16 years agoAdd more information to the WTP protocol summary (PDU type and PDU specific
obiot [Sun, 4 Jan 2004 22:02:16 +0000 (22:02 +0000)]
Add more information to the WTP protocol summary (PDU type and PDU specific
important parameters).

Document the computation of the length field in WTP concatenation after having
looked at a capture with the length field encoded as a WSP uintvar-integer.

Use "common code" for WTP reassembly, by calling process_reassembled_data().
Document the behavior of reassembly as the output of Ethereal differs between
the first and the second pass.

Question: shoud the common reassembly code provide a call-back mechanism to
get access to previously-unreassembled packets that appear to be part of a
reassembled whole, and to be able to update the state and information of
those packets at the time of the reassembly?

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9547 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Shiang-Ming Huang: bug fix.
guy [Sun, 4 Jan 2004 20:44:50 +0000 (20:44 +0000)]
From Shiang-Ming Huang: bug fix.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9546 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMove a comment to the appropriate location, and put in another comment
guy [Sun, 4 Jan 2004 20:42:44 +0000 (20:42 +0000)]
Move a comment to the appropriate location, and put in another comment
about problems with handling replies.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9545 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMove "XConvertCase()" from a header file to "packet-x11.c".
guy [Sun, 4 Jan 2004 10:57:18 +0000 (10:57 +0000)]
Move "XConvertCase()" from a header file to "packet-x11.c".

Handle the failure reply from the initial connection request.

"proto_item_append_text()" accepts "printf"-like formats; we don't need
to generate a string with a formatting routine and hand it to
"proto_item_append_text()", so don't do so.

When doing reassembly, the length that should be checked is the length
remaining in the tvbuff, not the length remaining in the packet, and
that length should be fetched with "tvb_ensure_length_remaining()" so
that if we *do* go past the end of the tvbuff we throw the appropriate

To determine whether a reply is a reply to the initial connection, check
the connection state and "initial connection reply" frame - don't check
the first byte of the message unless we've determined that the message
isn't an initial connection reply (the first byte of the initial
connection reply is the success/failure flag, so it could be 0 or 1).

Display window IDs in hex in replies, as we do in requests.

Fix the masks for Button3, Button4, and Button5 (it's a bitset, not a
button number - more than one mouse button can be down in an event,
although it can be a pain to try to click more than one button at the
same time).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9544 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUser Specified Decodes, since it brings up a dialog box, should be User Specified...
sharpe [Sun, 4 Jan 2004 06:16:57 +0000 (06:16 +0000)]
User Specified Decodes, since it brings up a dialog box, should be User Specified Decodes...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9543 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoJPEG File Interchange Format (JFIF) dissection.
obiot [Sun, 4 Jan 2004 03:01:27 +0000 (03:01 +0000)]
JPEG File Interchange Format (JFIF) dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9542 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support for JFIF (JPEG File Interchange Format) media.
obiot [Sun, 4 Jan 2004 02:59:46 +0000 (02:59 +0000)]
Add support for JFIF (JPEG File Interchange Format) media.

The JFIF dissector processes everything up to the start of scan as the data
thereafter is encoded and I didn't have the time to figure out how it is :)

TODO: fix the WTP dissector so it doesn't hand off unreassembled data to WSP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9541 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix the multipart dissection in WSP so media embedded in a multipart entity
obiot [Sun, 4 Jan 2004 02:55:03 +0000 (02:55 +0000)]
Fix the multipart dissection in WSP so media embedded in a multipart entity
gets handed off to subdissectors. However nested multipart entities are not
supported yet.

Add more information to the WSP protocol summary line.

Add some more clarifications (comments) in the WSP code.

Skip parsing of URL encoded data if tree is NULL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9540 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoA missing piece of Tadaaki Nagao's patches to add a global "disabled
guy [Sun, 4 Jan 2004 02:24:58 +0000 (02:24 +0000)]
A missing piece of Tadaaki Nagao's patches to add a global "disabled
protocols" file.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9539 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoApply the patches from Tadaaki Nagao for a global version of disabled
sharpe [Sat, 3 Jan 2004 18:40:08 +0000 (18:40 +0000)]
Apply the patches from Tadaaki Nagao for a global version of disabled
protocols ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9538 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake Analyze/Statistics have an accelerator of Alt+A S and move
sharpe [Sat, 3 Jan 2004 18:05:57 +0000 (18:05 +0000)]
Make Analyze/Statistics have an accelerator of Alt+A S and move
Analyze/Summary to Alt+A Y.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9537 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoWarning fix: Mark a parameter as unused
jmayer [Sat, 3 Jan 2004 14:08:57 +0000 (14:08 +0000)]
Warning fix: Mark a parameter as unused

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9536 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake XConvertCase static to avoid a warning at link time.
tuexen [Sat, 3 Jan 2004 13:03:02 +0000 (13:03 +0000)]
Make XConvertCase static to avoid a warning at link time.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9535 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix an incorrect filterable field name.
obiot [Sat, 3 Jan 2004 12:43:51 +0000 (12:43 +0000)]
Fix an incorrect filterable field name.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9534 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAt least with some versions of GCC, the __attribute__((unused)) stuff
guy [Sat, 3 Jan 2004 05:14:08 +0000 (05:14 +0000)]
At least with some versions of GCC, the __attribute__((unused)) stuff
has to come *after* the variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9533 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMark arguments as unused.
guy [Sat, 3 Jan 2004 05:13:12 +0000 (05:13 +0000)]
Mark arguments as unused.

Clean up indentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9532 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoHave "dissect_xdlc_control()" take a pointer to a structure containing
guy [Sat, 3 Jan 2004 03:51:27 +0000 (03:51 +0000)]
Have "dissect_xdlc_control()" take a pointer to a structure containing
pointers to hf_ values, so the subfields of the control field are put
into the protocol tree as filterable items.  Change the protocols that
use it appropriately.

Export "dissect_xdlc_control()" to plugins.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9531 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoProcess all the data in the packet, regardless of whether it's captured
guy [Sat, 3 Jan 2004 03:43:20 +0000 (03:43 +0000)]
Process all the data in the packet, regardless of whether it's captured
or not.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9530 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDeal with some weird ISMP packets that have 0x42 0x42 0x03 in front of
guy [Sat, 3 Jan 2004 03:37:26 +0000 (03:37 +0000)]
Deal with some weird ISMP packets that have 0x42 0x42 0x03 in front of
the payload (are they some kind of weird 802.2 header?  0x42 is the SAP
for IEEE 802.1d Spanning Tree BPDUs).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9529 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix a comment.
guy [Fri, 2 Jan 2004 23:44:20 +0000 (23:44 +0000)]
Fix a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9528 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agohide save dialog, while saving
ulfl [Fri, 2 Jan 2004 21:48:24 +0000 (21:48 +0000)]
hide save dialog, while saving

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9527 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agobugfix: init progbar to NULL at the right place
ulfl [Fri, 2 Jan 2004 21:47:06 +0000 (21:47 +0000)]
bugfix: init progbar to NULL at the right place

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9526 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoadded a progressbar, when saving a large capture file
ulfl [Fri, 2 Jan 2004 21:01:40 +0000 (21:01 +0000)]
added a progressbar, when saving a large capture file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9525 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agorecent files: make submenu insensitive if empty and
ulfl [Fri, 2 Jan 2004 17:27:00 +0000 (17:27 +0000)]
recent files: make submenu insensitive if empty and
add a menu item to clear the list

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9524 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Didier: don't update the progress bar more often than every 100ms
ulfl [Fri, 2 Jan 2004 13:38:22 +0000 (13:38 +0000)]
From Didier: don't update the progress bar more often than every 100ms

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9523 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Didier: don't update the progress bar more often than every 100ms
ulfl [Fri, 2 Jan 2004 13:27:00 +0000 (13:27 +0000)]
From Didier: don't update the progress bar more often than every 100ms

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9522 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Shuldman: enhanced X11 support.
obiot [Fri, 2 Jan 2004 12:57:26 +0000 (12:57 +0000)]
From Michael Shuldman: enhanced X11 support.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9521 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Michael Shuldman:
obiot [Fri, 2 Jan 2004 12:52:45 +0000 (12:52 +0000)]
From Michael Shuldman:

Add support for parsing some X11 replies and events (and
the framework for handling X11 errors it looks like) to the
existing X11 code, which parses X11 requests.

It parses what is the most difficult part of the replies/events,
they Keycode stuff by parsing the Keyboardmapping replies and etc,
and then KeyPress, KeyRelease events and some related stuff (used
for a specific project).

Adding support for parsing the rest of the event/replies should not
be difficult, I think it will mostly consist of going through every
event/reply and add the missing calls for each dataitem i.e.  register
the data, the remaining the eventcodes/replies are pretty
straightforward if I remember correctly.

All events and replies are reported, it's the "detailed" (-V option)
that's missing for most.

The replies, events and errors are listed in the Info column,
and are summarized in the protocol summary line.

Bogus if (tree) { } constructs have also been fixed.

List over other misc. stuff added:
 - handle multiple outstanding requests.
 - add AllocNamedColor to list of requests expecting a reply.
 - body for parsing error replies.
 - each packet can be sent to us multiple times, try to handle that.
 - change request_length display to be what the client actually sends
   for x11_request, not what it means (don't multiply by four).
 - add some more opcodes expecting a reply (gone through all listed
   in the ref. now, so should be complete).
 - use hashtable and sequencenumber for matching reply to request.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9520 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoRevert a small change I made a day or so ago because Guy has captures that
sharpe [Fri, 2 Jan 2004 06:35:45 +0000 (06:35 +0000)]
Revert a small change I made a day or so ago because Guy has captures that
show that the short name can be in ASCII if flags 2 says ASCII.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9519 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Steven Lass: put the request and status lines into the protocol
guy [Fri, 2 Jan 2004 02:03:39 +0000 (02:03 +0000)]
From Steven Lass: put the request and status lines into the protocol
tree as filterable fields.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9518 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoTweak the name of the Coloring Rules dialog box to be more consistent ...
sharpe [Fri, 2 Jan 2004 00:19:59 +0000 (00:19 +0000)]
Tweak the name of the Coloring Rules dialog box to be more consistent ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9517 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake the RTSP packet handling more like the HTTP packet handling.
guy [Thu, 1 Jan 2004 23:36:50 +0000 (23:36 +0000)]
Make the RTSP packet handling more like the HTTP packet handling.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9516 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoClean up the blank line handling a bit.
guy [Thu, 1 Jan 2004 23:34:06 +0000 (23:34 +0000)]
Clean up the blank line handling a bit.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9515 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't show empty media formats.
guy [Thu, 1 Jan 2004 21:47:18 +0000 (21:47 +0000)]
Don't show empty media formats.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9514 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Chris Waters: fix a typo.
guy [Thu, 1 Jan 2004 21:35:49 +0000 (21:35 +0000)]
From Chris Waters: fix a typo.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9513 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support of contains operator in slices.
obiot [Thu, 1 Jan 2004 17:02:56 +0000 (17:02 +0000)]
Add support of contains operator in slices.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9512 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support of contains and matches operators on slices.
obiot [Thu, 1 Jan 2004 16:59:20 +0000 (16:59 +0000)]
Add support of contains and matches operators on slices.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9511 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agolabel texts changed (tip from Richard)
ulfl [Thu, 1 Jan 2004 13:41:09 +0000 (13:41 +0000)]
label texts changed (tip from Richard)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9510 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agorearranged prefs topics
ulfl [Thu, 1 Jan 2004 13:29:16 +0000 (13:29 +0000)]
rearranged prefs topics

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9509 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agomoved recent files pref, as it splits corresponding dir entries
ulfl [Thu, 1 Jan 2004 13:16:40 +0000 (13:16 +0000)]
moved recent files pref, as it splits corresponding dir entries

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9508 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agocomment fixed
ulfl [Thu, 1 Jan 2004 13:10:45 +0000 (13:10 +0000)]
comment fixed

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9507 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agohttp://www.ethereal.com/distribution/win32/development/ has GLib 2.2.3
guy [Wed, 31 Dec 2003 22:17:28 +0000 (22:17 +0000)]
ethereal.com/distribution/win32/development/ has GLib 2.2.3
packages, and a gtk+-1.3.0-20030717.zip package; update the version
numbers accordingly.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9506 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoRemove redundant protocol names from preference values.
guy [Wed, 31 Dec 2003 09:58:56 +0000 (09:58 +0000)]
Remove redundant protocol names from preference values.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9505 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake the tvbuff for SDP lines have the line length as its length and
guy [Wed, 31 Dec 2003 09:47:01 +0000 (09:47 +0000)]
Make the tvbuff for SDP lines have the line length as its length and
reported length, so we show the right error if we go past the end of the

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9504 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIf a packet has a packet number of 0, it's not a fragment if the status
guy [Wed, 31 Dec 2003 01:17:21 +0000 (01:17 +0000)]
If a packet has a packet number of 0, it's not a fragment if the status
is "last buffer".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9503 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFor WTAP_ENCAP_ETHERNET, you have to fill in the "eth.fcs_len" member of
guy [Wed, 31 Dec 2003 01:07:09 +0000 (01:07 +0000)]
For WTAP_ENCAP_ETHERNET, you have to fill in the "eth.fcs_len" member of
the pseudo-header; these captures don't appear to have an FCS in them,
so set that member to 0.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9502 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIn "get_field_data()", check to make sure the field doesn't run past the
guy [Tue, 30 Dec 2003 23:13:32 +0000 (23:13 +0000)]
In "get_field_data()", check to make sure the field doesn't run past the
end of the tvbuff.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9501 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoInclude <string.h> to declare various string manipulation functions.
guy [Tue, 30 Dec 2003 22:48:14 +0000 (22:48 +0000)]
Include <string.h> to declare various string manipulation functions.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9500 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoremoved compilation of packet-slsk
ulfl [Tue, 30 Dec 2003 22:18:03 +0000 (22:18 +0000)]
removed compilation of packet-slsk

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9499 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoadded dick gooris to the list of contributors
ulfl [Tue, 30 Dec 2003 21:55:19 +0000 (21:55 +0000)]
added dick gooris to the list of contributors

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9498 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoRemove unused variable firmware_rev
jmayer [Tue, 30 Dec 2003 19:11:30 +0000 (19:11 +0000)]
Remove unused variable firmware_rev

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9497 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNew protocol: Enterasys Interswitch Message Protocol (ismp) and
jmayer [Tue, 30 Dec 2003 17:14:15 +0000 (17:14 +0000)]
New protocol: Enterasys Interswitch Message Protocol (ismp) and
  edp (Enterasys Discovery Protocol)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9496 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoHeader files proto-ABBREV.h must not exist if there are no functions
obiot [Tue, 30 Dec 2003 15:49:12 +0000 (15:49 +0000)]
Header files proto-ABBREV.h must not exist if there are no functions
to export to other dissectors.

Describe the "if (tree)" construct and its sense by introducing 2 operation
modes of Ethereal:
(a) operational dissection (tree == NULL)
(b) detailed dissection (tree != NULL).

Fix some typos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9495 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoA small fix from Andrew Bartlett. The Short File Name is always in UNICODE.
sharpe [Tue, 30 Dec 2003 04:38:20 +0000 (04:38 +0000)]
A small fix from Andrew Bartlett. The Short File Name is always in UNICODE.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9494 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoClean up the handling of the code that handles the payload a bit; this
guy [Tue, 30 Dec 2003 01:58:17 +0000 (01:58 +0000)]
Clean up the handling of the code that handles the payload a bit; this
also fixes a case where we'd put the same string into the Info column

Put the packet sequence number into the Info column for segmented invoke
and result PDUs, even if we don't try to reassemble them.

Don't put an entry into the protocol tree for the payload if there isn't
any payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9493 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agominor changes and a small bugfix
ulfl [Tue, 30 Dec 2003 01:19:02 +0000 (01:19 +0000)]
minor changes and a small bugfix

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9492 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdate another URL and other stuff in that comment.
guy [Tue, 30 Dec 2003 00:22:38 +0000 (00:22 +0000)]
Update another URL and other stuff in that comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9491 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoUpdate a URL.
guy [Tue, 30 Dec 2003 00:19:18 +0000 (00:19 +0000)]
Update a URL.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9490 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoExport a "dissect_tcp_payload()" routine from the TCP dissector, for use
guy [Tue, 30 Dec 2003 00:03:48 +0000 (00:03 +0000)]
Export a "dissect_tcp_payload()" routine from the TCP dissector, for use
by pass-through proxying dissectors such as the SOCKS dissector; it does
the work of processing a TCP segment, including desegmentation.  Export
the "next sequence number" value to subdissectors, so they can use it
when calling "dissect_tcp_payload()".

Use that in the SOCKS dissector.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9489 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd a "saved_can_desegment" field to the "packet_info" structure, so
guy [Mon, 29 Dec 2003 22:44:50 +0000 (22:44 +0000)]
Add a "saved_can_desegment" field to the "packet_info" structure, so
that dissectors for pass-through proxying protocols such as SOCKS can
allow the subdissectors they call to ask that desegmentation be done.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9488 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNothing in "range.c" is GTK+-specific, so move it to the top-level
guy [Mon, 29 Dec 2003 22:43:33 +0000 (22:43 +0000)]
Nothing in "range.c" is GTK+-specific, so move it to the top-level

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9487 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom RFC 2616: "Field names are case-insensitive." Use
guy [Mon, 29 Dec 2003 22:33:18 +0000 (22:33 +0000)]
From RFC 2616: "Field names are case-insensitive."  Use
"tvb_strncaseeql()", not "tvb_strneql()", to check for

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9486 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDelete the generated files only during maintainerclean
jmayer [Mon, 29 Dec 2003 21:39:10 +0000 (21:39 +0000)]
Delete the generated files only during maintainerclean

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9485 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agorange.h moved from gtk to .
jmayer [Mon, 29 Dec 2003 21:18:12 +0000 (21:18 +0000)]
range.h moved from gtk to .

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9484 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoremoved a GTK2 warning
ulfl [Mon, 29 Dec 2003 21:04:47 +0000 (21:04 +0000)]
removed a GTK2 warning

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9483 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoremoved a GTK2 warning
ulfl [Mon, 29 Dec 2003 20:53:39 +0000 (20:53 +0000)]
removed a GTK2 warning

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9482 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoGive it an RCS ID and copyright notice.
guy [Mon, 29 Dec 2003 20:46:12 +0000 (20:46 +0000)]
Give it an RCS ID and copyright notice.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9481 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoGet rid of an unused variable.
guy [Mon, 29 Dec 2003 20:41:37 +0000 (20:41 +0000)]
Get rid of an unused variable.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9480 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoGive it an RCS ID.
guy [Mon, 29 Dec 2003 20:40:44 +0000 (20:40 +0000)]
Give it an RCS ID.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9479 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd an RCS ID.
guy [Mon, 29 Dec 2003 20:40:02 +0000 (20:40 +0000)]
Add an RCS ID.

Include <ctype.h> to declare "isdigit()".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9478 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd a missing backslash for the EXTRA_DIST files.
gram [Mon, 29 Dec 2003 20:11:42 +0000 (20:11 +0000)]
Add a missing backslash for the EXTRA_DIST files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9477 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Dick Gooris (and me :-)
ulfl [Mon, 29 Dec 2003 20:05:59 +0000 (20:05 +0000)]
From Dick Gooris (and me :-)
more ways to choose which packets can be saved,
in the save(as) dialog box

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9476 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake the "max count of recently-visited files" preference unsigned.
guy [Mon, 29 Dec 2003 19:59:05 +0000 (19:59 +0000)]
Make the "max count of recently-visited files" preference unsigned.

Get rid of an unused variable.

Fix up whitespace.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9475 f5534014-38df-0310-8fa8-9805f1628bb7

16 years ago"hex_str_to_bytes()" modifies the GByteArray supplied to it, so don't
guy [Mon, 29 Dec 2003 19:53:52 +0000 (19:53 +0000)]
"hex_str_to_bytes()" modifies the GByteArray supplied to it, so don't
mark it as "const".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9474 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake sure the "we're in the middle of dissecting SOCKS" flag gets
guy [Mon, 29 Dec 2003 19:05:40 +0000 (19:05 +0000)]
Make sure the "we're in the middle of dissecting SOCKS" flag gets
cleared even if we throw an exception when dissecting the payload.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9473 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd support for NetWare's serialization protocol.
guy [Mon, 29 Dec 2003 19:04:05 +0000 (19:04 +0000)]
Add support for NetWare's serialization protocol.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9472 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoPull most of bytes_from_unparsed() into a new routine,
gerald [Mon, 29 Dec 2003 04:07:06 +0000 (04:07 +0000)]
Pull most of bytes_from_unparsed() into a new routine,
hex_str_to_bytes().  Use the new routine to initialize any WEP keys we
have defined.  This has the side effect of fixing an overflow if the user
entered a long WEP key.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9471 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoOK, now I have added the preference for recent_files_count_max, and we can
sharpe [Mon, 29 Dec 2003 00:48:56 +0000 (00:48 +0000)]
OK, now I have added the preference for recent_files_count_max, and we can
set the value and so on. We put the value in the text field before it is
displayed, and so on ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9470 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Niels Koot: support TCAP over SUA.
guy [Mon, 29 Dec 2003 00:41:07 +0000 (00:41 +0000)]
From Niels Koot: support TCAP over SUA.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9469 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFrom Neils Koot:
guy [Mon, 29 Dec 2003 00:36:12 +0000 (00:36 +0000)]
From Neils Koot:

add the ability to read Ethernet captures;

add the ability to read hex-only dumps.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9468 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoMake all the byte arrays for writing out stuff "guint8" rather than
guy [Mon, 29 Dec 2003 00:25:39 +0000 (00:25 +0000)]
Make all the byte arrays for writing out stuff "guint8" rather than
"gint8" - there's no reason for them to be signed, and making them
signed can cause compiler warnings if a value won't fit in 8 bits if

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9467 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAt least as I read the Teredo draft, the nonce value is just an opaque
guy [Mon, 29 Dec 2003 00:19:00 +0000 (00:19 +0000)]
At least as I read the Teredo draft, the nonce value is just an opaque
8-byte value.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9466 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIn calls to "dcerpc_init_uuid()" only the *major* version number of the
guy [Sun, 28 Dec 2003 23:50:31 +0000 (23:50 +0000)]
In calls to "dcerpc_init_uuid()" only the *major* version number of the
interface is supplied; by virtue of 1.1 being truncated to 1, and by
virtue of the putative major and minor version numbers in 1.1 both being
1, a version number initialized to 1.1 presumably happened to work for
RPRIV and RS_REPADM, but we might as well do it right.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9465 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd more code to handle the recent_files_count_max as a preference ...
sharpe [Sun, 28 Dec 2003 23:20:08 +0000 (23:20 +0000)]
Add more code to handle the recent_files_count_max as a preference ...
Here we can read and write it from and to the preferences file. I only have
to add code to allow it to be set in the Edit->Preferences area,

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9464 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoConnect the recent_file_count_max variable to the prefs.gui_recent_file_count_max...
sharpe [Sun, 28 Dec 2003 21:10:26 +0000 (21:10 +0000)]
Connect the recent_file_count_max variable to the prefs.gui_recent_file_count_max variable entry, and fix a small spelling/grammar mistake.

Now all we need is some enterprising individual to write the small amount of
preferences code to actually allow it to be changed etc, but I have to go to
Costco, so, later...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9463 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoAdd a preferences item for the recent file count max so we can tie it to
sharpe [Sun, 28 Dec 2003 20:36:59 +0000 (20:36 +0000)]
Add a preferences item for the recent file count max so we can tie it to
the edit preferences dialog box and then use it in the code that handles
recent files.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9462 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoall libs now relative to a base dir, use compiler warning level 2
ulfl [Sun, 28 Dec 2003 18:31:14 +0000 (18:31 +0000)]
all libs now relative to a base dir, use compiler warning level 2

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9461 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoremoved some MSVC warnings (warning level 2)
ulfl [Sun, 28 Dec 2003 12:50:42 +0000 (12:50 +0000)]
removed some MSVC warnings (warning level 2)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9460 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoremoved some MSVC warnings (warning level 2)
ulfl [Sun, 28 Dec 2003 12:43:40 +0000 (12:43 +0000)]
removed some MSVC warnings (warning level 2)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9459 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoIf we've seen an HTTP request or response or header line, and the line
guy [Sun, 28 Dec 2003 08:39:10 +0000 (08:39 +0000)]
If we've seen an HTTP request or response or header line, and the line
we're looking at looks as if it could be the beginning of a header line
but stops at the end of the tvbuff before we see the colon for the
header line, throw an exception rather than treating it as "not HTTP".

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9458 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoProperly handle 1xx, 204, and 304 responses, which don't contain a
guy [Sat, 27 Dec 2003 18:45:48 +0000 (18:45 +0000)]
Properly handle 1xx, 204, and 304 responses, which don't contain a
message body.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9457 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoadded/changed some comments
ulfl [Sat, 27 Dec 2003 13:19:06 +0000 (13:19 +0000)]
added/changed some comments

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9456 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoFix some comments.
guy [Sat, 27 Dec 2003 08:35:08 +0000 (08:35 +0000)]
Fix some comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9455 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't create a protocol tree entry for the body of an NDMP request or
guy [Sat, 27 Dec 2003 04:01:17 +0000 (04:01 +0000)]
Don't create a protocol tree entry for the body of an NDMP request or
reply if there isn't a body, just a header, so that we don't throw an
exception and mark the frame as malformed if the request or reply isn't
supposed to have a body.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9454 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoThere might not be any AFS payload in an AFS reply; for fields in the
guy [Sat, 27 Dec 2003 03:45:45 +0000 (03:45 +0000)]
There might not be any AFS payload in an AFS reply; for fields in the
reply that don't come from the packet, use an offset and length of 0, so
that we don't throw an exception if the purported data at that offset
with that length doesn't exist.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9453 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoDon't defragment packets that aren't fragmented.
guy [Sat, 27 Dec 2003 02:17:22 +0000 (02:17 +0000)]
Don't defragment packets that aren't fragmented.

Note that we've seen weird sequence numbers for login packets.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9452 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoNote that this is another client for reassembly using connection
guy [Sat, 27 Dec 2003 02:01:13 +0000 (02:01 +0000)]
Note that this is another client for reassembly using connection
sequence numbers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9451 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoWhen testing the first line of HTTP data, process what data we have -
guy [Sat, 27 Dec 2003 01:42:56 +0000 (01:42 +0000)]
When testing the first line of HTTP data, process what data we have -
don't give up if we don't have the full line.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9450 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoCheck that the length of an AVP is >= 6, not just that it's non-zero.
guy [Fri, 26 Dec 2003 23:33:25 +0000 (23:33 +0000)]
Check that the length of an AVP is >= 6, not just that it's non-zero.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9449 f5534014-38df-0310-8fa8-9805f1628bb7

16 years agoconditionally use modern UI for NSIS installer
ulfl [Fri, 26 Dec 2003 12:27:47 +0000 (12:27 +0000)]
conditionally use modern UI for NSIS installer

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9448 f5534014-38df-0310-8fa8-9805f1628bb7