guy [Sat, 5 Jun 2010 02:19:45 +0000 (02:19 +0000)]
Clean up indentation.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33104
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 5 Jun 2010 01:55:06 +0000 (01:55 +0000)]
Clarify an error message (and the corresponding comment).
Fix the no-libpcap build.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33103
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Sat, 5 Jun 2010 00:29:31 +0000 (00:29 +0000)]
Back out r33088 for now.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33102
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 5 Jun 2010 00:25:46 +0000 (00:25 +0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4831 :
Add the data read/write length to the NFS tree so it is filterable.
From me: don't bother incrementing the offset just to decrement it again.
Change the hf info a bit.
(Ideally the RPC dissector would add the length to the tree not as a text
item; that is left for future work.)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33101
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 5 Jun 2010 00:08:37 +0000 (00:08 +0000)]
Catch some cases that don't currently work.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33100
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 4 Jun 2010 23:16:31 +0000 (23:16 +0000)]
From Chris Maynard via bug 1546:
Add units to the rate.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33099
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 4 Jun 2010 23:08:08 +0000 (23:08 +0000)]
Thou shalt not have a tap whose listener is always active; that means,
for example, that, if it's a TShark tap, TShark can never be run with
"-w -", as it means that TShark will always have to dissect the packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33098
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 20:52:02 +0000 (20:52 +0000)]
Add a preference that allows the user to decide if they want the calling and
called GTs (if RI=GT) put in the (pinfo) source and destination (and thus into
the source and destination columns).
This may help (if the PCs change but the GT does not) or hurt (if the GT or RI
change but the PCs do not) TCAP's ability to identify which messages belong to
which TCAP "session."
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33097
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 20:48:45 +0000 (20:48 +0000)]
Use a gboolean to store a boolean and change the plurality on the preference name
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33096
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Fri, 4 Jun 2010 20:37:23 +0000 (20:37 +0000)]
Set props on llrp directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33095
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 20:36:43 +0000 (20:36 +0000)]
Add a preference that allows the user to decide if they want the source and
destination address PC or GT (depending on the RI) put in the (pinfo) source and
destination (and thus into the source and destination columns).
This may help (if the IP addresses change but the PC or GT do not) or hurt (if
the PC, GT, or RI change but the IP addresses do not) TCAP's ability to identify
which messages belong to which TCAP "session."
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33094
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 19:57:11 +0000 (19:57 +0000)]
Add BIN_DIR. If it is '.' then set WIRESHARK_RUN_FROM_BUILD_DIRECTORY so that we test plugins
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33093
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 4 Jun 2010 19:49:12 +0000 (19:49 +0000)]
Add a checkapis target.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33092
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 19:37:31 +0000 (19:37 +0000)]
Increase LENGTH_OID a bit to give us more room for ACNs (probably more than will ever be used).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33091
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 4 Jun 2010 19:29:26 +0000 (19:29 +0000)]
Fix comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33090
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 4 Jun 2010 19:28:39 +0000 (19:28 +0000)]
tcaphash_context_t.oid is of size LENGTH_OID+1, not LENGTH_OID. Just use sizeof(tcaphash_context_t.oid) instead of LENGTH_OID so we can use that last byte. This allows us to retrieve the whole ACN when the ACN is LENGTH_OID bytes long.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33089
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 4 Jun 2010 18:45:02 +0000 (18:45 +0000)]
From Matt Poduska via bug 1957 (with minor changes):
New dissector (plugin) to support decode of the EPCglobal Low-Level Reader
protocol (see llrp.org for more information). This dissector has passed fuzz
testing.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33088
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 4 Jun 2010 18:28:02 +0000 (18:28 +0000)]
According to RFC 3220 section 7 the max UDVM message size is 65536,
not 65535. Hopefully fixes bug 4837.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33087
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Fri, 4 Jun 2010 17:59:53 +0000 (17:59 +0000)]
From Samu Varjonen: Whitespace cleanup
Tabs converted to 8 spaces and trailing whitespaces removed, etc.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33086
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 4 Jun 2010 16:59:49 +0000 (16:59 +0000)]
If BIN_DIR is ".", set WIRESHARK_RUN_FROM_BUILD_DIRECTORY so that we
test plugins.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33085
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Fri, 4 Jun 2010 15:07:17 +0000 (15:07 +0000)]
Description for netscape-cert-type bit 4 (e.g. see docs.sun.com/source/816-5531-10/poli_ext.htm#
1078885)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33084
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Fri, 4 Jun 2010 14:36:53 +0000 (14:36 +0000)]
RCS 3280, which obsoletes RFC 2459, allows an IA5String CHOICE in the DisplayText of a UserNotice.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33083
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Fri, 4 Jun 2010 12:14:18 +0000 (12:14 +0000)]
From Holger Freyther via bug 4841:
Add a new dissector for the NexusWare C7 MTP over UDP/TCP protocol. One of
NexusWare's example applications provide a way to forward MTP Level 3 messages
via UDP/TCP. This is a dissector for this protocol (which is lacking an IANA
assigned port).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33082
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Fri, 4 Jun 2010 05:57:05 +0000 (05:57 +0000)]
Set the right DPI for PDF production.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33081
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Fri, 4 Jun 2010 01:32:21 +0000 (01:32 +0000)]
From Sven Eckelmann: Remove recursion for aggregated packets in batman dissector
"Different developers wanted to have the recursive dissector for aggregated
packets changed to a iterative approach."
See Bug #4836: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4836
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33080
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Fri, 4 Jun 2010 00:45:37 +0000 (00:45 +0000)]
From Cal Turney: The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles.
"The method used in packet-nfs.c to calculate a 32-bit hash representing the
32-byte filehandle is faulty in that the hash often matches multiple
filehandles."
"This patch uses CRC-32 to calculate the hash.
We (EMC GNS) have tested this patch for the past two years and we have not
found a single case where the hash matched more than one filehandle."
See Bug #4839: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4839
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33079
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Thu, 3 Jun 2010 21:39:38 +0000 (21:39 +0000)]
Bring more texts and examples up to date.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33078
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 3 Jun 2010 19:14:18 +0000 (19:14 +0000)]
Fix a gcc -Wshadow warning
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33077
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 3 Jun 2010 18:57:25 +0000 (18:57 +0000)]
Set the (pinfo) address if a PC is present (for now: regardless of whether routing is on GT or not).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33076
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 3 Jun 2010 18:56:39 +0000 (18:56 +0000)]
From Sven Eckelmann: Change recursion for aggregated packets to iteration.
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33075
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Thu, 3 Jun 2010 13:53:03 +0000 (13:53 +0000)]
Improved readability when displaying seconds with hours and minutes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33074
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Thu, 3 Jun 2010 13:04:22 +0000 (13:04 +0000)]
- Add tap-sv.c and packet-sv.c to the list of files to build
- Whitespace fixes
- Add Fedora 64 bit to the list of platforms where cmake should
work
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33073
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 3 Jun 2010 08:22:08 +0000 (08:22 +0000)]
Use g_hash_table_new_full().
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33072
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Thu, 3 Jun 2010 07:47:07 +0000 (07:47 +0000)]
From Pascal Quantin:
Avoid triggering a malformed packet error when decoding a simple UE terminated Detach Request when the EMM cause IE is not present:
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33071
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Thu, 3 Jun 2010 07:38:27 +0000 (07:38 +0000)]
Whitespace/indentation/code style cleanup.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33070
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 3 Jun 2010 02:23:36 +0000 (02:23 +0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4832 :
Add field 'nfs.ops.count' in the detail pane of NFSv4 calls and replies that
displays the number of operations in NFSv4 COMPOUND requests/replies.
From me: change the blurb wording a bit.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33069
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 3 Jun 2010 02:15:32 +0000 (02:15 +0000)]
From Cal Turney via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4830 :
Display the fsid (filesystem ID) in decimal as well as hex in the "attributes"
section of the header in NFSv3/v4 replies.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33068
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Thu, 3 Jun 2010 02:05:52 +0000 (02:05 +0000)]
From Peter Harris via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4820 :
Mesa moved its API description file again.
Also, while I'm here, I noticed that they stopped using signed tags, so add
--tags to "git describe" for a better description of the mesa version used to
build the X11 dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33067
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 3 Jun 2010 02:03:32 +0000 (02:03 +0000)]
From: Sven Eckelmann:Add support for v10 packet format
"v10 of the packet format was added recently and could be added
to the wireshark dissector"
See: Bug #4833: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4833
From me:
- Fix a compile error: ...version=tvb_get_ntohs...
- Fix a missing = NULL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33066
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 3 Jun 2010 01:22:18 +0000 (01:22 +0000)]
Sorry, I forgot that 8.6. UDVM Cycles says
Note that the number of UDVM cycles MUST NOT be increased if a
request for additional compressed data fails.
so we *shouldn't* increase the cycle count further when
SIGCOMP_INSTR_INPUT_BYTES fails. That does *NOT* of course, mean that
we shouldn't increase the cycle count by 1 for a failed INPUT-BYTES
instruction - that would leave UDVM vulnerable to infinite loops (as per
bug 4826), and I *really* doubt that was their intent; presumably, it
means it should not be increased *by the number of cycles for the
additional data*:
Additionally, if the UDVM successfully requests n bits of
compressed data using one of the INPUT instructions then the
number of available UDVM cycles is increased by n *
cycles_per_bit once the instruction has been executed.
if the attempt to get that additional data fails.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33065
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 3 Jun 2010 00:52:08 +0000 (00:52 +0000)]
Add back a few 'if (check_col()...' removed by me in a previous commit.
Possibly it's better to use an 'if (checkcol()' if the enclosed call to
'col_...' has "complex" arguments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33064
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 3 Jun 2010 00:42:21 +0000 (00:42 +0000)]
From Reinhard Speyerer via bug 4779:
From reading the rawshark(1) manpage my assumption was that rawshark
could be used like
$ /usr/bml/bin/rawshark -s -r test.pcap -d encap:EN10MB ...
However rawshark either expects the -r argument to be -
(read from stdin) or a pipe which results in the following error
message:
rawshark: ".../test.pcap" is neither an interface nor a pipe
The proposed rawshark.pod patch updates the -r description to
the implemented rawshark functionality.
The patch also applies to the current SVN version.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33063
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 3 Jun 2010 00:26:27 +0000 (00:26 +0000)]
From Sven Eckelmann: Synchronize bat dissector with batadv dissector
"Different people made changes to enhance the batman-adv dissector. It seems
that the batman dissector wasn't touched and misses those changes. Following
patchset should improve the dissector the same way Gerald Combs, Guy Harris and
Bill Meier improved batman-adv."
See Bug #4384: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4834
From me: Add back a few 'if (check_col()) ...';
I probably went just a bit too far in changes I made in packet-batadv.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33062
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 22:16:49 +0000 (22:16 +0000)]
Increment the cycle count no matter what. Increase the cycle count
further when SIGCOMP_INSTR_INPUT_BYTES fails. Fixes the infinite loop
found in bug 4826.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33061
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Wed, 2 Jun 2010 21:36:24 +0000 (21:36 +0000)]
From Sven Eckelmann: Fix endless recursive loop
See Bug #2631: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2631
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33060
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 2 Jun 2010 19:29:14 +0000 (19:29 +0000)]
From David Bond:
Added the IEEE defined ether types for TRILL and Layer 2 ISIS. Also had ISIS
register itself with the ethertype dissector.
References:
http://www.postel.org/pipermail/rbridge/2010-May/003998.html
http://tools.ietf.org/html/draft-ietf-isis-layer2-05
http://tools.ietf.org/html/draft-ietf-trill-rbridge-protocol-16
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4825
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33059
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Wed, 2 Jun 2010 19:01:16 +0000 (19:01 +0000)]
Set Subversion properties right.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33058
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Wed, 2 Jun 2010 19:00:20 +0000 (19:00 +0000)]
Misc changes:
- Clear info col before beginning dissection;
- Remove some uneeded forward declarations;
- Remove some ... = NULL initializers;
- Display protocol as BATADV_??? if unknown type;
- '(gwflags & 0x7C) >> 3' ==> '(gwflags & 0x78) >> 3'
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33057
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 18:13:00 +0000 (18:13 +0000)]
From Chris Maynard via bug 4014:
This trivial patch merely displays the ICMP ID and sequence # in the Info
column.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33056
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Wed, 2 Jun 2010 18:11:17 +0000 (18:11 +0000)]
check_col() no longer required;
Use col_add_fstr() instead of col_clear()/col_append_fstr() combo.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33055
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Wed, 2 Jun 2010 17:59:18 +0000 (17:59 +0000)]
Added packet-batadv.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33054
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 2 Jun 2010 17:33:45 +0000 (17:33 +0000)]
Fix incorrect fetch of version field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33053
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 17:10:55 +0000 (17:10 +0000)]
From Sven Eckelmann via but 2631:
The wireless meshing protocol B.A.T.M.A.N. Advanced changed their packet format
in such a way that now versions can be identified and so correct dissection of
the packets can be supported by wireshark.
Since it is a ever moving target it is very possible that the packet format is
changing slightly. The dissector was written in such a way that new version can
be supported relative easy.
I hope that it sufficient for the inclusion in wireshark.
I tried to fuzzing it some hours and no error was reported.
From me:
Initialize our dissector handles.
Merge packet-batadv.h into packet-batadv.c. It isn't included anywhere else.
Fuzz 500 passes using attached capture files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33052
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Wed, 2 Jun 2010 16:01:51 +0000 (16:01 +0000)]
Initialize no_vs_avps_ext with a pointer to a valid 'match' function so we don't crash in val_to_str_ext() if an AVP from an unknown vendor is encountered.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33051
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Wed, 2 Jun 2010 15:09:11 +0000 (15:09 +0000)]
Definition of certificatePolicies certificate extension and removal of warnings
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33050
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Wed, 2 Jun 2010 14:58:42 +0000 (14:58 +0000)]
CA Version certificate extension
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33049
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Wed, 2 Jun 2010 14:42:57 +0000 (14:42 +0000)]
Bug 3597 - implicit octet string that is constructed causes PRES/FTAM dissect failure
Introduced some state to remember last dissected Tag/Length so that they can be recalled if an IMPLICIT tag is encountered and stripped. This allows its to be determined if the value has a constructed value - and so can be reassembled.
In this case, it is a IMPLICIT constructed OCTET STRING at the presentation layer.
Many thanks to Fred Gruman for identifying - and apologies for the delay in commiting.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33048
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Wed, 2 Jun 2010 13:36:10 +0000 (13:36 +0000)]
Minor change to remember the object identifier.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33047
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Wed, 2 Jun 2010 13:33:37 +0000 (13:33 +0000)]
Updated get_ber_length to handle multiple nested indefinite length encodings.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33046
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 2 Jun 2010 10:50:39 +0000 (10:50 +0000)]
Clean up a bit, fix indent.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33045
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Wed, 2 Jun 2010 07:47:12 +0000 (07:47 +0000)]
Set default ignore targets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33044
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Wed, 2 Jun 2010 06:17:02 +0000 (06:17 +0000)]
Update value_strings with IE names.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33043
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 00:30:25 +0000 (00:30 +0000)]
From Jim Young via bug 4331:
This patch adds a new '-S' option to editcap that will rewrite timestamps of
packets to insure that the new capture file is in strict chronological order.
This option's primary use case is to fixup the occasional timestamps that have
a negative delta time relative to previous packet.
This feature is related to (but does not depend on) capinfos enhancement
submitted in bug #4315 which helps identify tracefiles with "out-of-order"
packets.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33042
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 00:24:03 +0000 (00:24 +0000)]
From Jim Young via bug 4049:
This patch adds a new '-o' option to capinfos (enabled by default) to report if
the packets within a particular capture file are in strict chronological time
order or not.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33041
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Wed, 2 Jun 2010 00:20:12 +0000 (00:20 +0000)]
Rebuild the IEC 61850 dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33040
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Tue, 1 Jun 2010 23:27:16 +0000 (23:27 +0000)]
From Michael Bernhard via bug 3398 with minor fixups:
I've created a ASN.1 dissector for the IEC 61850 Sampled Values protocol. It
dissects ethernet frames of the IEC 61850-9-2LE specification form the UCA
International User Group.
There is also a new TAP for tshark (-R sv) which extracts the important
information of the frame and allows to create plots (with external tools) of
the sampled values.
I've developed under Linux (Ubuntu 8.10) but everything should be in place for
successful compilation under Windows.
It would be great if this dissector could be included in wireshark. I'm looking
forward for your comments.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33039
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 1 Jun 2010 22:23:22 +0000 (22:23 +0000)]
Remove the now unused value_strings.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33038
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 1 Jun 2010 22:22:09 +0000 (22:22 +0000)]
- Traffic flow template miss dissected, use de_sm_tflow_temp()
insted.
- Dissect vendor id of private message.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33037
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Tue, 1 Jun 2010 22:20:15 +0000 (22:20 +0000)]
From Kovarththanan Rajaratnam via bug 3500:
Sébastien's initial commit [1] didn't contain support for embedding Python on
Windows.
[1] http://anonsvn.wireshark.org/viewvc?view=rev&revision=28529
From me:
Comment out PYTHON_EMBED for now.
Start a list of known Python+CRT versions.
Add get_wspython_dir to libwireshark.def.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33036
f5534014-38df-0310-8fa8-
9805f1628bb7
sfisher [Tue, 1 Jun 2010 18:33:16 +0000 (18:33 +0000)]
Per Jaap's suggestion on -dev list: remove "with new_packet_list" from
version output since it has been the default for a while now and show
"with old_packet_list" if compiled as such.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33035
f5534014-38df-0310-8fa8-
9805f1628bb7
sfisher [Tue, 1 Jun 2010 18:32:03 +0000 (18:32 +0000)]
There's no need to assign numerical values to the enum values.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33034
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Tue, 1 Jun 2010 18:10:21 +0000 (18:10 +0000)]
From Herbert Lischka:
Lori made a simple change to the bacapp.c file for segmentation parsing.
Basically all fragments have some common data in the APDU which is useful to
see parsed in the tree.
I added support for vendor numbers bigger than 255.
Corrected Info column for "message fragment" and "message reassembled"
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33033
f5534014-38df-0310-8fa8-
9805f1628bb7
gal [Tue, 1 Jun 2010 09:25:51 +0000 (09:25 +0000)]
The Permitted-Actions-Attribute is exported from ftam-exp.cnf as DISPLAY = BASE_HEX. This causes a runtime error and so we override the definition here until we can find the correct fix.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33032
f5534014-38df-0310-8fa8-
9805f1628bb7
stig [Tue, 1 Jun 2010 07:31:10 +0000 (07:31 +0000)]
Fixed a comment.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33031
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Tue, 1 Jun 2010 07:26:08 +0000 (07:26 +0000)]
From Pascal Quantin:
Decode the EIA0 (null integrity algorithm) bit in EMM messages. This was introduced in 3GPP 24.301 CR-0422 (Release 9.2) and is also used by the LTSI (LTE/SAE Trial Initiative) for interoperability tests between constructors (with Release 8 equipments). I also updated the description of EEA0 as stated in 24.302 release 9.2.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33030
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 1 Jun 2010 03:37:51 +0000 (03:37 +0000)]
capture() can, in some cases, return FALSE when the capture succeeds;
back out the change to check its return value until we fix that.
Also back out the test suite changes to look for an error exit for
invalid capture filters and interfaces.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33029
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 31 May 2010 19:37:26 +0000 (19:37 +0000)]
Wireshark requires routines from libm, such as ceil(), so link with it;
we shouldn't rely on getting it pulled in by other shared libraries, as
1) there's no guarantee that the other shared libraries we use
are linked with it or will continue to be linked with it;
2) there's no guarantee that we're even linking dynamically;
3) it fails on Fedora 13 as part of a change to catch programs
that implicitly (or explicitly) assume, in their build
procedures, that they'll get libraries linked in as a result
of linking with other libraries.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33028
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Mon, 31 May 2010 05:13:27 +0000 (05:13 +0000)]
From Ian Schorr:
NFS Dissector needs FH support for EMC Celerra.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4813
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33027
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Sun, 30 May 2010 21:39:41 +0000 (21:39 +0000)]
From Chris Maynard:
Fix for bug 4810 so PPP/USB dissector registers for IF_CLASS_CDC_DATA
- in addition to IF_CLASS_UNKNOWN and IF_CLASS_VENDOR_SPECIFIC, for those rare
occasions that the right set of circumstances arise where PPP traffic will be
(correctly) encapsulated in a USB frame of that interface class.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33026
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Sun, 30 May 2010 15:03:31 +0000 (15:03 +0000)]
[Automatic manuf and enterprise-numbers update for 2010-05-30]
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33023
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Sun, 30 May 2010 10:51:44 +0000 (10:51 +0000)]
From Matteo Valdina
There are two typos in the RTCP TMMBR packets:
1. In the dissector of RTCP TMMBR is written "messured" instead of measured.
2. In the text title field is written TMMBN instead on TMMBR and vice-versa.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33022
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Sun, 30 May 2010 10:28:21 +0000 (10:28 +0000)]
From Chris Maynard:
Fix for bug 4807 to handle compressed (NULL) address and control bytes.
The problem seems to be that the address and control bytes are missing,
presumably because they are compressed per section 3.2 of
http://tools.ietf.org/html/rfc1662. The attached patch tries to account for
that.
The patch also fixes another bug. If the hdlc framing character, 0x7e, is not
present, but the address and control fields are, then the offset might need to
be 3 bytes instead of only 2 bytes if the control field is escaped. Sometimes
it is escaped and sometimes it isn't, so we need to handle both cases.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33021
f5534014-38df-0310-8fa8-
9805f1628bb7
etxrab [Sat, 29 May 2010 22:29:09 +0000 (22:29 +0000)]
Increase the base size to 100 000 we are using more than that.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33020
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 29 May 2010 03:35:32 +0000 (03:35 +0000)]
Include glib.h (for g_snprintf).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33019
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 29 May 2010 03:34:05 +0000 (03:34 +0000)]
Add braces to avoid an ambiguous else
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33018
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 29 May 2010 03:33:28 +0000 (03:33 +0000)]
Put the optional objects in EXTRA..SOURCES instead of EXTRA_DIST.
Put the optional objects in a _DEPENDENCIES rule so they actually get built
when needed.
Use libtool to make these objects. Remove AC variables that are no longer
needed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33017
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 29 May 2010 01:00:52 +0000 (01:00 +0000)]
Make inet_aton an optional object on *NIX again
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33016
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Sat, 29 May 2010 00:34:08 +0000 (00:34 +0000)]
Remove a couple more references to the optional objects (that are now in wsutil)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33015
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 28 May 2010 23:00:29 +0000 (23:00 +0000)]
From Karl Heinz Wolf via bug 3571 (with minor changes):
Patch for the SIP dissector: the raw SIP message can be shown with our without
the "\r\n". User may want to remove the \r\n for clarity (by selecting a
checkbox).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33014
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 28 May 2010 20:37:18 +0000 (20:37 +0000)]
Add a missing variable from wsgetopt
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33013
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 28 May 2010 20:19:55 +0000 (20:19 +0000)]
Move some code (including the optional objects) into libwsutil
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33012
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Fri, 28 May 2010 18:04:56 +0000 (18:04 +0000)]
From Jakub Zawadzki via bug 4273:
After appending new record set packet_list->columnized to FALSE.
From me:
Use g_ptr_array_sort_with_data instead of g_qsort_with_data in case the
GPtrArray internals ever change.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33011
f5534014-38df-0310-8fa8-
9805f1628bb7
morriss [Fri, 28 May 2010 13:09:12 +0000 (13:09 +0000)]
Fix the Windows build
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33010
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Fri, 28 May 2010 11:48:29 +0000 (11:48 +0000)]
Remaining fixes for
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4788
- Compile the python code directly into epan - don't link it in as
a static lib.
- Call make-init-lua.pl with the top level directory instead of the
current directory. Change make-init-lua.pl accordingly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33009
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Fri, 28 May 2010 11:18:04 +0000 (11:18 +0000)]
Add proto_help.c to the list of files.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33008
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Fri, 28 May 2010 01:37:32 +0000 (01:37 +0000)]
Add svn:keywords & svn:eol-style properties
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33007
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 28 May 2010 01:09:28 +0000 (01:09 +0000)]
Use return rather than exit in main().
Return 2 for a capture error - we mainly use 1 for command-line syntax
errors (rather than, say, filter syntax errors or an invalid interface).
Now that TShark exits with an error status when given an invalid capture
filter or invalid interface, check for "error" rather than "success" as
an exit status.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33006
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 27 May 2010 23:55:04 +0000 (23:55 +0000)]
Add cf_fake_continue_tail() which is called when real-time capture
updates are off and which sets the capture file state to a value that
won't cause an assertion when the user stops capturing. Fixes bug 4035.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33005
f5534014-38df-0310-8fa8-
9805f1628bb7
wmeier [Thu, 27 May 2010 23:46:01 +0000 (23:46 +0000)]
Fix bug #4735: tshark returns 0 on non-valid filter and interface.
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4735
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33004
f5534014-38df-0310-8fa8-
9805f1628bb7
jake [Thu, 27 May 2010 21:54:58 +0000 (21:54 +0000)]
From Steven McCoy:
AFI fields are 2 bytes i.s.o. 1.
From me, several more size changes and decode cleanup.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@33003
f5534014-38df-0310-8fa8-
9805f1628bb7