12 Mar 2002 08:16:41 +0000 (08:16 +0000)]
Small fix for dissect_ndr_nt_UNICODE_STRING_str() in packet-dcerpc-nt.c
so that NETLOGON will not dump core (since netlogon has these structs as top
level reference pointers)

Addition of full netlogon dissection. Full in the sense as it assumes the idl
is correct and complete.
Many calls and fields are unknown so they get dissected with "unknown long,
 contact ethereal-dev@... if you know what it is".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4929 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Adam Sulmicki: use "proto_tree_add_uint()" rather than
guy [Mon, 11 Mar 2002 08:47:46 +0000 (08:47 +0000)]
From Adam Sulmicki: use "proto_tree_add_uint()" rather than
"proto_tree_add_boolean()" for the "hf_eapol_keydes_key_index_indexnum"
field, as it's an FT_UINT8, not an FT_BOOLEAN.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4928 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIn the message at the end that indicates how Ethereal was configured,
guy [Mon, 11 Mar 2002 07:02:47 +0000 (07:02 +0000)]
In the message at the end that indicates how Ethereal was configured,
refer to "UCD SNMP" rather than just "SNMP".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4927 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdate various README and INSTALL files to reflect the requirement for
guy [Mon, 11 Mar 2002 02:12:41 +0000 (02:12 +0000)]
Update various README and INSTALL files to reflect the requirement for
UCD SNMP 4.2.2 or later if you want MIB-reading support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4926 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago"format_var()" returns a "malloc()"ed string, not a "g_malloc()"ed
guy [Mon, 11 Mar 2002 01:51:37 +0000 (01:51 +0000)]
"format_var()" returns a "malloc()"ed string, not a "g_malloc()"ed
string; free it with "free()", not "g_free()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4925 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIf we're linking with the UCD SNMP library, make "format_oid()" append a
guy [Mon, 11 Mar 2002 01:48:08 +0000 (01:48 +0000)]
If we're linking with the UCD SNMP library, make "format_oid()" append a
display of the symbolic form of the OID.  Remove code that used to do
that outside of "format_oid()".

Export "format_oid()" from "packet-snmp.c" and use it in
"packet-cops.c".

Remove support for CMU SNMP and older versions of UCD SNMP from
"packet-cops.c", as it has been removed from the rest of Ethereal.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4924 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut "extern" in front of the function declaration.
guy [Mon, 11 Mar 2002 01:42:58 +0000 (01:42 +0000)]
Put "extern" in front of the function declaration.

Update Gerald's e-mail address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4923 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThe "val_len" member of a "struct variable_list" should be set to the
guy [Mon, 11 Mar 2002 01:40:28 +0000 (01:40 +0000)]
The "val_len" member of a "struct variable_list" should be set to the
length of the variable's value, in bytes, not the length of the BER
encoding of that variable's value.  The latter setting means it won't be
correct for object IDs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4922 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFinal patch in preparing for NETLOGON dissector.
sahlberg [Mon, 11 Mar 2002 00:28:21 +0000 (00:28 +0000)]
Final patch in preparing for NETLOGON dissector.
Exported some functions from packet-dcerpc-samr.c and added two
more functions the netlogon dissector will need.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4921 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMove the STRING dissector to packet-dcerpc-nt.c and add one more parameter
sahlberg [Mon, 11 Mar 2002 00:15:20 +0000 (00:15 +0000)]
Move the STRING dissector to packet-dcerpc-nt.c and add one more parameter
to make it more similar to the UNICODE_STRING dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4920 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRename samr_dissect_LOGON_HOURS() to dissect_ndr_nt_LOGON_HOURS() and
sahlberg [Mon, 11 Mar 2002 00:00:15 +0000 (00:00 +0000)]
Rename samr_dissect_LOGON_HOURS() to dissect_ndr_nt_LOGON_HOURS() and
export it to other modules.
NETLOGON dissector (and others) will need this function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4919 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMoved dissect_ndr_nt_NTTIME() from packet-dcerpc-samr.c to packet-dcerpc-nt.c
sahlberg [Sun, 10 Mar 2002 23:24:48 +0000 (23:24 +0000)]
Moved dissect_ndr_nt_NTTIME() from packet-dcerpc-samr.c to packet-dcerpc-nt.c
since this function will be used by other NT services as well such as NETLOGON.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4918 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRemove code to show the presence, and version number, of the CMU SNMP
guy [Sun, 10 Mar 2002 23:19:44 +0000 (23:19 +0000)]
Remove code to show the presence, and version number, of the CMU SNMP
library, as we no longer support linking with that library.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4917 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse "ds_set_int()", not "snmp_set_suffix_only()", to set the "print
guy [Sun, 10 Mar 2002 23:17:00 +0000 (23:17 +0000)]
Use "ds_set_int()", not "snmp_set_suffix_only()", to set the "print
suffixes only" setting.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4916 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAbsolute and Relative times were swapped. Also add comment that there seems
sahlberg [Sun, 10 Mar 2002 23:13:04 +0000 (23:13 +0000)]
Absolute and Relative times were swapped. Also add comment that there seems
to be an unknown special time constant : 0x40000000 00000000 that we dont know
yet what it means.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4915 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse the "sprint_realloc_" routines in UCD SNMP 4.2.2 and later, rather
guy [Sun, 10 Mar 2002 22:18:12 +0000 (22:18 +0000)]
Use the "sprint_realloc_" routines in UCD SNMP 4.2.2 and later, rather
than the "sprint_" routines in UCD and CMU SNMP; the latter routines
have no bounds checking, and if you use them you cannot protect against
buffer overflows.

As we now require UCD SNMP 4.2.2 or later:

1) we no longer need code to support CMU SNMP;

2) we no longer need code to work around problems with UCD SNMP
   4.1.1;

and, as we no longer use the "sprint_" routines, we no longer need code
to work around the changed API and ABI of those routines in some
nonstandard versions of the UCD SNMP library.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4914 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't use "proto_tree_add_string_format()" when
guy [Sun, 10 Mar 2002 22:04:25 +0000 (22:04 +0000)]
Don't use "proto_tree_add_string_format()" when
"proto_tree_add_string()" will suffice.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4913 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse "dissect_ndr_nt_UNICODE_STRING_str()", not
guy [Sun, 10 Mar 2002 21:30:11 +0000 (21:30 +0000)]
Use "dissect_ndr_nt_UNICODE_STRING_str()", not
"dissect_ndr_nt_UNICODE_STRING_string()", in
"samr_dissect_connect2_server()"; that eliminates an unnecessary extra
level of protocol tree.

That removes the last call to "dissect_ndr_nt_UNICODE_STRING_string()";
eliminate that routine.

In "dissect_ndr_nt_UNICODE_STRING()", initially create the subtree with
the name of the field as a string, so that if an exception is thrown
before the name is set, the subtree won't show up as blank when
displayed or printed.  Also pass in the name to "dissect_ndr_pointer()",
so the same happens for subtrees below it.  Append only the string data,
not its name, to items up the tree, as the name was put in when the item
was created.  Also, when adding a colon before the string, put a space
after the colon, as is done elsewhere in Ethereal.

When appending additional strings, put the blank before the new string,
not after it.

In "dissect_ndr_nt_STRING()", put the subtree into the string with the
name of the field, rather than just "String".  Pass in that name to
"dissect_ndr_pointer()", so subtrees below it get a name when they're
initially created.

Get rid of colons in the name string passed to "dissect_ndr_pointer()"
in some calls.  Supply a non-null name string in more calls to
"dissect_ndr_pointer()", and fix some calls to pass in the name of the
field being handed to "dissect_ndr_pointer()".

There's no need to fetch the entire "header_field_info" structure for a
protocol field in order to get the field's name - just use
"proto_registrar_get_name()" to get the name.

Use a length of -1, not 0, when creating a subtree whose length will be
set when the dissection of the items under the subtree is complete; that
way, if an exception is thrown while dissecting the items - which means
the item goes past the end of the tvbuff - the item will refer to all
data to the end of the tvbuff, rather than referring to nothing.

Fix a typo in the name of the "hf_samr_unknown_string" field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4912 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCatch another "(NULL pointer)%s" we didn't catch with the previous
guy [Sun, 10 Mar 2002 03:11:10 +0000 (03:11 +0000)]
Catch another "(NULL pointer)%s" we didn't catch with the previous
checkin.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4911 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoPut a space between "(NULL pointer)" and the name of the item being
guy [Sun, 10 Mar 2002 03:09:48 +0000 (03:09 +0000)]
Put a space between "(NULL pointer)" and the name of the item being
dissected, just as is done with "(duplicate PTR)".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4910 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRegister the heuristic SMPP dissector with X.25.
guy [Sun, 10 Mar 2002 03:08:31 +0000 (03:08 +0000)]
Register the heuristic SMPP dissector with X.25.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4909 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoInitialize the "tm_isdst" field of a "struct tm" to -1 before passing it
guy [Sun, 10 Mar 2002 03:07:16 +0000 (03:07 +0000)]
Initialize the "tm_isdst" field of a "struct tm" to -1 before passing it
to "mktime()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4908 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoInitialize the "tm_isdst" field of a "struct tm" to -1 before passing it
guy [Sun, 10 Mar 2002 01:02:06 +0000 (01:02 +0000)]
Initialize the "tm_isdst" field of a "struct tm" to -1 before passing it
to "mktime()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4907 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFor Reverse ARP replies, the *target* hardware and protocol addresses
guy [Sun, 10 Mar 2002 00:05:20 +0000 (00:05 +0000)]
For Reverse ARP replies, the *target* hardware and protocol addresses
contain the interesting "XXX is at YYY" data; put that into the Info
column.  Thanks to Andreas Sikkema for catching this.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4906 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSigh. Tcpdump cannot handle capture files with a snapshot length of 0,
guy [Sat, 9 Mar 2002 23:07:26 +0000 (23:07 +0000)]
Sigh.  Tcpdump cannot handle capture files with a snapshot length of 0,
as BPF filters return either 0 if they fail or the snapshot length if
they succeed, and a snapshot length of 0 means success is
indistinguishable from failure and the filter expression would reject
all packets.

Now that a snapshot length of 0, inside Ethereal, means "snapshot length
unknown", we have to, when opening a libpcap file for output, make the
snapshot length some non-zero value.  We make it WTAP_MAX_PACKET_SIZE,
in case some program uses the snapshot length as a buffer size.  (That
doesn't help if there are packets with more than 65535 bytes of data; if
there are, we'd need to raise WTAP_MAX_PACKET_SIZE just to make those
files readable in Ethereal in any case.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4905 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix some "proto_tree_add_uint()" and "proto_tree_add_uint_hidden()"
guy [Sat, 9 Mar 2002 22:54:27 +0000 (22:54 +0000)]
Fix some "proto_tree_add_uint()" and "proto_tree_add_uint_hidden()"
calls that passed TRUE or FALSE, rather than an integer value, as the
last argument.

A SOCKS command is one byte, so make the "socks.command" field an
FT_UINT8.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4904 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse -1, rather than 0, as the length when creating an item with a
guy [Sat, 9 Mar 2002 22:46:29 +0000 (22:46 +0000)]
Use -1, rather than 0, as the length when creating an item with a
subtree under it, so that if an exception is thrown while we're
dissecting the items in the subtree, it runs to the end of the tvbuff
(as, if an exception is thrown, it means the item should cover the stuff
in the tvbuff *and* stuff beyond it).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4903 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Jouni Malinen: fix bugs in 802.11 authentication frame dissection.
guy [Sat, 9 Mar 2002 22:41:51 +0000 (22:41 +0000)]
From Jouni Malinen: fix bugs in 802.11 authentication frame dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4902 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoNo need to put ", N byte{s} at offset O" into the Info column twice;
guy [Sat, 9 Mar 2002 02:12:47 +0000 (02:12 +0000)]
No need to put ", N byte{s} at offset O" into the Info column twice;
once is enough.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4901 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix a comment.
guy [Thu, 7 Mar 2002 21:46:06 +0000 (21:46 +0000)]
Fix a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4899 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix a typo - IFT_ISO88025 is 9, not 8.
guy [Thu, 7 Mar 2002 21:31:12 +0000 (21:31 +0000)]
Fix a typo - IFT_ISO88025 is 9, not 8.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4898 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoBug fix from Marc Milgram: occasionally the VMS parser would read off
guy [Thu, 7 Mar 2002 21:08:33 +0000 (21:08 +0000)]
Bug fix from Marc Milgram: occasionally the VMS parser would read off
the end of string, and find some old data that looked useful, but was
bogus for the frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4897 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdates from Mike Frisch.
guy [Thu, 7 Mar 2002 05:51:11 +0000 (05:51 +0000)]
Updates from Mike Frisch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4895 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't say "without SNMP"; that can confuse people into thinking it means
guy [Wed, 6 Mar 2002 23:37:12 +0000 (23:37 +0000)]
Don't say "without SNMP"; that can confuse people into thinking it means
Ethereal doesn't dissect SNMP if not linked with an SNMP library (and
*did* confuse at least one person into thinking that).  Say "without
SNMP MIB support", instead, as you only lose the ability to read SNMP
MIBs and interpret OIDs and variable bindings according to those MIBs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4894 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agotvb_get_nstringz() needs to terminate a string with a NUL if the
gram [Wed, 6 Mar 2002 19:17:06 +0000 (19:17 +0000)]
tvb_get_nstringz() needs to terminate a string with a NUL if the
end of the tvbuff is reached before the maximum_length passed by the
caller is reached and before a terminating NUL is found. In this case,
tvb_get_nstringz() returns a -1, but if the string is not artificially
terminated with a NUL by tvb_get_nstringz(), the
caller has no idea where the string should end because 1) the
return value "-1" gives the impression that the string ends
at the end of the buffer but 2) the string does
not end at the end of the buffer, but somewhere in the middle, due
to the packet being shorter than expected.

tvb_get_nstringz() and tvb_get_nstringz0() were both modified.

The FT_STRINGZ case in proto_tree_add_item() is made simpler.

During regression testing, when investigating a regression that I later
corrected, I discovered that strings added through proto_tree_add_item
(FT_STRING, FT_STRINGZ, and FT_UINT_STRING) leaked memory due to double
allocation of the string. The proto_tree_add_string*() functions do
not leak memory, since they only copy the string once. The memory
leak was fixed by adding another argument to the static function
proto_tree_set_string() to let the string ftype code know to g_strdup()
the string or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4891 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRemove incorrect usage of ?: expression in favor or the correct,
gram [Wed, 6 Mar 2002 17:56:28 +0000 (17:56 +0000)]
Remove incorrect usage of ?: expression in favor or the correct,
and more readable, "if" statement.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4890 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRename function and variables for dissecting an NT service Account Control
sahlberg [Wed, 6 Mar 2002 10:01:17 +0000 (10:01 +0000)]
Rename function and variables for dissecting an NT service Account Control
bitmap and make the function not static.
This bitmap is present in other RPC protocols for NT services as well
besides SAMR.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4889 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMoved dissector for UNICODE_STRING structure from packet-dcerpc-samr.c to packet...
sahlberg [Wed, 6 Mar 2002 08:58:01 +0000 (08:58 +0000)]
Moved dissector for UNICODE_STRING structure from packet-dcerpc-samr.c to packet-dcerpc-nt.c since this is a structure that is common to all NT services and not only SAMR.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4888 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFixed bug in dissect_ndr_pointer(). Top level Unique and Full pointers are
sahlberg [Wed, 6 Mar 2002 08:28:57 +0000 (08:28 +0000)]
Fixed bug in dissect_ndr_pointer().  Top level Unique and Full pointers are
not encoded in the same way in the NDR representation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4887 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago1.3 was committed by mistake
itojun [Wed, 6 Mar 2002 06:36:22 +0000 (06:36 +0000)]
1.3 was committed by mistake

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4886 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoVRRPv3 (for IPv6) support, by sumikawa@kame.net
itojun [Wed, 6 Mar 2002 06:33:37 +0000 (06:33 +0000)]
VRRPv3 (for IPv6) support, by sumikawa@kame.net

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4885 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUse the gdb "x" (examine memory) command instead of "print" to obtain
gram [Wed, 6 Mar 2002 06:14:21 +0000 (06:14 +0000)]
Use the gdb "x" (examine memory) command instead of "print" to obtain
the packet data.  "print" will only show the first 200 members of an array,
whereas "x" doesn't seem to have a limit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4884 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Mike Frisch: remove debug printf statements.
guy [Wed, 6 Mar 2002 04:02:02 +0000 (04:02 +0000)]
From Mike Frisch: remove debug printf statements.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4883 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCheck to make sure SNMP_IPADDR items are 4 bytes long and SNMP_COUNTER64
guy [Wed, 6 Mar 2002 03:52:13 +0000 (03:52 +0000)]
Check to make sure SNMP_IPADDR items are 4 bytes long and SNMP_COUNTER64
items are 8 bytes long.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4882 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd ability to pull packet from add_packet_to_packet_list() frame.
gram [Wed, 6 Mar 2002 03:34:50 +0000 (03:34 +0000)]
Add ability to pull packet from add_packet_to_packet_list() frame.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4881 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThe length field in the TPKT header contains the length of the packet
guy [Tue, 5 Mar 2002 22:15:21 +0000 (22:15 +0000)]
The length field in the TPKT header contains the length of the packet
*including the length of the TPKT header itself*, not just the length of
the payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4880 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer: remove unused variables.
guy [Tue, 5 Mar 2002 12:03:27 +0000 (12:03 +0000)]
From Joerg Mayer: remove unused variables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4879 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer: use _U_ to flag unused arguments.
guy [Tue, 5 Mar 2002 11:56:00 +0000 (11:56 +0000)]
From Joerg Mayer: use _U_ to flag unused arguments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4878 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Adam Sulmicki: fixes to typos in comments.
guy [Tue, 5 Mar 2002 11:04:15 +0000 (11:04 +0000)]
From Adam Sulmicki: fixes to typos in comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4877 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix another problem found by the PROTOS captures - in
guy [Tue, 5 Mar 2002 09:18:58 +0000 (09:18 +0000)]
Fix another problem found by the PROTOS captures - in
"asn1_string_value_decode()", don't pass "g_malloc()" an argument of 0,
as "g_malloc()" will return NULL in that case, and the callers of
"asn1_string_value_decode()" aren't necessarily prepared for a null
argument.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4876 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoMake "wtap_seek_read()" return TRUE on success and FALSE on error, like
guy [Tue, 5 Mar 2002 08:40:27 +0000 (08:40 +0000)]
Make "wtap_seek_read()" return TRUE on success and FALSE on error, like
"wtap_read()".

Add some additional error checks to the Sniffer file reader.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4875 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHave "wtap_seek_read()" return 0 on success and -1 on failure, and take
guy [Tue, 5 Mar 2002 05:58:41 +0000 (05:58 +0000)]
Have "wtap_seek_read()" return 0 on success and -1 on failure, and take
an "err" argument that points to an "int" into which to put an error
code if it fails.

Check for errors in one call to it, and note that we should do so in
other places.

In the "wtap_seek_read()" call in the TCP graphing code, don't overwrite
"cfile.pseudo_header", and make the buffer into which we read the data
WTAP_MAX_PACKET_SIZE bytes, as it should be.

In some of the file readers for text files, check for errors from the
"parse the record header" and "parse the hex dump" routines when reading
sequentially.

In "csids_seek_read()", fix some calls to "file_error()" to check the
error on the random stream (that being what we're reading).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4874 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoThere's just a single H.225 dissector, for both Call Signaling and
guy [Tue, 5 Mar 2002 03:10:52 +0000 (03:10 +0000)]
There's just a single H.225 dissector, for both Call Signaling and
Registration, Admission, and Status, so just call it "h225", not
"h225_cs".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4871 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCut down the vertical spacing in the "Capture Options" dialog box.
guy [Tue, 5 Mar 2002 02:25:09 +0000 (02:25 +0000)]
Cut down the vertical spacing in the "Capture Options" dialog box.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4870 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom David Frascone: fix pathname of Diameter directory file.
guy [Tue, 5 Mar 2002 00:24:24 +0000 (00:24 +0000)]
From David Frascone: fix pathname of Diameter directory file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4869 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom David Frascone: dictionary fixes to NASREQ command codes.
guy [Tue, 5 Mar 2002 00:21:02 +0000 (00:21 +0000)]
From David Frascone: dictionary fixes to NASREQ command codes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4868 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Michael Tuexen: SCCP-atop-M3UA support.
guy [Tue, 5 Mar 2002 00:09:21 +0000 (00:09 +0000)]
From Michael Tuexen: SCCP-atop-M3UA support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4867 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSCCP support, from Jeff Morriss.
guy [Mon, 4 Mar 2002 22:39:22 +0000 (22:39 +0000)]
SCCP support, from Jeff Morriss.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4866 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd entries for March.
gerald [Mon, 4 Mar 2002 03:31:10 +0000 (03:31 +0000)]
Add entries for March.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4861 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoNote the update to the SCTP checksum code.
guy [Mon, 4 Mar 2002 01:39:12 +0000 (01:39 +0000)]
Note the update to the SCTP checksum code.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4860 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdate the "README.win32" file to reflect Andrew Feren's changes to use
guy [Mon, 4 Mar 2002 01:26:40 +0000 (01:26 +0000)]
Update the "README.win32" file to reflect Andrew Feren's changes to use
Python iff PYTHON is defined in "config.nmake".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4859 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix some items.
guy [Mon, 4 Mar 2002 00:31:26 +0000 (00:31 +0000)]
Fix some items.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4858 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoCheck for errors in seeks, "tell"s, and "stat()"s/"fstat()"s.
guy [Mon, 4 Mar 2002 00:25:35 +0000 (00:25 +0000)]
Check for errors in seeks, "tell"s, and "stat()"s/"fstat()"s.

For file types where we allocate private data, add "close" routines
where they were missing, to free the private data.  Also fix up the code
to clean up after some errors by freeing private data where that wasn't
being done.

Get rid of unused arguments to "wtap_dump_open_finish()".

Fix indentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4857 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoBump the version to 0.9.2. Update NEWS to include everything from February.
gerald [Sun, 3 Mar 2002 23:59:29 +0000 (23:59 +0000)]
Bump the version to 0.9.2.  Update NEWS to include everything from February.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4856 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Michael Tuexen: report the type of an unrecognized parameter.
guy [Sun, 3 Mar 2002 22:42:08 +0000 (22:42 +0000)]
From Michael Tuexen: report the type of an unrecognized parameter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4855 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Heikki Vatiainen: make "get_host_ipaddr()" require dotted-quad IP
guy [Sun, 3 Mar 2002 21:42:54 +0000 (21:42 +0000)]
From Heikki Vatiainen: make "get_host_ipaddr()" require dotted-quad IP
addresses to really be quads, i.e. have four numbers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4854 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoReport ASN.1 BER parsing errors closer to the point at which they're
guy [Sun, 3 Mar 2002 01:26:01 +0000 (01:26 +0000)]
Report ASN.1 BER parsing errors closer to the point at which they're
detected, so we do a better job of reporting the item with the problem.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4853 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAs there's nothing to dissect for LDAP_REQ_UNBIND, set "ret" to
guy [Sat, 2 Mar 2002 21:51:52 +0000 (21:51 +0000)]
As there's nothing to dissect for LDAP_REQ_UNBIND, set "ret" to
ASN1_ERR_NOERROR, as you can't have a dissection error if you've
dissected nothing.

When dissecting a Bind reply, set "ret" to the return value of
"dissect_ldap_response_bind()", so errors get reported properly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4851 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't check the message type if it's not of class ASN1_APL; instead,
guy [Sat, 2 Mar 2002 21:28:19 +0000 (21:28 +0000)]
Don't check the message type if it's not of class ASN1_APL; instead,
just display the message type and body as an error.

If the message type isn't a type we dissect, display the "Unknown
message type" entry with the right offset and length.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4850 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoTreat LDAP_REQ_UNBIND as a request with nothing in it, not as an unknown
guy [Sat, 2 Mar 2002 21:07:31 +0000 (21:07 +0000)]
Treat LDAP_REQ_UNBIND as a request with nothing in it, not as an unknown
request type.

Put the request types in order in the switch statement.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4849 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer: get rid of "-Wno-unused" flag in some configure
guy [Sat, 2 Mar 2002 20:51:46 +0000 (20:51 +0000)]
From Joerg Mayer: get rid of "-Wno-unused" flag in some configure
scripts, and check in changes to add _U_ to some unused arguments (some
other should perhaps be used, so we leave the _U_ out so that the
warnings serve as a reminder to check those).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4848 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer: get rid of "-Wno-unused" flag in some configure
guy [Sat, 2 Mar 2002 20:41:08 +0000 (20:41 +0000)]
From Joerg Mayer: get rid of "-Wno-unused" flag in some configure
scripts, and check in changes to add _U_ to some unused arguments (some
other should perhaps be used, so we leave the _U_ out so that the
warnings serve as a reminder to check those).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4847 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoTell people not to use "ulong" or "ushort".
guy [Sat, 2 Mar 2002 07:56:16 +0000 (07:56 +0000)]
Tell people not to use "ulong" or "ushort".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4845 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Michael Tuexen: update the CRC32 checksum code to match
guy [Sat, 2 Mar 2002 07:29:10 +0000 (07:29 +0000)]
From Michael Tuexen: update the CRC32 checksum code to match
draft-ietf-tsvwg-sctpcsum-03.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4844 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoTypo fix, from Michael Tuexen.
guy [Sat, 2 Mar 2002 07:23:56 +0000 (07:23 +0000)]
Typo fix, from Michael Tuexen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4843 f5534014-38df-0310-8fa8-9805f1628bb7

17 years ago"ulong" isn't defined on MacOS X (and probably isn't defined on some
guy [Sat, 2 Mar 2002 07:22:20 +0000 (07:22 +0000)]
"ulong" isn't defined on MacOS X (and probably isn't defined on some
other platforms, either) - don't use it.  Instead, use "guint32", as the
item in question is a 32-bit unsigned integer.

In fact, it's a 32-bit unsigned integer containing a bit set, and the
data type isn't a "long", so print it with "0x%08x", rather than
"0x%04lx", so that all 8 hex digits are printed, and so that the format
matches the data type.

It also doesn't have to be initialized - the only code path in which
it's used sets it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4842 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoUpdates from Mike Frisch.
guy [Fri, 1 Mar 2002 22:14:22 +0000 (22:14 +0000)]
Updates from Mike Frisch.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4840 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdded RSVP support for the Administrative Status object.
ashokn [Fri, 1 Mar 2002 21:39:01 +0000 (21:39 +0000)]
Added RSVP support for the Administrative Status object.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4839 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix two references to "proto_item_set_text()" and
guy [Fri, 1 Mar 2002 20:19:44 +0000 (20:19 +0000)]
Fix two references to "proto_item_set_text()" and
"proto_item_append_text()" to use the right names.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4838 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Andrew Feren: add ifdefs to the top-level Makefile.nmake to avoid
guy [Fri, 1 Mar 2002 06:52:14 +0000 (06:52 +0000)]
From Andrew Feren: add ifdefs to the top-level Makefile.nmake to avoid
using Python if PYTHON isn't defined.

Fix up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4837 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDon't link with the SNMP library by default.
gerald [Fri, 1 Mar 2002 03:42:13 +0000 (03:42 +0000)]
Don't link with the SNMP library by default.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4836 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHave the routines that supply a pointer to a newly-constructed item
guy [Fri, 1 Mar 2002 03:02:36 +0000 (03:02 +0000)]
Have the routines that supply a pointer to a newly-constructed item
always set that pointer if they return ASN1_ERR_NOERROR.  Have the
routines that call them use the value only if the routine returns
ASN1_ERR_NOERROR.  Don't bother setting the pointer before calling the
routine.

Report unknown modify operation types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4834 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoAdd a routine to "asn1.c" to translate ASN1_ERR_ values to strings. Use
guy [Fri, 1 Mar 2002 02:48:10 +0000 (02:48 +0000)]
Add a routine to "asn1.c" to translate ASN1_ERR_ values to strings.  Use
that in the SNMP dissector.

Check the return values of ASN.1 routines in the LDAP dissector, and
have all the subroutines in that disesctor that can return error
indications return ASN1_ERR_ values.

Have the routines that can supply a pointer to a newly-created
protocol-tree item use the right type for items ("proto_item *", not
"proto_tree *", even though they are, at least currently, typedefs for
the same type), and use "proto_item" for the type of the item a pointer
to which is passed to those routines.

Before calling those routines, set the item pointer to null, in case the
routine fails.

Don't check the return value of "parse_filter_strings()" against -1 -
that routine can't return -1.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4833 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoImprove the note on how to deal with items with subtrees when the text
guy [Thu, 28 Feb 2002 23:23:12 +0000 (23:23 +0000)]
Improve the note on how to deal with items with subtrees when the text
for the item should reflect what's in the subtree.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4832 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoHandle NBSS messages where the NBSS *header* is split across TCP segment
guy [Thu, 28 Feb 2002 23:09:03 +0000 (23:09 +0000)]
Handle NBSS messages where the NBSS *header* is split across TCP segment
boundaries.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4831 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoIn follow.c, initialize data_out_file to NULL, as it used to
gram [Thu, 28 Feb 2002 19:35:09 +0000 (19:35 +0000)]
In follow.c, initialize data_out_file to NULL, as it used to
be initialized in gtk/follow_dlg.c

In gtk/follow_dlg.c, declare data_out_file as 'extern'.

In tethereal.c, no longer define 'data_out_file', as the storage
for it is now in follow.c.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4830 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDeclare osinl_subdissector_table as 'extern'.
gram [Thu, 28 Feb 2002 19:24:24 +0000 (19:24 +0000)]
Declare osinl_subdissector_table as 'extern'.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4829 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFix the declaration of "addr_call_dissector" to match the function
guy [Wed, 27 Feb 2002 21:26:37 +0000 (21:26 +0000)]
Fix the declaration of "addr_call_dissector" to match the function
signature of "call_dissector()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4828 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoRemove unused variables, structure definitions, and functions.
gram [Wed, 27 Feb 2002 18:54:33 +0000 (18:54 +0000)]
Remove unused variables, structure definitions, and functions.
From Joerg Mayer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4827 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoSupport for IEEE 802.1w RST BPDUs, from Alex Ruzin.
guy [Wed, 27 Feb 2002 10:03:10 +0000 (10:03 +0000)]
Support for IEEE 802.1w RST BPDUs, from Alex Ruzin.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4825 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer:
guy [Wed, 27 Feb 2002 09:42:52 +0000 (09:42 +0000)]
From Joerg Mayer:

In the "configure.in" files, add

-D_U_="__attribute__((unused))"

to CFLAGS if we're using GCC, and add

-D_U_=""

otherwise, so _U_ can be used to mark arguments as unused.

Add -D_U_="" arguments to the Makefile.nmake files as well, so _U_ works
with Microsoft Visual C++ as well.

Add comments and RCS IDs to the Makefile.nmake files that don't already
have them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4824 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoFrom Joerg Mayer: remove unused variables and declarations of
guy [Wed, 27 Feb 2002 08:57:25 +0000 (08:57 +0000)]
From Joerg Mayer: remove unused variables and declarations of
non-existent functions.

Remove the "filetype" argument from the "can_write_encap" functions for
particular capture file types - the argument value is implicit, in that
the routine being called is the routine for that particular file type.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4823 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoLabel the data source for various forms of reassembled data with the
guy [Wed, 27 Feb 2002 05:45:48 +0000 (05:45 +0000)]
Label the data source for various forms of reassembled data with the
protocol that fragmented them, rather than just calling them
"Reassembled".  Do the same with uncompressed WCP data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4822 f5534014-38df-0310-8fa8-9805f1628bb7

17 years agoDisplay a different message in the COL_INFO field for anonymous session
tpot [Wed, 27 Feb 2002 02:42:19 +0000 (02:42 +0000)]
Display a different message in the COL_INFO field for anonymous session
setup packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4818 f5534014-38df-0310-8fa8-9805f1628bb7