19 years agoOnly define next_pd and next_offet if HAVE_PLUGINS is #defined, since
gram [Thu, 11 Jan 2001 16:27:23 +0000 (16:27 +0000)]
Only define next_pd and next_offet if HAVE_PLUGINS is #defined, since
that's the only time they're used.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2875 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"dissect_llc()" is called for RFC 2684 LLC Encapsulation over ATM, so
guy [Thu, 11 Jan 2001 07:24:17 +0000 (07:24 +0000)]
"dissect_llc()" is called for RFC 2684 LLC Encapsulation over ATM, so
LLC *does* have to support bridged frames over ATM; the correct bridge
padding is 2 (well, except for bridged 802.6 frames, but, if we ever
support that, we just wouldn't add "bridge_pad" to "offset+5" when
constructing the next tvbuff).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2874 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a python script which has the same functionality as the shell
gram [Thu, 11 Jan 2001 07:21:35 +0000 (07:21 +0000)]
Add a python script which has the same functionality as the shell
script 'make-reg-dotc'. It is used only in the Win32 build because the
make-reg-dotc shell script is *so* sloooooooooow on Win32, due to the
multiple processes (grep, grep, sed) launched multiple times for each
source file. By putting all the text-mangling logic into a single Python
script, only one process is launched, and the source files are read
only once. It's *a lot* faster... seconds instead of minutes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2873 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoProvide a way by which protocols that run atop HTTP, such as IPP, can
guy [Thu, 11 Jan 2001 06:30:54 +0000 (06:30 +0000)]
Provide a way by which protocols that run atop HTTP, such as IPP, can
register their port as being for XXX-over-HTTP; the HTTP dissector
registers that port in the "tcp.port" table as an HTTP port, and
registers it in its *own* table with the dissector and protocol provided
to it.

Parse the HTTP MIME headers regardless of whether we're building a
protocol tree or not; we have to do so in order to find the offset of
the payload, to hand to an XXX-over-HTTP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2872 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGet rid of the magic "+4" and properly calculate the lineheight so
gram [Thu, 11 Jan 2001 05:51:10 +0000 (05:51 +0000)]
Get rid of the magic "+4" and properly calculate the lineheight so
that automatic scrolling of the hex pane continues to work, but without
any special magic constant. This works for any size font (as long
as the font isn't so big as to cause a line wrap), and has been
tested on Linux and NT4. The lineheight calculation was found in the
source code to the GtkText widget (gtk/gtktext.c in the GTK+ distribution).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2871 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"dissect_http()" doesn't need to be global any more; make it static.
guy [Thu, 11 Jan 2001 05:41:47 +0000 (05:41 +0000)]
"dissect_http()" doesn't need to be global any more; make it static.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2870 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoThere's no need to register port 631 twice for IPP; do so only once.
guy [Thu, 11 Jan 2001 05:36:09 +0000 (05:36 +0000)]
There's no need to register port 631 twice for IPP; do so only once.

Leave notes for a future rethinking of the way we handle protocols that
run atop HTTP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2869 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoShow the menu_item widget during the creation of an option menu for
gram [Thu, 11 Jan 2001 04:40:26 +0000 (04:40 +0000)]
Show the menu_item widget during the creation of an option menu for
enumerated option lists. This to overcome a small bug in which the
menu item text doesn't have enough vertical padding.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2868 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoThe difference between two pointers doesn't necessarily fit in an "int"
guy [Wed, 10 Jan 2001 23:42:12 +0000 (23:42 +0000)]
The difference between two pointers doesn't necessarily fit in an "int"
or "unsigned int"; cast it to "unsigned long" and print it with "%lu",
so it works on ILP32 and LP64 platforms.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2867 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoInclude "snprintf.h", if necessary, to declare "snprintf()".
guy [Wed, 10 Jan 2001 23:36:35 +0000 (23:36 +0000)]
Include "snprintf.h", if necessary, to declare "snprintf()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2866 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoWhen testing the low-order bit of a pointer, cast it to "unsigned long",
guy [Wed, 10 Jan 2001 23:34:06 +0000 (23:34 +0000)]
When testing the low-order bit of a pointer, cast it to "unsigned long",
not to "int", to squelch complaints from GCC on LP64 platforms such as
most UNIXes on Alpha.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2865 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix call to "pntohs()" - it was missing the "pd+", so it was just
guy [Wed, 10 Jan 2001 23:30:41 +0000 (23:30 +0000)]
Fix call to "pntohs()" - it was missing the "pd+", so it was just
passing the offset in the packet, not a pointer into the packet, to

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2864 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoThe frame control field is, I infer from "dissect_ieee80211()",
guy [Wed, 10 Jan 2001 23:28:46 +0000 (23:28 +0000)]
The frame control field is, I infer from "dissect_ieee80211()",
little-endian, so "capture_ieee80211()" should use "pletohs()", not
"pntohs()", to fetch it.

Also, "pletohs()" takes a *pointer* to the object to be fetched as an

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2863 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoChange from Jeff Foster to keep the dissector from crashing if the
guy [Wed, 10 Jan 2001 10:59:11 +0000 (10:59 +0000)]
Change from Jeff Foster to keep the dissector from crashing if the
conversation it found has no data associated with it; this is a
workaround for a problem that shows up if a conversation is between two
ports both of which have protocols associated with them - in that case,
frames going in one direction might be dissected by one of those
dissectors, and frames going in the other direction might be dissected
by the other dissector, causing untold confusion.

We really need to associate dissectors with conversations as soon as the
conversation is created, so that all packets will be handled by the same
dissector.  (The SOCKS dissector now does that.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2862 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIn "{old_}dissector_try_port()", check whether the protocol for the
guy [Wed, 10 Jan 2001 10:44:48 +0000 (10:44 +0000)]
In "{old_}dissector_try_port()", check whether the protocol for the
dissector is enabled and, if not, return FALSE, just as if there hadn't
been any entry for that port number in the table.  If it is enabled, set
"pinfo->current_proto" from its short name before calling the dissector.

In "dissector_try_heuristic()", check whether the protocols for
dissectors are enabled and, if not, skip those dissectors, just as if
they hadn't been in the table.  (We don't set "pinfo->current_proto"
before calling a dissector, as we don't know whether the dissector in
question will be the one to dissect the packet.  Arguably, we should
have, for heuristic dissectors, separate "recognize" and "dissect"
routines, where the former never throws an exception and returns TRUE or
FALSE, and the latter is called only if the "recognize" routine claimed
the frame, and is just a "dissector_t" that doesn't return a value.)

In "{old_}call_dissector()", check whether the protocol for the
dissector is enabled and, if not, call "{old_}dissect_data()".  if it is
enabled, set "pinfo->current_proto" from its short name before calling
the dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2861 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoPut in some XXX comments.
guy [Wed, 10 Jan 2001 10:36:02 +0000 (10:36 +0000)]
Put in some XXX comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2860 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix up Gerald's e-mail address to be his "ethereal.com" address.
guy [Wed, 10 Jan 2001 10:11:27 +0000 (10:11 +0000)]
Fix up Gerald's e-mail address to be his "ethereal.com" address.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2859 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix up the "ethereal-dev" address to refer to "ethereal.com" rather than
guy [Wed, 10 Jan 2001 09:54:44 +0000 (09:54 +0000)]
Fix up the "ethereal-dev" address to refer to "ethereal.com" rather than
"zing.org".  (We leave addresses in header lines in included mail
messages alone.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2858 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoClarify which filter expressions on the command line are capture filters
guy [Wed, 10 Jan 2001 09:39:24 +0000 (09:39 +0000)]
Clarify which filter expressions on the command line are capture filters
and which are display filters.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2857 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdate a comment.
guy [Wed, 10 Jan 2001 09:34:08 +0000 (09:34 +0000)]
Update a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2856 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoM3UA (MTP3 User Adaptation layer) support, from Michael Tuexen.
guy [Wed, 10 Jan 2001 09:25:13 +0000 (09:25 +0000)]
M3UA (MTP3 User Adaptation layer) support, from Michael Tuexen.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2855 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake the stuff to handle SNAP frames (OUI, PID, payload) a routine of
guy [Wed, 10 Jan 2001 09:07:35 +0000 (09:07 +0000)]
Make the stuff to handle SNAP frames (OUI, PID, payload) a routine of
its own; it's used not only by LLC, but by Frame Relay with RFC 2427 and
ATM with RFC 2684.

Support for RFC 2427-encapsulation Frame Relay packets, from Paul

Get rid of the CISCO_IP PPP protocol type - Cisco HDLC uses, in most
cases, Ethernet packet types, so use ETHERTYPE_IP instead (they're both

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2854 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoChange e-mail list addresses from zing.org to ethereal.com.
gram [Wed, 10 Jan 2001 06:23:58 +0000 (06:23 +0000)]
Change e-mail list addresses from zing.org to ethereal.com.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2853 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the SNA dissector.
gram [Wed, 10 Jan 2001 04:17:13 +0000 (04:17 +0000)]
Tvbuffify the SNA dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2852 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRegister the IPX dissector, make it static, and call it through a
guy [Tue, 9 Jan 2001 09:59:28 +0000 (09:59 +0000)]
Register the IPX dissector, make it static, and call it through a

Call the IP dissector through a handle in the Frame Relay dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2851 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a new "ip_to_str_buf()" routine that takes a pointer to an IP
guy [Tue, 9 Jan 2001 09:57:06 +0000 (09:57 +0000)]
Add a new "ip_to_str_buf()" routine that takes a pointer to an IP
address and a pointer to a character buffer as arguments, and puts a
printable form of the IP address into the buffer.  Make "ip_to_str()"
use it.

Make "host_name_lookup()" use "ip_to_str_buf()", not "ip_to_str()", so
that it doesn't trash any strings that a dissector has gotten with
"ip_to_str()" (for example, the ARP dissector gets strings for the
source and target protocol addresses, and then may attempt to register
names for the source and target hardware addresses with
"add_ether_byip()"; if "host_name_lookup()" fails to find a host name
for the IP address, it shouldn't use "ip_to_str()" to generate an IP
address string to associate with the IP address, as if that's done twice
it'll run out of "ip_to_str()" buffers - there're only 3 of them - and
trash one of the IP address strings the ARP dissector got).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2850 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd an additional "protocol index" argument to "{old_}dissector_add()",
guy [Tue, 9 Jan 2001 06:32:10 +0000 (06:32 +0000)]
Add an additional "protocol index" argument to "{old_}dissector_add()",
"{old_}heur_dissector_add()", "{old_}conv_dissector_add()", and
"register_dissector()", so that an entry in those tables has associated
with it the protocol index of the protocol the dissector handles (or -1,
if there is no protocol index for it).

This is for future use in a number of places.

(Arguably, "proto_register_protocol()" should take a dissector pointer
as an argument, but

1) it'd have to handle both regular and heuristic dissectors;

2) making it take either a "dissector_t" or a union of that and
   a "heur_dissector_t" introduces some painful header-file

so I'm punting on that for now.  As with other Ethereal internal APIs,
these APIs are subject to change in the future, at least until Ethereal
1.0 comes out....)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2849 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd tables of "conversation" dissectors, which are associated with
guy [Tue, 9 Jan 2001 05:53:21 +0000 (05:53 +0000)]
Add tables of "conversation" dissectors, which are associated with
particular protocols, and which keep track of all dissectors that could
be associated with conversations using those particular protocols - for
example, the RTP and RTCP dissectors could be assigned to UDP

This is for future use with UI features allowing the dissector for a
given conversation to be set from the UI, to allow

1) conversations between two ports, both of which have
   dissectors associated with them, that have been given to the
   wrong dissector to be given to the right dissector;

2) conversations between two ports, neither of which have
   dissectors associated with them, to be given to a dissector
   (RTP and RTCP, for example, typically run on random ports,
   and if you don't have, in a capture, traffic that would say
   "OK, traffic between these two hosts and ports will be RTP
   traffic", you may have to tell Ethereal explicitly what
   protocol the conversation is).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2848 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf the target hardware address in an ARP packet is a broadcast address,
guy [Tue, 9 Jan 2001 01:02:34 +0000 (01:02 +0000)]
If the target hardware address in an ARP packet is a broadcast address,
don't give that address the host name corresponding to the target IP

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2847 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't do the "select()" in the capture codepath on Win32; it's not
guy [Tue, 9 Jan 2001 00:53:26 +0000 (00:53 +0000)]
Don't do the "select()" in the capture codepath on Win32; it's not
necessary, and won't necessarily work.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2846 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoCode to handle Frame Relay Sniffer captures, from Jeff Foster.
guy [Mon, 8 Jan 2001 22:18:22 +0000 (22:18 +0000)]
Code to handle Frame Relay Sniffer captures, from Jeff Foster.

Code to register the Frame Relay dissector to handle Frame Relay
captures, from Paul Ionescu.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2845 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoClean up white space.
guy [Sun, 7 Jan 2001 22:35:21 +0000 (22:35 +0000)]
Clean up white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2844 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix the Frame Relay dissector to call subdissectors regardless of
guy [Sun, 7 Jan 2001 22:18:32 +0000 (22:18 +0000)]
Fix the Frame Relay dissector to call subdissectors regardless of
whether a full protocol tree dissection is being done or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2843 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFrame Relay and Frame-Relay-over-GRE support, from Paul Ionescu.
guy [Sun, 7 Jan 2001 22:08:31 +0000 (22:08 +0000)]
Frame Relay and Frame-Relay-over-GRE support, from Paul Ionescu.

Fix the GRE dissector to call subdissectors regardless of whether a full
protocol tree dissection is being done or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2842 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake the three subfields of the "flags" field real bitfields, and let
guy [Sun, 7 Jan 2001 01:47:37 +0000 (01:47 +0000)]
Make the three subfields of the "flags" field real bitfields, and let
the protocol tree code do the work of constructing the display for them,
rather than doing it by hand.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2841 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdate from Paul Ionescu to set the reported length of the tvbuff for
guy [Sun, 7 Jan 2001 00:23:03 +0000 (00:23 +0000)]
Update from Paul Ionescu to set the reported length of the tvbuff for
the DEC LanBridge STP packet, so that stuff after the end of the packet
gets properly reported as Ethernet trailer data.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2840 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the NTP and time protocol dissectors.
guy [Sat, 6 Jan 2001 09:42:10 +0000 (09:42 +0000)]
Tvbuffify the NTP and time protocol dissectors.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2839 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the Vines dissector, and add protocols for the Vines
guy [Sat, 6 Jan 2001 08:44:03 +0000 (08:44 +0000)]
Tvbuffify the Vines dissector, and add protocols for the Vines
Fragmentation and SPP protocols.

Call the Vines dissector from the UDP dissector via a dissector table.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2838 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the "rwho" dissector.
guy [Sat, 6 Jan 2001 06:18:54 +0000 (06:18 +0000)]
Tvbuffify the "rwho" dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2837 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the VRRP dissector, and add code to check the checksum.
guy [Sat, 6 Jan 2001 05:43:13 +0000 (05:43 +0000)]
Tvbuffify the VRRP dissector, and add code to check the checksum.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2836 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSet "pinfo->current_proto".
guy [Sat, 6 Jan 2001 05:11:32 +0000 (05:11 +0000)]
Set "pinfo->current_proto".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2835 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the MPLS dissector.
guy [Sat, 6 Jan 2001 05:09:35 +0000 (05:09 +0000)]
Tvbuffify the MPLS dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2834 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the LPD dissector.
guy [Sat, 6 Jan 2001 00:02:41 +0000 (00:02 +0000)]
Tvbuffify the LPD dissector.

Use "tvb_format_text()" to display the printer and options in a request,
so that it doesn't have problems with non-printable characters - or if
we incorrectly decide that a packet is a request merely because it
happens to have what appears to be a valid request code as the first

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2833 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMap the old MGCP preference names to the new ones (including a special
guy [Fri, 5 Jan 2001 22:45:26 +0000 (22:45 +0000)]
Map the old MGCP preference names to the new ones (including a special
hack to handle the two copies of "mgcp.{tcp,udp}.port" as best we can).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2832 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUse "%u", not "%d", to print unsigned quantities.
guy [Fri, 5 Jan 2001 20:46:44 +0000 (20:46 +0000)]
Use "%u", not "%d", to print unsigned quantities.

Show the flags in hex, not decimal.

Nobody calls the LanBridge BPDU dissector directly through a handle, so
there's no need to register it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2831 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIP Prefix field support in CDP, from Paul Ionescu.
guy [Fri, 5 Jan 2001 19:14:05 +0000 (19:14 +0000)]
IP Prefix field support in CDP, from Paul Ionescu.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2830 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoX.25-over-LLC support, from Paul Ionescu.
guy [Fri, 5 Jan 2001 19:07:38 +0000 (19:07 +0000)]
X.25-over-LLC support, from Paul Ionescu.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2829 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDEC LANBridge Spanning Tree Protocol support, from Paul Ionescu.
guy [Fri, 5 Jan 2001 19:00:37 +0000 (19:00 +0000)]
DEC LANBridge Spanning Tree Protocol support, from Paul Ionescu.

Put "packet-lapbether.c" into "Makefile.nmake".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2828 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoClear the Info column before fetching anything from the packet, so that
guy [Fri, 5 Jan 2001 08:59:16 +0000 (08:59 +0000)]
Clear the Info column before fetching anything from the packet, so that
if we throw an exception, the stuff from the Token-Ring protocol isn't
still there.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2827 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoClear the Info column before fetching anything from the packet, so that
guy [Fri, 5 Jan 2001 08:43:30 +0000 (08:43 +0000)]
Clear the Info column before fetching anything from the packet, so that
if we throw an exception, the stuff from the protocol atop which LLC
runs isn't still there.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2826 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSet "pinfo->current_proto" once we've decided it's an H1 packet.
guy [Fri, 5 Jan 2001 08:34:35 +0000 (08:34 +0000)]
Set "pinfo->current_proto" once we've decided it's an H1 packet.

Fix the indentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2825 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDoesn't need #include "dfilter.h"
gram [Thu, 4 Jan 2001 04:56:20 +0000 (04:56 +0000)]
Doesn't need #include "dfilter.h"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2824 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDoesn't need #include "dfilter.h"
gram [Thu, 4 Jan 2001 04:44:02 +0000 (04:44 +0000)]
Doesn't need #include "dfilter.h"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2823 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake the PPP-over-Ethernet discovery and session protocols registered
guy [Thu, 4 Jan 2001 04:15:30 +0000 (04:15 +0000)]
Make the PPP-over-Ethernet discovery and session protocols registered

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2822 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't define "promisc_mode" if we weren't built with libpcap support.
guy [Thu, 4 Jan 2001 00:16:43 +0000 (00:16 +0000)]
Don't define "promisc_mode" if we weren't built with libpcap support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2821 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago- replace x25 with x.25 in all protocol fields
oabad [Wed, 3 Jan 2001 23:30:50 +0000 (23:30 +0000)]
- replace x25 with x.25 in all protocol fields
- displays the GFI (the a/q/d bits and modulo are displayed in a subtree of
  the GFI)
- correctly dissect the first bit of the GFI : Address bit in call set-up
  and clearing packets, Qualifier bit in data packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2820 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the BOOTP/DHCP dissector.
guy [Wed, 3 Jan 2001 22:49:06 +0000 (22:49 +0000)]
Tvbuffify the BOOTP/DHCP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2819 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"hf_sna_rh_csi" is now an FT_UINT8 field, so add it with
guy [Wed, 3 Jan 2001 21:52:40 +0000 (21:52 +0000)]
"hf_sna_rh_csi" is now an FT_UINT8 field, so add it with
"proto_tree_add_uint()", not "proto_tree_add_boolean()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2818 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoEnsure that all value_string arrays end in {0, NULL}. Dissectors got away
gram [Wed, 3 Jan 2001 16:41:08 +0000 (16:41 +0000)]
Ensure that all value_string arrays end in {0, NULL}. Dissectors got away
with not terminating their arrays because they knew the limits of the
value used to look up strings in the value_string array, but the
dfilter_expr_dlg does not know these limits and must rely on the terminating
{0, NULL} record.

Also, in SNA fixed a bug in which a field should have been defined as FT_UINT8
but was defined as FT_BOOLEAN.

In WTP, fixed a value string which had duplicate keys.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2817 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoHave the TR MAC and LLC dissectors register themselves, make them
guy [Wed, 3 Jan 2001 10:34:42 +0000 (10:34 +0000)]
Have the TR MAC and LLC dissectors register themselves, make them
static, and have other dissectors call them through handles.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2816 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRegister the WSP dissector, make it static, and have the WTP dissector
guy [Wed, 3 Jan 2001 08:42:48 +0000 (08:42 +0000)]
Register the WSP dissector, make it static, and have the WTP dissector
call it through a handle.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2815 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoMake the Zebra dissector, and a routine it uses, static, as they're not
guy [Wed, 3 Jan 2001 08:26:40 +0000 (08:26 +0000)]
Make the Zebra dissector, and a routine it uses, static, as they're not
called directly from outside "packet-zebra.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2814 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdate the README.developer file to reflect the recent changes to
guy [Wed, 3 Jan 2001 08:00:01 +0000 (08:00 +0000)]
Update the README.developer file to reflect the recent changes to
"proto_register_protocol()" and the addition of

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2813 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a new "prefs_register_protocol()" routine, which is like
guy [Wed, 3 Jan 2001 07:53:48 +0000 (07:53 +0000)]
Add a new "prefs_register_protocol()" routine, which is like
"prefs_register_module()" except that it takes a protocol index as
returned by "proto_register_protocol()" as its first argument, rather
than taking two character strings as arguments as its first two
arguments, and uses the protocol's abbreviation as the name to use for
preferences in the preferences file and the "-o" flag and uses the
protocol's short name as the name to use in the tabs in the
"Edit->Preferences" window.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2812 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoHave "proto_register_protocol()" build a list of data structures for
guy [Wed, 3 Jan 2001 07:37:29 +0000 (07:37 +0000)]
Have "proto_register_protocol()" build a list of data structures for
protocols, in addition to adding structures to the list of filterable
fields.  Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as


the dialog box for constructing filters;

the preferences tab for the protocol;

and so on (although we're not yet using it in all those places).

Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.

Make some routines and variables that aren't exported static.

Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2811 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoHave "proto_register_protocol()" build a list of data structures for
guy [Wed, 3 Jan 2001 06:56:03 +0000 (06:56 +0000)]
Have "proto_register_protocol()" build a list of data structures for
protocols, in addition to adding structures to the list of filterable
fields.  Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as


the dialog box for constructing filters;

the preferences tab for the protocol;

and so on (although we're not yet using it in all those places).

Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.

Make some routines and variables that aren't exported static.

Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2810 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix a damn stupid mistake that stopped us seeing all the bits in the flags on a NetSe...
sharpe [Wed, 3 Jan 2001 04:37:07 +0000 (04:37 +0000)]
Fix a damn stupid mistake that stopped us seeing all the bits in the flags on a NetServerEnum2 request.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2809 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoSupport for HTTP methods added by GENA (the uPnP protocol), and for the
guy [Wed, 3 Jan 2001 03:40:29 +0000 (03:40 +0000)]
Support for HTTP methods added by GENA (the uPnP protocol), and for the
HTTP-based SSDP protocol, from David Hampton.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2808 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoBase the decision of whether selecting an entry in the value list sets
guy [Tue, 2 Jan 2001 19:54:50 +0000 (19:54 +0000)]
Base the decision of whether selecting an entry in the value list sets
the value entry on the type of the field, not on whether the value entry
is visible; the value entry is hidden, in "field_select_row_cb()", after
"build_boolean_values()" is called, and building the list in
"build_boolean_values()" will cause an entry in that list to be
selected, and "value_list_sel_cb()" will be called as a result, so it
can't correctly base its decision on whether to set the value entry on
whether the entry is visible, as it's not yet been made invisible.

Fix a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2807 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoDon't show "Text" as one of the available fields.
guy [Tue, 2 Jan 2001 19:38:20 +0000 (19:38 +0000)]
Don't show "Text" as one of the available fields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2806 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a dialog box for constructing expressions that test a field in the
guy [Tue, 2 Jan 2001 01:32:21 +0000 (01:32 +0000)]
Add a dialog box for constructing expressions that test a field in the
display tree, based on Jeff Foster's dialog box for selecting fields.

Make the dialog box for browsing filters into a dialog box for
constructing filters; make the "Apply" button and the "OK" button apply
the filter in the text entry box in the dialog, not the currently
selected filter (selecting a filter puts it in that text entry box, but
the user may edit it afterwards, or may use the aforementioned dialog
box to construct a filter not in the list).

Get rid of extra declarations of "m_r_font" and "m_b_font" in
"proto_draw.c"; they're declared in "gtk/gtkglobals.h", which it includes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2805 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoA small fix to ensure that all servers/workgroups show up ... Last one
sharpe [Mon, 1 Jan 2001 01:44:46 +0000 (01:44 +0000)]
A small fix to ensure that all servers/workgroups show up ... Last one
was not being picked up ...

Will have to add proper state keeping code soon ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2804 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agounderstand TCP MD5 signature. Greg Hankins <gregh@twoguys.org>
itojun [Sat, 30 Dec 2000 05:23:56 +0000 (05:23 +0000)]
understand TCP MD5 signature.  Greg Hankins <gregh@twoguys.org>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2803 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the MAPI dissector.
guy [Fri, 29 Dec 2000 05:15:37 +0000 (05:15 +0000)]
Tvbuffify the MAPI dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2802 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoFix up some calls in which I didn't replace "NullTVB" with "tvb".
guy [Fri, 29 Dec 2000 04:41:30 +0000 (04:41 +0000)]
Fix up some calls in which I didn't replace "NullTVB" with "tvb".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2801 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf we get an exception when dissecting a packet, append "[Short Frame]"
guy [Fri, 29 Dec 2000 04:16:57 +0000 (04:16 +0000)]
If we get an exception when dissecting a packet, append "[Short Frame]"
or "[Malformed Frame]" to the Info column.

Make some dissectors set the Protocol column and clear the Info column
before fetching anything from the tvbuff they were handed, so that if
the frame is short or malformed, it'll be marked as being the right
top-level protocol, and the Info column won't have cruft left over from
the previous protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2800 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago"dissect_lapb()" is static to "packet-lapb.c", so it can't be directly
guy [Fri, 29 Dec 2000 02:27:21 +0000 (02:27 +0000)]
"dissect_lapb()" is static to "packet-lapb.c", so it can't be directly
called by "dissect_lapbether()".  "packet-lapbether.c" included
"packet-lapb.h", to get "dissect_lapb()" declared, but that header file
doesn't exist.

Dissectors should call other dissectors indirectly, so have the LAPB
dissector register itself and have the LAPB-over-Ethernet dissector get
that handle and call the LAPB dissector through that handle, rather than
making the LAPB dissector non-static and adding a "packet-lapb.h" header
to declare it.

Remove some unnecessary includes from "packet-lapbether.c".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2799 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the IMAP dissector.
guy [Fri, 29 Dec 2000 02:19:14 +0000 (02:19 +0000)]
Tvbuffify the IMAP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2798 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoModify X.25 dissector to accept a search string of x.25 and ex.25, not x25 and ex25.
sharpe [Fri, 29 Dec 2000 01:27:35 +0000 (01:27 +0000)]
Modify X.25 dissector to accept a search string of x.25 and ex.25, not x25 and ex25.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2797 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdded a LAPBETHER dissector as per Guy's wishes ... :-)
sharpe [Fri, 29 Dec 2000 01:06:24 +0000 (01:06 +0000)]
Added a LAPBETHER dissector as per Guy's wishes ... :-)

Damn, took more than half an hour :-(

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2796 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoWhen creating a subset tvbuff with lengths that don't run to the end of
guy [Fri, 29 Dec 2000 00:51:52 +0000 (00:51 +0000)]
When creating a subset tvbuff with lengths that don't run to the end of
the parent tvbuff, we have to set "pinfo->len" and "pinfo->captured_len"
unless we know for certain that *no* old-style dissectors will be called
later, because old-style dissectors get their length information from
"pi.len" and "pi.captured_len".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2795 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the PPTP dissector.
guy [Fri, 29 Dec 2000 00:35:51 +0000 (00:35 +0000)]
Tvbuffify the PPTP dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2794 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoUpdates from Ed Warnicke.
guy [Thu, 28 Dec 2000 10:10:17 +0000 (10:10 +0000)]
Updates from Ed Warnicke.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2793 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the CDP, CGMP, ISL, and VTP dissectors.
guy [Thu, 28 Dec 2000 09:49:09 +0000 (09:49 +0000)]
Tvbuffify the CDP, CGMP, ISL, and VTP dissectors.

Add a new subdissector table in the LLC dissector for protocol IDs with
a Cisco OUI, and register the CDP, CGMP, and VTMP dissectors in that
table, rather than calling them via a switch statement.

Register the ISL dissector by name, and have the Ethernet dissector call
it via a handle.

Fix the handling of the checksum field in the CDP dissector.

The strings in CDP are counted, not null-terminated; treat them as such.

Fix the handling of the encapsulated frame CRC, and the encapsulated
frame, in the ISL dissector, at least for Ethernet frames; it may not be
correct for encapsulated Token Ring frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2792 f5534014-38df-0310-8fa8-9805f1628bb7

19 years ago>This patch adds a missing capabilities NOTIFICATION message, and support for
itojun [Thu, 28 Dec 2000 05:13:14 +0000 (05:13 +0000)]
>This patch adds a missing capabilities NOTIFICATION message, and support for
>RFC2385 (Protection of BGP Sessions via the TCP MD5 Signature Option).
From: Greg Hankins <gregh@twoguys.org>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2791 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIt turns out that the read timeout in Solaris's "bufmod" STREAMS module
guy [Thu, 28 Dec 2000 01:44:19 +0000 (01:44 +0000)]
It turns out that the read timeout in Solaris's "bufmod" STREAMS module
doesn't work like the read timeout in BPF - the timer doesn't start
until at least one packet has arrived.

I think that's the way read timeouts should work on *all* packet capture
mechanisms, but it does mean that Solaris will, on a quiet net, exhibit
the same symptoms that Linux used to exhibit before we put in a
"select()" call to wait until either packets arrive or a timer expires -
the "pcap_dispatch()" call blocks until a packet arrives, so the display
doesn't get updated and Ethereal doesn't respond to user input until a
packet arrives.

Furthermore, Linux isn't the only OS that lacks any read timeout
on its packet capture mechanism; the others will also have that problem.

We therefore do the "select()" on *all* platforms other than the BSDs
(where the timer starts when the read is done, and can be used for
polling); I don't know whether it's necessary on Digital UNIX, but I
suspect it's necessary on SunOS 4.x (as the 5.x "bufmod" is probably
derived from the 4.x one, and the 5.x one, as per the above, starts the
timer when a packet arrives), and it may even be necessary on 3.x, those
(BSD, SunOS including 5.x, and Digital UNIX) apparently being the only
UNIXes that appear to have such a read timeout.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2790 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAlways put the packet type in the Info column.
guy [Thu, 28 Dec 2000 00:44:49 +0000 (00:44 +0000)]
Always put the packet type in the Info column.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2789 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf the capture child process exits unexpectedly, give more information
guy [Wed, 27 Dec 2000 22:35:48 +0000 (22:35 +0000)]
If the capture child process exits unexpectedly, give more information
on it, such as the exit status if it exited "normally" but unexpectedly.

On UNIX systems, #define the various POSIX <sys/wait.h> macros (and the
non-POSIX WCOREDUMP()" macro) if they're not defined by <sys/wait.h> (or
if we don't have <sys/wait.h>), and use them to dissect the exit status.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2788 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoTvbuffify the RIP and OSPF dissectors.
guy [Wed, 27 Dec 2000 12:48:27 +0000 (12:48 +0000)]
Tvbuffify the RIP and OSPF dissectors.

Change them to use facilities in Ethereal that were probably not present
when they were originally written, e.g. routines to fetch 24-bit
integers and to dump a bunch of raw bytes in hex.

Redo them to extract data from the packet as they dissect it, rather
than extracting an entire data structure at once; that way, it may be
able to dissect a structure not all of which is in the packet.

Dissect a bit more of the type-of-service metrics etc. in OSPF packets.

Make "tvb_length_remaining()" return a "gint", not a "guint"; it returns
-1 if the offset is past the end of the tvbuff.

Add a "tvb_reported_length_remaining()" routine, similar to
"tvb_length_remaining()".  Use it instead of just subtracting an offset
from "tvb_reported_length()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2787 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoGet rid of extra blanks in strings.
guy [Wed, 27 Dec 2000 12:38:08 +0000 (12:38 +0000)]
Get rid of extra blanks in strings.

"tvb_length_remaining()" will return -1 if the offset argument is past
the end of the tvbuff; check for values > 0, not values != 0, when
checking to see if there's extra garbage at the end of the packet.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2786 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoadded KRB-ERROR response dissection
nneul [Tue, 26 Dec 2000 16:44:43 +0000 (16:44 +0000)]
added KRB-ERROR response dissection

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2785 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoadd tethereal_static
nneul [Tue, 26 Dec 2000 16:44:16 +0000 (16:44 +0000)]
add tethereal_static

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2784 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a new "tvb_strsize()" routine, which finds the size of a
guy [Mon, 25 Dec 2000 23:48:16 +0000 (23:48 +0000)]
Add a new "tvb_strsize()" routine, which finds the size of a
NUL-terminated string, starting at a given offset.  The size includes
the terminating NUL.  If it doesn't find the terminating NUL, it throws
the appropriate exception, as either there's no terminating NUL in the
packet or there is but it's past the end of the captured data in the

Use that routine in the TFTP dissector.  As it throws an exception if
the string isn't NUL-terminated, we can just use "%s" to print option
strings; we don't need to use "%.*s" with a string length.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2783 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoPreferences shouldn't supposed to have blanks in their names - it can
guy [Mon, 25 Dec 2000 09:37:35 +0000 (09:37 +0000)]
Preferences shouldn't supposed to have blanks in their names - it can
make it a bit of a pain to set their values on the command line (you
have to quote the name).  Use underscores instead.

Give the gateway and callagent port preferences different names.

Fix up the text descriptions and labels for those preferences.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2782 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoIf a PrincipalName has at least one name-string, put the first of the
guy [Mon, 25 Dec 2000 06:59:33 +0000 (06:59 +0000)]
If a PrincipalName has at least one name-string, put the first of the
name strings into the top-level tree item for the PrincipalName, along
the lines of what was done earlier.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2781 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agobgp route refresh/MP capability option.
itojun [Mon, 25 Dec 2000 05:28:40 +0000 (05:28 +0000)]
bgp route refresh/MP capability option.
Greg Hankins <gregh@twoguys.org>

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2780 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdded kerberos name types and lookup in PrincName dissect
nneul [Sun, 24 Dec 2000 22:00:55 +0000 (22:00 +0000)]
Added kerberos name types and lookup in PrincName dissect
Cipher: to CipherText:
ETYPE to ENCTYPE to agree with krb5 headers
Added additional preauth types

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2779 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoAdd a "tftp_strnlen()" routine that
guy [Sun, 24 Dec 2000 20:33:04 +0000 (20:33 +0000)]
Add a "tftp_strnlen()" routine that

1) checks to make sure that the terminating '\0' is found in the
   string, and throws a BoundsError exception if it isn't (TFTP
   packets should fit in a single frame, so if the '\0' isn't
   found, that's an error);

2) adds 1 to the length to include the trailing '\0';

and use it to find all string lengths, so that we properly handle short
or malformed frames.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2778 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoRename "asn1_octet_string_value_decode()" to
guy [Sun, 24 Dec 2000 09:10:12 +0000 (09:10 +0000)]
Rename "asn1_octet_string_value_decode()" to
"asn1_string_value_decode()", as it can be used for various character
string types as well.

Turn "asn1_octet_string_decode()" into "asn1_string_decode()", which
takes an additional argument giving the tag expected for the string in
question, and make "asn1_octet_string_decode()" a wrapper around it.

Clean up the ASN.1 dissection in the Kerberos dissector, making more use
of the code in "asn1.c", wrapping more operations up in macros, and
doing some more type checking.

Use "REP" rather than "RESP" in names and strings; "REP" is what the
Kerberos spec uses.

Make the routines in the Kerberos dissector not used outside that
dissector static.

Fix some problems with the dissection of strings in the Kerberos
dissector (it was extracting the data from the wrong place in the

In Kerberos V5, the "kvno" item in the EncryptedData type is optional;
treat it as such.

Treat integers as unsigned in the Kerberos dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2777 f5534014-38df-0310-8fa8-9805f1628bb7

19 years agoReport the holding time of a CLNP packet, in seconds, as seconds plus
guy [Sat, 23 Dec 2000 23:06:50 +0000 (23:06 +0000)]
Report the holding time of a CLNP packet, in seconds, as seconds plus
fractions of a second (the resolution is 1/2 second).

In the bitfield breakdown of the flags/type field of a CLNP PDU, report
the PDU type as a name rather than as an abbreviation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2776 f5534014-38df-0310-8fa8-9805f1628bb7