guy [Mon, 6 Oct 2003 09:18:07 +0000 (09:18 +0000)]
From Michael Lum: ALCAP (Q.2630.1) support.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8624
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 6 Oct 2003 09:08:06 +0000 (09:08 +0000)]
From Lars Roland: not all compilers like static const arrays with
unknown size, so don't use them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8623
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 6 Oct 2003 08:58:00 +0000 (08:58 +0000)]
(Based on a patch from Lars Roland.)
Use "gtk_dialog_new()" to create the window - that doesn't create a
"dialog box" in the sense of a transient-for window, but it does create
a window with a button vbox that the code expects to be present.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8622
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 6 Oct 2003 08:35:30 +0000 (08:35 +0000)]
From packet steve: get rid of some duplicate field definitions (some
aren't exactly duplicates, but they both set the same hf_ variable).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8621
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 6 Oct 2003 08:10:32 +0000 (08:10 +0000)]
Fix the handling of padding bytes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8620
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 6 Oct 2003 07:26:10 +0000 (07:26 +0000)]
Update a URL.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8619
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 6 Oct 2003 02:01:47 +0000 (02:01 +0000)]
Fix 4 warnings in case of strict-aliasing by declaring timestamp as time_t
instead of int.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8618
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 5 Oct 2003 23:27:24 +0000 (23:27 +0000)]
Another strict-aliasing warning fix - I hope I got this right :)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8617
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 5 Oct 2003 23:09:59 +0000 (23:09 +0000)]
variable.type is of type u_char, so use 0 instead of NULL
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8616
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 5 Oct 2003 22:44:24 +0000 (22:44 +0000)]
Fix 3 strict-aliasing warnings:
Use TFS(&var) instead of VALS(&var) in case var is a true-false-string
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8615
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 5 Oct 2003 22:38:09 +0000 (22:38 +0000)]
Get rid of another strict-aliasing warning:
verify_tfs is a true-false-string : dereference it accordingly
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8614
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Sun, 5 Oct 2003 21:57:36 +0000 (21:57 +0000)]
Fix warning about strict-aliasing
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8613
f5534014-38df-0310-8fa8-
9805f1628bb7
sharpe [Sun, 5 Oct 2003 14:58:11 +0000 (14:58 +0000)]
Further updates on mkcap.c
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8612
f5534014-38df-0310-8fa8-
9805f1628bb7
sharpe [Sun, 5 Oct 2003 05:04:32 +0000 (05:04 +0000)]
Add mkcap.c, a little utility to generate reasonable looking TCP capture
files for pedagogic use.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8611
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 4 Oct 2003 16:44:34 +0000 (16:44 +0000)]
If a payload type doesn't have a dissector function, don't crash by calling
through the null dissector pointer, just dissect it as "Payload".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8610
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 4 Oct 2003 03:10:18 +0000 (03:10 +0000)]
Fix to IO-Stat.
IO-Stat failed to produce Advanced/COUNT(*) statistics for fields of type FT_NONE.
Fixed.
Now it is possible to do :
Advanced/COUNT(*) Filter:tcp.analysis.retransmission Field:tcp.analysis.retransmission
Advanced/COUNT(*) Filter:tcp.analysis.duplicate_ack Field:tcp.analysis.duplicate_ack
And it will plot the number of Retransmissions and Duplicate ACKs seen in each time interval.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8609
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 23:31:05 +0000 (23:31 +0000)]
From Michael Lum:
support for Global RNC ID;
fixed some typos
added push of 'NAS PDU' so that a GSM 24.008 (DTAP) dissector
can be added.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8608
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 23:22:12 +0000 (23:22 +0000)]
From Steve Limkemann:
Added two new "well known destinations": SD_IOPWR AND SD_UTIL.
Added logic to dissect the CMD_SET_TIME command.
Added an alterate destination for the CMD_PGM_START command.
Added logic to dissect the CMD_SCHED_MSG_REPLACE command.
Added logic to dissect the CMD_USDT_REGISTER command.
Added logic to dissect the CMD_USDT_SET_FUNCTIONAL command.
Added logic to dissect the following commands
CMD_IOPWR_GETINP
CMD_IOPWR_GETLATCH
CMD_IOPWR_CLRLATCH
CMD_IOPWR_GETOUT
CMD_IOPWR_SETOUT
CMD_IOPWR_SETBIT
CMD_IOPWR_CLRBIT
CMD_IOPWR_GETPOWER
CMD_UTIL_SET_INIT_STRATEGY
CMD_UTIL_GET_INIT_STRATEGY
Added the ability to recongnize more IOCTLS. (For the SJA1000 driver, LIN
and power drivers.)
Added the ability to recognize more card types.
Added dissection of more fields for CMD_SCHED_TX command.
Bug fixes and general updating.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8607
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 23:10:00 +0000 (23:10 +0000)]
From Michael Lum: ANSI MAP support.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8606
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 22:38:56 +0000 (22:38 +0000)]
Include "mkstemp.h" only if we're including our own "mkstemp()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8605
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Fri, 3 Oct 2003 21:19:10 +0000 (21:19 +0000)]
Graham Bloice: Add missing #include mkstemp.h
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8604
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Fri, 3 Oct 2003 21:12:49 +0000 (21:12 +0000)]
Use #ifndef HAVE_UNISTD_H instead of #ifdef _WIN32
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8603
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 21:03:00 +0000 (21:03 +0000)]
From Graham Bloice: define YY_NO_UNISTD_H on Win32, so that if Flex was
a UNIX version generating code that, by default, assumes you have
<unistd.h> (as might be the case with recent versions of Cygwin, which I
assume *does* supply <unistd.h>), but you're building on a platform that
lacks <unistd.h> (e.g., building with MSVC++ or MinGW), you can still
compile.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8602
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 20:58:13 +0000 (20:58 +0000)]
From Anders Broman:
fix some cut and paste errors in "upgraded parameter" routine;
more BICC work.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8601
f5534014-38df-0310-8fa8-
9805f1628bb7
tuexen [Fri, 3 Oct 2003 20:18:15 +0000 (20:18 +0000)]
- Fixed a typo.
- Changed the default checksum algorithm from Adler32 to CRC32C.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8600
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Fri, 3 Oct 2003 09:09:35 +0000 (09:09 +0000)]
Update ipx and conversation list to make it possible to select and filter for ipx conversations from the conversation list popup menu
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8599
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 3 Oct 2003 04:41:21 +0000 (04:41 +0000)]
Fix a typo.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8598
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 22:44:19 +0000 (22:44 +0000)]
Add RCS IDs.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8597
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 2 Oct 2003 22:28:04 +0000 (22:28 +0000)]
Fix document creation under Windows, add ethereal-filter.html to the NSIS
package.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8596
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:48:35 +0000 (21:48 +0000)]
From Jean-Baptiste Marchand: add operation names for browser service.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8595
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:45:55 +0000 (21:45 +0000)]
From Jean-Baptiste Marchand: add additional operation names for dfssvc.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8594
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:40:22 +0000 (21:40 +0000)]
From Jean-Baptiste Marchand: add/update names for svcctl operations.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8593
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:37:24 +0000 (21:37 +0000)]
From Jean-Baptiste Marchand: add names for new dnsserver operations for
W2K3.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8592
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:18:38 +0000 (21:18 +0000)]
From Tomas Kukosa: radio button groups are GSLists, which means that the
radio button group for a button changes when new buttons are added to it
(adding to the beginning of a singly-linked list takes constant time,
adding to the end takes time linear in the length of the list, and a
GSList * points to the beginning of the list). Re-fetch the radio
button group each time through the loop that adds new radio buttons to a
radio button group for a preference.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8591
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:06:11 +0000 (21:06 +0000)]
Don't put an entry for a protocol into the Preferences dialog if it
doesn't have any settable preferences (for example, if it has only
obsolete preferences).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8590
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 21:04:32 +0000 (21:04 +0000)]
RTNET has no preferences, so don't register a preferences module for it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8589
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 2 Oct 2003 19:22:39 +0000 (19:22 +0000)]
Add an example for "-d".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8588
f5534014-38df-0310-8fa8-
9805f1628bb7
gerald [Thu, 2 Oct 2003 14:03:57 +0000 (14:03 +0000)]
Fix a malformed "=head1" tag.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8587
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 2 Oct 2003 06:13:29 +0000 (06:13 +0000)]
From Samuel Qu, Michael Lum, and Jeff Morriss: TCAP support, and
"asn_id_decode1()" variant of "asn_id_decode()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8586
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 21:51:59 +0000 (21:51 +0000)]
Reject frames with no command (too short) or an invalid command.
Clean up white space somewhat.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8585
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 21:15:45 +0000 (21:15 +0000)]
The PDU length is 3 bytes long in SLPv2.
The minimum number of bytes of SLP we have to reassemble is 5 - it's
nominally 4 for SLPv1, but we don't have a way of asking for 1 byte (the
version) and then saying "I need N bytes of header to get the PDU
length, and an SLPv1 packet less than 12 bytes long is bogus anyway.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8584
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 20:36:36 +0000 (20:36 +0000)]
Filters in Ethereal are usually display filters, not read filters; go
back to describing them as such.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8583
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 20:27:35 +0000 (20:27 +0000)]
Add ethereal-filter.4.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8582
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 20:26:50 +0000 (20:26 +0000)]
Put in some missing $(srcdir)/.
Get rid of redundant "../{t}ethereal.1" in CLEANFILES (they were already
there).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8581
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 19:44:05 +0000 (19:44 +0000)]
Update for the new ethereal-filter man page.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8580
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 19:41:06 +0000 (19:41 +0000)]
dfilter2pod.pl and ethereal-filter.pod.template are in $(srcdir) (which
defauls to the current directory), not in the parent directory.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8579
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 18:19:16 +0000 (18:19 +0000)]
Have a pseudo-header for Ethernet packets, giving the size of the FCS -
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".
Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).
Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.
Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8578
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Wed, 1 Oct 2003 15:09:32 +0000 (15:09 +0000)]
Put the display-filter elements into it's own manpage (ethereal-filter.4)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8577
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Wed, 1 Oct 2003 14:59:41 +0000 (14:59 +0000)]
Put the display-filter elements into it's own manpage (ethereal-filter.4)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8576
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 08:53:12 +0000 (08:53 +0000)]
The max count high field is 32 bits, and, in order to compare it
against 0xffffffff, it has to be extracted into a 32-bit variable.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8575
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 1 Oct 2003 07:11:49 +0000 (07:11 +0000)]
Have a pseudo-header for Ethernet packets, giving the size of the FCS -
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".
Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).
Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.
Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8574
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Tue, 30 Sep 2003 20:51:19 +0000 (20:51 +0000)]
From Giles Scott: add some new hardware types.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8573
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 29 Sep 2003 21:50:03 +0000 (21:50 +0000)]
Clean up a bunch of length processing - use the reported length rather
than the captured length, and fix up some other stuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8572
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 29 Sep 2003 21:12:15 +0000 (21:12 +0000)]
From Michael Lum: fix some val_to_str calls to have a non-null format
string for unknown values.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8571
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 29 Sep 2003 19:32:14 +0000 (19:32 +0000)]
xyzzy
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8570
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 29 Sep 2003 19:20:51 +0000 (19:20 +0000)]
use mkstemp instead of tmpnam
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8569
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 29 Sep 2003 19:18:44 +0000 (19:18 +0000)]
Whitespace changes in order to make diff produce more readable results
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8568
f5534014-38df-0310-8fa8-
9805f1628bb7
jmayer [Mon, 29 Sep 2003 19:17:34 +0000 (19:17 +0000)]
Added comment: XXX Argh maxcnt_high is guint16 and thus 16 bit -> always false
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8567
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Mon, 29 Sep 2003 18:50:47 +0000 (18:50 +0000)]
From Emanuele Caratti:
just use "g_free()" to free the buffer in "md5_xor()", as it
doesn't throw exceptions;
temporarily #ifdef out "tacplus_acct_flags" pending the
arrival of code to dissect the TACACS+ accounting stuff.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8566
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Mon, 29 Sep 2003 06:41:46 +0000 (06:41 +0000)]
- in show_relations() : select the first row of the relation_list when
using gtk+ v2.
- get rid of some unused variables.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8565
f5534014-38df-0310-8fa8-
9805f1628bb7
tpot [Mon, 29 Sep 2003 00:01:27 +0000 (00:01 +0000)]
More operation names updates from Jean-Baptiste Marchand.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8564
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 28 Sep 2003 23:15:40 +0000 (23:15 +0000)]
It appears that, at least for gigabit pod captures, there are time stamp
differences between versions 002.001 and 002.002.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8563
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sun, 28 Sep 2003 21:39:53 +0000 (21:39 +0000)]
"compute_offset_length()" must, if it returns FALSE, and "exception" is
non-null, set "*exception" to the appropriate exception - its callers
rely on it.
Now that it does that, there's no need for "check_offset_length()" to
check for a length of -1, as "compute_offset_length()" does so, and
therefore "check_offset_length_no_exception()" does so.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8562
f5534014-38df-0310-8fa8-
9805f1628bb7
tpot [Sun, 28 Sep 2003 11:35:20 +0000 (11:35 +0000)]
Operation name updates for winreg pipe from Jean-Baptiste Marchand.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8561
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 28 Sep 2003 01:52:57 +0000 (01:52 +0000)]
Prettify NFSv2 decorate COL_INFO and the tree pane as has already been done for v3
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8560
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 28 Sep 2003 00:11:01 +0000 (00:11 +0000)]
in ReadAndX
when reading what could potentially be the maxcount high field
assume that IF it is 0xFFFFFFFF that it is not maxcount high at all but
instead just some padding/reserved bytes.
If this field is 0xFFFFFFFF just ignore it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8559
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sun, 28 Sep 2003 00:00:36 +0000 (00:00 +0000)]
Update to SMB service response time stats.
For short packets, we might not have enough of the payload to decode
the transaction info levels and thus that data structure is NULL.
check the pointer to this struct first before we try to dereference it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8558
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 27 Sep 2003 23:51:09 +0000 (23:51 +0000)]
From Anders Broman: further dissect APM messages containing BICC stuff,
and fix a bug in the "upgraded parameter code".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8557
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 27 Sep 2003 23:48:04 +0000 (23:48 +0000)]
From JBM update some function names in Netlogon
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8556
f5534014-38df-0310-8fa8-
9805f1628bb7
sahlberg [Sat, 27 Sep 2003 23:45:25 +0000 (23:45 +0000)]
From JBM update the function names for Messenger
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8555
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 27 Sep 2003 23:43:29 +0000 (23:43 +0000)]
From Jean-Baptiste Marchand: add names of operations in WKSSVC.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8554
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Sat, 27 Sep 2003 23:34:57 +0000 (23:34 +0000)]
From Jean-Baptiste Marchand: add names of DFS-related operations in
SRVSVC.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8553
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 23:11:17 +0000 (23:11 +0000)]
From Nathan Jennings:
update the CList as you enter/modify options;
give Windows users OS descriptions in the displayed devices
list;
display at least 5 rows in the lists;
get rid of the "extra" CList for storing edited values.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8552
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 22:29:42 +0000 (22:29 +0000)]
Get the RTP payload types from rtp_pt.h rather than defining them
ourselves.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8551
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 22:20:08 +0000 (22:20 +0000)]
From Tomas Kukosa:
1) string tables for t35CountryCode, t35Extension and
h221ManufacturerCode were moved into the new file t35.c
because they are common for more dissectors
2) the dissect_h245_NonStandardParameter_with_extension_marker()
was moved from h245 to h225 and renamed to
dissect_h225_NonStandardParameter() because the
NonStandardData type is different for H.225.0 and H.245
3) type of the "h245.nsp.object" dissector table was changed from
FT_UINT32 to FT_STRING, so it can select a dissector based on
an OID rather than the Adler-32 hash of an OID
4) the "h225.nsp.object" and "h225.nsp.h221" dissector tables
were created
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8550
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 21:32:38 +0000 (21:32 +0000)]
For (non-heuristic) SIP-over-TCP, dissect stuff that's neither a request
nor a response as continuation data. For SIP-over-everything-else,
reject it.
Parse the headers regardless of whether we're building a protocol tree
or not; if we're not, we just do it to look for a blank line separating
the headers from the body. Do that instead of scanning for the message
body separately.
When scanning for a colon, don't scan past the end of the line.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8549
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 20:00:38 +0000 (20:00 +0000)]
Make the non-heuristic SIP dissector reject the packet if it doesn't
look like a SIP packet, so some other dissector gets a chance at it.
When looking for the blank line separating headers from data, use
"tvb_find_line_end()" so we handle CR/LF and LF as end-of-line
indications (RFC 2543 says "senders MUST terminate lines with a CRLF",
but it also says "but receivers MUSTalso interpret CR and LF by
themselves as line terminators"), and return an offset past the end of
the buffer, rather than -1, if we don't find it (not all packets have
one).
When checking whether a header is one we know about, do a
case-insensitive comparison (RFC 2543 says header field names are
case-insensitive).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8548
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 08:19:55 +0000 (08:19 +0000)]
The LAPB dissector can be called from the Ethernet dissector; don't
assume we have an X.25 pseudo-header.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8547
f5534014-38df-0310-8fa8-
9805f1628bb7
tpot [Fri, 26 Sep 2003 06:30:13 +0000 (06:30 +0000)]
This commit refactors the dcerpc authentication subdissectors for
handling encrypted request/response PDUs. Instead of having
dissection function pointers which perform both decryption and
dissection, the function pointers now only decrypt the DCERPC fragment
payload. Dissection is handled by the dcerpc_try_handoff() function
(with DCERPC fragment reassembly if necessary).
Details:
- Move the dcerpc_auth_info struct into dcerpc.h as it is now used in
the function prototype for the decryption function handlers.
- decode_encrypted_data() was refactored to take a boolean request
parameter instead of passing the DCERPC PDU packet type.
- A tvbuff_t * data field was added to dcerpc_auth to hold the
verifier. This is passed as an argument to the decryption function
handlers.
- Dissection of verifiers in request and response PDUs was moved to
before the payload.
- The dissect_dcerpc_cn_stub() function was refactored to perform
the decryption process and hand decrypted data to the reassembly
code instead of performing the decryption after reassembly.
- Removed references to decrypted_info_t as it's not necessary
anymore.
Code was tested using encrypted and unencrypted fragmented PDUs.
Before this commit ethereal could not dissect unencrypted (!)
fragmented PDUs correctly.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8546
f5534014-38df-0310-8fa8-
9805f1628bb7
tpot [Fri, 26 Sep 2003 04:43:05 +0000 (04:43 +0000)]
Use zero to mean we haven't seen any authentication level information
in dcerpc_auth_info since auth_level is an unsigned type. Zero is
not a valid authentication level anyway (s13.1.2.1, p611 CAE spec).
Remove two inscrutable debugging comments that don't seem to mean anything.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8545
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Fri, 26 Sep 2003 02:09:44 +0000 (02:09 +0000)]
Assorted GUI cleanups.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8544
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 19:35:14 +0000 (19:35 +0000)]
RTP analysis updates from Lars Ruoff:
- can now handle streams with different payload types
- detects payload changes
- detects comfort noise (PT=13 and 19)
- status line now shows: sequence errors, payload changes,
comfort noise (if any)
- uses colours for lines with status != "Ok"
- new button "next": jumps to next line with status != "Ok"
(starting from selected line)
- fixed: wrong jitter calculation (bug from tap_rtp)
- fixed: marker was not shown on first packet or erroneous
packets (bug from tap_rtp)
- code refactored to improve readability and reuse
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8543
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 19:35:02 +0000 (19:35 +0000)]
Add PT_CN_OLD, so the RTP analysis code can get the RTP payload types it
needs from this header.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8542
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 11:27:24 +0000 (11:27 +0000)]
In "nds_defrag()", handle "request_value->ncp_rec" being null.
In "dissect_nds_request()", insert the request information into the hash
table the first time we see the packet, regardless of whether we created
a new conversation or not.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8541
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 08:31:52 +0000 (08:31 +0000)]
Correctly handle the case where the selected frame doesn't pass the
filter and no frames after it pass the filter either.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8540
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 08:20:01 +0000 (08:20 +0000)]
If the currently selected frame doesn't pass the display filter, select
the closest frame to that frame that did pass the display filter, if any
did.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8539
f5534014-38df-0310-8fa8-
9805f1628bb7
tpot [Thu, 25 Sep 2003 01:50:41 +0000 (01:50 +0000)]
When showing a fragment subtree, put spaces after colons to make things
look a bit nicer. Also separate frame and payload data by a comma.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8538
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 00:37:51 +0000 (00:37 +0000)]
From Laurent Rabret:
handle 802.1Q frames;
catch the destroy signal on the main Ethereal window and destroy
our windows (avoids a crash).
Get the PPP type value for IP from "ppptypes.h" rather than defining it
ourselves.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8537
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Thu, 25 Sep 2003 00:08:58 +0000 (00:08 +0000)]
From Matthijs Melchior: check whether the ring buffer timeout has
expired *before* writing a packet, rather than *after* writing a packet,
so that if you get no packets for a sufficiently long period that the
timeout expires before you get a new packet, the new packet is in the
beginning of a new file (as you might get more packets right after that,
and want them to be in the new file, rather than have the first packet
at the end of one file and the rest of the packets in another file).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8536
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 23:53:11 +0000 (23:53 +0000)]
From packet steve: update to give the correct name for "file_access.c",
and add a discussion of how data_offset works.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8535
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 23:35:39 +0000 (23:35 +0000)]
From David Frascone: have an 802.11 dissector that byte-swaps the frame
control field, and have a preference in the LWAPP dissector to specify
whether to use it or the regular 802.11 dissector, as some hardware
sends out LWAPP-encapsulated 802.11 packets with a byte-swapped FC field.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8534
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 18:41:37 +0000 (18:41 +0000)]
From Anders Broman: fix a crash, and fix trailing whitespace on
Transaction ID.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8533
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 18:35:58 +0000 (18:35 +0000)]
From Tomas Kukosa:
Remove the internal packet-per.c functions
"dissect_per_length_determinant()" and
"dissect_per_normally_small_nonnegative_whole_number()" from the
plugin API, as they shouldn't be used outside the PER dissector.
Remove the H.225/H.245 functions
"dissect_h225_TransportAddress()" and
"dissect_h245_NonStandardParameter()" from the plugin API until
we really need them in plugins.
Add the string dissector table functions to the plugin API.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8532
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 08:43:34 +0000 (08:43 +0000)]
Add a "file_selection_new()" routine that does all the positioning (GTK+
2.x) and transient-for setting that's done for other dialogs, and use it
for dialogs that come from the main window or from children of the main
window.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8531
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 08:05:50 +0000 (08:05 +0000)]
From Yaniv Kaul: DCERPC OXID operation #5 dissection.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8530
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 07:48:12 +0000 (07:48 +0000)]
From Lars Ruoff: rewritten RTP analysis module.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8529
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Wed, 24 Sep 2003 06:18:20 +0000 (06:18 +0000)]
In packet_list_button_pressed_cb (gtk2 version) :
- put back the event_button->window == GTK_CLIST(w)->clist_window test
now that we use the correct structure definition for GtkCList (from
the right include file, not from our version of gtkclist.h).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8528
f5534014-38df-0310-8fa8-
9805f1628bb7
oabad [Wed, 24 Sep 2003 06:15:53 +0000 (06:15 +0000)]
Renamed gktclist.[ch] to gtkclist_v12.[ch] to avoid conflicts with the
real gtkclist.h file when building the gtk+ v2 gui.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8527
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 03:34:00 +0000 (03:34 +0000)]
Create a protocol tree if we don't have one, we're constructing the Info
column, and we need stuff from the protocol tree for the Info column.
Go back to the previous scheme for constructing the Info column; the
previous change fixes the problems for which the Info column changes
were fixes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8526
f5534014-38df-0310-8fa8-
9805f1628bb7
guy [Wed, 24 Sep 2003 02:36:35 +0000 (02:36 +0000)]
Pass a pointer to a "capture_file" structure to
"set_menus_for_selected_packet()" and
"set_menus_for_selected_tree_row()", and have them decide whether to
enable or disable menu items based on whether that structure indicates
that a packet or field is selected and, if one is, on its properties.
Pass to the "selected packet enabled" routine for a menu item the
"frame_data" and "edt" members of the "capture_file" structure, and pass
to the "selected tree row enabled" routine the "field_info" member of
that structure.
Clear "cf->current_frame" if no packet is selected.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8525
f5534014-38df-0310-8fa8-
9805f1628bb7