git.samba.org - obnox/wireshark/wip.git/log

From Michael Lum: ALCAP (Q.2630.1) support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8624 f5534014-38df-0310-8fa8-9805f1628bb7

From Lars Roland: not all compilers like static const arrays with
unknown size, so don't use them.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8623 f5534014-38df-0310-8fa8-9805f1628bb7

(Based on a patch from Lars Roland.)

Use "gtk_dialog_new()" to create the window - that doesn't create a
"dialog box" in the sense of a transient-for window, but it does create
a window with a button vbox that the code expects to be present.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8622 f5534014-38df-0310-8fa8-9805f1628bb7

From packet steve: get rid of some duplicate field definitions (some
aren't exactly duplicates, but they both set the same hf_ variable).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8621 f5534014-38df-0310-8fa8-9805f1628bb7

Fix the handling of padding bytes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8620 f5534014-38df-0310-8fa8-9805f1628bb7

Update a URL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8619 f5534014-38df-0310-8fa8-9805f1628bb7

Fix 4 warnings in case of strict-aliasing by declaring timestamp as time_t
instead of int.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8618 f5534014-38df-0310-8fa8-9805f1628bb7

Another strict-aliasing warning fix - I hope I got this right :)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8617 f5534014-38df-0310-8fa8-9805f1628bb7

variable.type is of type u_char, so use 0 instead of NULL

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8616 f5534014-38df-0310-8fa8-9805f1628bb7

Fix 3 strict-aliasing warnings:
Use TFS(&var) instead of VALS(&var) in case var is a true-false-string

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8615 f5534014-38df-0310-8fa8-9805f1628bb7

Get rid of another strict-aliasing warning:
verify_tfs is a true-false-string : dereference it accordingly

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8614 f5534014-38df-0310-8fa8-9805f1628bb7

Fix warning about strict-aliasing

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8613 f5534014-38df-0310-8fa8-9805f1628bb7

Further updates on mkcap.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8612 f5534014-38df-0310-8fa8-9805f1628bb7

Add mkcap.c, a little utility to generate reasonable looking TCP capture
files for pedagogic use.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8611 f5534014-38df-0310-8fa8-9805f1628bb7

If a payload type doesn't have a dissector function, don't crash by calling
through the null dissector pointer, just dissect it as "Payload".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8610 f5534014-38df-0310-8fa8-9805f1628bb7

Fix to IO-Stat.

IO-Stat failed to produce Advanced/COUNT(*) statistics for fields of type FT_NONE.
Fixed.

Now it is possible to do :
Advanced/COUNT(*) Filter:tcp.analysis.retransmission Field:tcp.analysis.retransmission
Advanced/COUNT(*) Filter:tcp.analysis.duplicate_ack Field:tcp.analysis.duplicate_ack

And it will plot the number of Retransmissions and Duplicate ACKs seen in each time interval.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8609 f5534014-38df-0310-8fa8-9805f1628bb7

From Michael Lum:

support for Global RNC ID;

fixed some typos

added push of 'NAS PDU' so that a GSM 24.008 (DTAP) dissector
can be added.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8608 f5534014-38df-0310-8fa8-9805f1628bb7

From Steve Limkemann:

    Added two new "well known destinations": SD_IOPWR AND SD_UTIL.

    Added logic to dissect the CMD_SET_TIME command.

    Added an alterate destination for the CMD_PGM_START command.

    Added logic to dissect the CMD_SCHED_MSG_REPLACE command.

    Added logic to dissect the CMD_USDT_REGISTER command.

    Added logic to dissect the CMD_USDT_SET_FUNCTIONAL command.

    Added logic to dissect the following commands
       CMD_IOPWR_GETINP
       CMD_IOPWR_GETLATCH
       CMD_IOPWR_CLRLATCH
       CMD_IOPWR_GETOUT
       CMD_IOPWR_SETOUT
       CMD_IOPWR_SETBIT
       CMD_IOPWR_CLRBIT
       CMD_IOPWR_GETPOWER
       CMD_UTIL_SET_INIT_STRATEGY
       CMD_UTIL_GET_INIT_STRATEGY

    Added the ability to recongnize more IOCTLS.  (For the SJA1000 driver, LIN
        and power drivers.)

    Added the ability to recognize more card types.

    Added dissection of more fields for CMD_SCHED_TX command.

    Bug fixes and general updating.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8607 f5534014-38df-0310-8fa8-9805f1628bb7

From Michael Lum: ANSI MAP support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8606 f5534014-38df-0310-8fa8-9805f1628bb7

Include "mkstemp.h" only if we're including our own "mkstemp()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8605 f5534014-38df-0310-8fa8-9805f1628bb7

Graham Bloice: Add missing #include mkstemp.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8604 f5534014-38df-0310-8fa8-9805f1628bb7

Use #ifndef HAVE_UNISTD_H instead of #ifdef _WIN32

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8603 f5534014-38df-0310-8fa8-9805f1628bb7

From Graham Bloice: define YY_NO_UNISTD_H on Win32, so that if Flex was
a UNIX version generating code that, by default, assumes you have
<unistd.h> (as might be the case with recent versions of Cygwin, which I
assume *does* supply <unistd.h>), but you're building on a platform that
lacks <unistd.h> (e.g., building with MSVC++ or MinGW), you can still
compile.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8602 f5534014-38df-0310-8fa8-9805f1628bb7

From Anders Broman:

fix some cut and paste errors in "upgraded parameter" routine;

more BICC work.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8601 f5534014-38df-0310-8fa8-9805f1628bb7

- Fixed a typo.
- Changed the default checksum algorithm from Adler32 to CRC32C.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8600 f5534014-38df-0310-8fa8-9805f1628bb7

Update ipx and conversation list to make it possible to select and filter for ipx conversations from the conversation list popup menu

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8599 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8598 f5534014-38df-0310-8fa8-9805f1628bb7

Add RCS IDs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8597 f5534014-38df-0310-8fa8-9805f1628bb7

Fix document creation under Windows, add ethereal-filter.html to the NSIS
package.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8596 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add operation names for browser service.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8595 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add additional operation names for dfssvc.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8594 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add/update names for svcctl operations.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8593 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add names for new dnsserver operations for
W2K3.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8592 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa: radio button groups are GSLists, which means that the
radio button group for a button changes when new buttons are added to it
(adding to the beginning of a singly-linked list takes constant time,
adding to the end takes time linear in the length of the list, and a
GSList * points to the beginning of the list). Re-fetch the radio
button group each time through the loop that adds new radio buttons to a
radio button group for a preference.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8591 f5534014-38df-0310-8fa8-9805f1628bb7

Don't put an entry for a protocol into the Preferences dialog if it
doesn't have any settable preferences (for example, if it has only
obsolete preferences).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8590 f5534014-38df-0310-8fa8-9805f1628bb7

RTNET has no preferences, so don't register a preferences module for it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8589 f5534014-38df-0310-8fa8-9805f1628bb7

Add an example for "-d".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8588 f5534014-38df-0310-8fa8-9805f1628bb7

Fix a malformed "=head1" tag.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8587 f5534014-38df-0310-8fa8-9805f1628bb7

From Samuel Qu, Michael Lum, and Jeff Morriss: TCAP support, and
"asn_id_decode1()" variant of "asn_id_decode()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8586 f5534014-38df-0310-8fa8-9805f1628bb7

Reject frames with no command (too short) or an invalid command.

Clean up white space somewhat.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8585 f5534014-38df-0310-8fa8-9805f1628bb7

The PDU length is 3 bytes long in SLPv2.

The minimum number of bytes of SLP we have to reassemble is 5 - it's
nominally 4 for SLPv1, but we don't have a way of asking for 1 byte (the
version) and then saying "I need N bytes of header to get the PDU
length, and an SLPv1 packet less than 12 bytes long is bogus anyway.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8584 f5534014-38df-0310-8fa8-9805f1628bb7

Filters in Ethereal are usually display filters, not read filters; go
back to describing them as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8583 f5534014-38df-0310-8fa8-9805f1628bb7

Add ethereal-filter.4.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8582 f5534014-38df-0310-8fa8-9805f1628bb7

Put in some missing $(srcdir)/.

Get rid of redundant "../{t}ethereal.1" in CLEANFILES (they were already
there).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8581 f5534014-38df-0310-8fa8-9805f1628bb7

Update for the new ethereal-filter man page.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8580 f5534014-38df-0310-8fa8-9805f1628bb7

dfilter2pod.pl and ethereal-filter.pod.template are in $(srcdir) (which
defauls to the current directory), not in the parent directory.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8579 f5534014-38df-0310-8fa8-9805f1628bb7

Have a pseudo-header for Ethernet packets, giving the size of the FCS -
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".

Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).

Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.

Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8578 f5534014-38df-0310-8fa8-9805f1628bb7

Put the display-filter elements into it's own manpage (ethereal-filter.4)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8577 f5534014-38df-0310-8fa8-9805f1628bb7

Put the display-filter elements into it's own manpage (ethereal-filter.4)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8576 f5534014-38df-0310-8fa8-9805f1628bb7

The max count high field is 32 bits, and, in order to compare it
against 0xffffffff, it has to be extracted into a 32-bit variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8575 f5534014-38df-0310-8fa8-9805f1628bb7

Have a pseudo-header for Ethernet packets, giving the size of the FCS -
0 means "there is no FCS in the packet data", 4 means "there is an FCS
in the packet data", -1 means "I don't know whether there's an FCS in
the packet data, guess based on the packet size".

Assume that Ethernet encapsulated inside other protocols has no FCS, by
having the "eth" dissector assume that (and not check for an Ethernet
pseudo-header).

Have "ethertype()" take an argument giving the FCS size; pass 0 when
appropriate.

Fix up Wiretap routines to set the pseudo-header. This means we no
longer use the "generic" seek-and-read routine, so get rid of it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8574 f5534014-38df-0310-8fa8-9805f1628bb7

From Giles Scott: add some new hardware types.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8573 f5534014-38df-0310-8fa8-9805f1628bb7

Clean up a bunch of length processing - use the reported length rather
than the captured length, and fix up some other stuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8572 f5534014-38df-0310-8fa8-9805f1628bb7

From Michael Lum: fix some val_to_str calls to have a non-null format
string for unknown values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8571 f5534014-38df-0310-8fa8-9805f1628bb7

xyzzy

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8570 f5534014-38df-0310-8fa8-9805f1628bb7

use mkstemp instead of tmpnam

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8569 f5534014-38df-0310-8fa8-9805f1628bb7

Whitespace changes in order to make diff produce more readable results

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8568 f5534014-38df-0310-8fa8-9805f1628bb7

Added comment: XXX Argh maxcnt_high is guint16 and thus 16 bit -> always false

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8567 f5534014-38df-0310-8fa8-9805f1628bb7

From Emanuele Caratti:

just use "g_free()" to free the buffer in "md5_xor()", as it
doesn't throw exceptions;

temporarily #ifdef out "tacplus_acct_flags" pending the
arrival of code to dissect the TACACS+ accounting stuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8566 f5534014-38df-0310-8fa8-9805f1628bb7

- in show_relations() : select the first row of the relation_list when
using gtk+ v2.
- get rid of some unused variables.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8565 f5534014-38df-0310-8fa8-9805f1628bb7

More operation names updates from Jean-Baptiste Marchand.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8564 f5534014-38df-0310-8fa8-9805f1628bb7

It appears that, at least for gigabit pod captures, there are time stamp
differences between versions 002.001 and 002.002.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8563 f5534014-38df-0310-8fa8-9805f1628bb7

"compute_offset_length()" must, if it returns FALSE, and "exception" is
non-null, set "*exception" to the appropriate exception - its callers
rely on it.

Now that it does that, there's no need for "check_offset_length()" to
check for a length of -1, as "compute_offset_length()" does so, and
therefore "check_offset_length_no_exception()" does so.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8562 f5534014-38df-0310-8fa8-9805f1628bb7

Operation name updates for winreg pipe from Jean-Baptiste Marchand.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8561 f5534014-38df-0310-8fa8-9805f1628bb7

Prettify NFSv2 decorate COL_INFO and the tree pane as has already been done for v3

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8560 f5534014-38df-0310-8fa8-9805f1628bb7

in ReadAndX
when reading what could potentially be the maxcount high field
assume that IF it is 0xFFFFFFFF that it is not maxcount high at all but
instead just some padding/reserved bytes.

If this field is 0xFFFFFFFF just ignore it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8559 f5534014-38df-0310-8fa8-9805f1628bb7

Update to SMB service response time stats.
For short packets, we might not have enough of the payload to decode
the transaction info levels and thus that data structure is NULL.

check the pointer to this struct first before we try to dereference it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8558 f5534014-38df-0310-8fa8-9805f1628bb7

From Anders Broman: further dissect APM messages containing BICC stuff,
and fix a bug in the "upgraded parameter code".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8557 f5534014-38df-0310-8fa8-9805f1628bb7

From JBM update some function names in Netlogon

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8556 f5534014-38df-0310-8fa8-9805f1628bb7

From JBM update the function names for Messenger

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8555 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add names of operations in WKSSVC.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8554 f5534014-38df-0310-8fa8-9805f1628bb7

From Jean-Baptiste Marchand: add names of DFS-related operations in
SRVSVC.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8553 f5534014-38df-0310-8fa8-9805f1628bb7

From Nathan Jennings:

update the CList as you enter/modify options;

give Windows users OS descriptions in the displayed devices
list;

display at least 5 rows in the lists;

get rid of the "extra" CList for storing edited values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8552 f5534014-38df-0310-8fa8-9805f1628bb7

Get the RTP payload types from rtp_pt.h rather than defining them
ourselves.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8551 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa:

1) string tables for t35CountryCode, t35Extension and
   h221ManufacturerCode were moved into the new file t35.c
   because they are common for more dissectors

2) the dissect_h245_NonStandardParameter_with_extension_marker()
   was moved from h245 to h225 and renamed to
   dissect_h225_NonStandardParameter() because the
   NonStandardData type is different for H.225.0 and H.245

3) type of the "h245.nsp.object" dissector table was changed from
   FT_UINT32 to FT_STRING, so it can select a dissector based on
   an OID rather than the Adler-32 hash of an OID

4) the "h225.nsp.object" and "h225.nsp.h221" dissector tables
   were created

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8550 f5534014-38df-0310-8fa8-9805f1628bb7

For (non-heuristic) SIP-over-TCP, dissect stuff that's neither a request
nor a response as continuation data. For SIP-over-everything-else,
reject it.

Parse the headers regardless of whether we're building a protocol tree
or not; if we're not, we just do it to look for a blank line separating
the headers from the body. Do that instead of scanning for the message
body separately.

When scanning for a colon, don't scan past the end of the line.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8549 f5534014-38df-0310-8fa8-9805f1628bb7

Make the non-heuristic SIP dissector reject the packet if it doesn't
look like a SIP packet, so some other dissector gets a chance at it.

When looking for the blank line separating headers from data, use
"tvb_find_line_end()" so we handle CR/LF and LF as end-of-line
indications (RFC 2543 says "senders MUST terminate lines with a CRLF",
but it also says "but receivers MUSTalso interpret CR and LF by
themselves as line terminators"), and return an offset past the end of
the buffer, rather than -1, if we don't find it (not all packets have
one).

When checking whether a header is one we know about, do a
case-insensitive comparison (RFC 2543 says header field names are
case-insensitive).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8548 f5534014-38df-0310-8fa8-9805f1628bb7

The LAPB dissector can be called from the Ethernet dissector; don't
assume we have an X.25 pseudo-header.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8547 f5534014-38df-0310-8fa8-9805f1628bb7

This commit refactors the dcerpc authentication subdissectors for
handling encrypted request/response PDUs.  Instead of having
dissection function pointers which perform both decryption and
dissection, the function pointers now only decrypt the DCERPC fragment
payload.  Dissection is handled by the dcerpc_try_handoff() function
(with DCERPC fragment reassembly if necessary).

Details:

- Move the dcerpc_auth_info struct into dcerpc.h as it is now used in
   the function prototype for the decryption function handlers.

- decode_encrypted_data() was refactored to take a boolean request
   parameter instead of passing the DCERPC PDU packet type.

- A tvbuff_t * data field was added to dcerpc_auth to hold the
   verifier.  This is passed as an argument to the decryption function
   handlers.

- Dissection of verifiers in request and response PDUs was moved to
   before the payload.

- The dissect_dcerpc_cn_stub() function was refactored to perform
   the decryption process and hand decrypted data to the reassembly
   code instead of performing the decryption after reassembly.

- Removed references to decrypted_info_t as it's not necessary
   anymore.

Code was tested using encrypted and unencrypted fragmented PDUs.
Before this commit ethereal could not dissect unencrypted (!)
fragmented PDUs correctly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8546 f5534014-38df-0310-8fa8-9805f1628bb7

Use zero to mean we haven't seen any authentication level information
in dcerpc_auth_info since auth_level is an unsigned type. Zero is
not a valid authentication level anyway (s13.1.2.1, p611 CAE spec).

Remove two inscrutable debugging comments that don't seem to mean anything.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8545 f5534014-38df-0310-8fa8-9805f1628bb7

Assorted GUI cleanups.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8544 f5534014-38df-0310-8fa8-9805f1628bb7

RTP analysis updates from Lars Ruoff:

- can now handle streams with different payload types
- detects payload changes
- detects comfort noise (PT=13 and 19)
- status line now shows: sequence errors, payload changes,
  comfort noise (if any)
- uses colours for lines with status != "Ok"
- new button "next": jumps to next line with status != "Ok"
  (starting from selected line)
- fixed: wrong jitter calculation (bug from tap_rtp)
- fixed: marker was not shown on first packet or erroneous
  packets (bug from tap_rtp)
- code refactored to improve readability and reuse

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8543 f5534014-38df-0310-8fa8-9805f1628bb7

Add PT_CN_OLD, so the RTP analysis code can get the RTP payload types it
needs from this header.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8542 f5534014-38df-0310-8fa8-9805f1628bb7

In "nds_defrag()", handle "request_value->ncp_rec" being null.

In "dissect_nds_request()", insert the request information into the hash
table the first time we see the packet, regardless of whether we created
a new conversation or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8541 f5534014-38df-0310-8fa8-9805f1628bb7

Correctly handle the case where the selected frame doesn't pass the
filter and no frames after it pass the filter either.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8540 f5534014-38df-0310-8fa8-9805f1628bb7

If the currently selected frame doesn't pass the display filter, select
the closest frame to that frame that did pass the display filter, if any
did.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8539 f5534014-38df-0310-8fa8-9805f1628bb7

When showing a fragment subtree, put spaces after colons to make things
look a bit nicer. Also separate frame and payload data by a comma.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8538 f5534014-38df-0310-8fa8-9805f1628bb7

From Laurent Rabret:

handle 802.1Q frames;

catch the destroy signal on the main Ethereal window and destroy
our windows (avoids a crash).

Get the PPP type value for IP from "ppptypes.h" rather than defining it
ourselves.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8537 f5534014-38df-0310-8fa8-9805f1628bb7

From Matthijs Melchior: check whether the ring buffer timeout has
expired *before* writing a packet, rather than *after* writing a packet,
so that if you get no packets for a sufficiently long period that the
timeout expires before you get a new packet, the new packet is in the
beginning of a new file (as you might get more packets right after that,
and want them to be in the new file, rather than have the first packet
at the end of one file and the rest of the packets in another file).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8536 f5534014-38df-0310-8fa8-9805f1628bb7

From packet steve: update to give the correct name for "file_access.c",
and add a discussion of how data_offset works.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8535 f5534014-38df-0310-8fa8-9805f1628bb7

From David Frascone: have an 802.11 dissector that byte-swaps the frame
control field, and have a preference in the LWAPP dissector to specify
whether to use it or the regular 802.11 dissector, as some hardware
sends out LWAPP-encapsulated 802.11 packets with a byte-swapped FC field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8534 f5534014-38df-0310-8fa8-9805f1628bb7

From Anders Broman: fix a crash, and fix trailing whitespace on
Transaction ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8533 f5534014-38df-0310-8fa8-9805f1628bb7

From Tomas Kukosa:

Remove the internal packet-per.c functions
"dissect_per_length_determinant()" and
"dissect_per_normally_small_nonnegative_whole_number()" from the
plugin API, as they shouldn't be used outside the PER dissector.

Remove the H.225/H.245 functions
"dissect_h225_TransportAddress()" and
"dissect_h245_NonStandardParameter()" from the plugin API until
we really need them in plugins.

Add the string dissector table functions to the plugin API.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8532 f5534014-38df-0310-8fa8-9805f1628bb7

Add a "file_selection_new()" routine that does all the positioning (GTK+
2.x) and transient-for setting that's done for other dialogs, and use it
for dialogs that come from the main window or from children of the main
window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8531 f5534014-38df-0310-8fa8-9805f1628bb7

From Yaniv Kaul: DCERPC OXID operation #5 dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8530 f5534014-38df-0310-8fa8-9805f1628bb7

From Lars Ruoff: rewritten RTP analysis module.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8529 f5534014-38df-0310-8fa8-9805f1628bb7

In packet_list_button_pressed_cb (gtk2 version) :
- put back the event_button->window == GTK_CLIST(w)->clist_window test
now that we use the correct structure definition for GtkCList (from
the right include file, not from our version of gtkclist.h).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8528 f5534014-38df-0310-8fa8-9805f1628bb7

Renamed gktclist.[ch] to gtkclist_v12.[ch] to avoid conflicts with the
real gtkclist.h file when building the gtk+ v2 gui.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8527 f5534014-38df-0310-8fa8-9805f1628bb7

Create a protocol tree if we don't have one, we're constructing the Info
column, and we need stuff from the protocol tree for the Info column.

Go back to the previous scheme for constructing the Info column; the
previous change fixes the problems for which the Info column changes
were fixes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8526 f5534014-38df-0310-8fa8-9805f1628bb7

Pass a pointer to a "capture_file" structure to
"set_menus_for_selected_packet()" and
"set_menus_for_selected_tree_row()", and have them decide whether to
enable or disable menu items based on whether that structure indicates
that a packet or field is selected and, if one is, on its properties.

Pass to the "selected packet enabled" routine for a menu item the
"frame_data" and "edt" members of the "capture_file" structure, and pass
to the "selected tree row enabled" routine the "field_info" member of
that structure.

Clear "cf->current_frame" if no packet is selected.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@8525 f5534014-38df-0310-8fa8-9805f1628bb7