obnox/wireshark/wip.git
8 years agoUpdate the AUTHORS file
etxrab [Wed, 5 Jan 2011 07:27:41 +0000 (07:27 +0000)]
Update the AUTHORS file

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35371 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Francesco Fondelli:
etxrab [Wed, 5 Jan 2011 07:16:09 +0000 (07:16 +0000)]
From Francesco Fondelli:
RSVP: support for Vendor Private objects, RFC 3936
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5468

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35370 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoPut end-of-field-table checks back into dissect_amqp_field_table().
guy [Wed, 5 Jan 2011 06:11:10 +0000 (06:11 +0000)]
Put end-of-field-table checks back into dissect_amqp_field_table().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35369 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUse reported length (instead of the captured length) when dissecting error
morriss [Wed, 5 Jan 2011 03:40:02 +0000 (03:40 +0000)]
Use reported length (instead of the captured length) when dissecting error
causes (should have been in rev 35366).

When generating TVB subsets, limit the subset's backing and reported lengths to
the (captured) TVB length and the reported TVB length, respectively.

This allows us to dissect most of the packet in
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5546
before asserting out.

It also yields similar better behavior when the capture is limited by a
snapshot length.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35368 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoReverse r34810 other than the comment because the re-ordering of dns_types[]
sfisher [Wed, 5 Jan 2011 00:48:40 +0000 (00:48 +0000)]
Reverse r34810 other than the comment because the re-ordering of dns_types[]
caused the numbering to no longer be lined up so the "SRV" record (#33) type
T_SRV was being given the description "EID" instead of "Service Location"

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35367 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWhen generating a tvb subset for chunks, parameters, and error causes, set the:
morriss [Tue, 4 Jan 2011 23:07:32 +0000 (23:07 +0000)]
When generating a tvb subset for chunks, parameters, and error causes, set the:
 - "reported length" to be minimum of the entity's length (taken from the
   packet) or the reported length of the TVB.
 - "backing length" to be the minimum of the reported length (above) or the
   (captured) length of the TVB.

This prevents tvb_new_subset() from generating an exception if the entity's
length (in the packet) is bogus (bigger than what's in the TVB) which allows
dissection to continue to a point where we can show the user what the problem
is.

When dissecting chunks, add an expert info if the item's length is bigger than
what was on the wire (the reported length).  (The same could also be done for
parameters and error causes.)

This makes captures like that in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5546
easier to understand.

It also starts getting this dissector using the reported length instead of the
(captured) TVB length (there's more to be done with other tvb subsets).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35366 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDrop Python dissectors directory flag from programs that don't have dissectors.
jake [Tue, 4 Jan 2011 22:12:25 +0000 (22:12 +0000)]
Drop Python dissectors directory flag from programs that don't have dissectors.
Win32: remove superfluous dumpcap build dependancy on wiretap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35365 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoCheck hf entries *after* removing comments (in case there are commented-out entries).
morriss [Tue, 4 Jan 2011 18:48:26 +0000 (18:48 +0000)]
Check hf entries *after* removing comments (in case there are commented-out entries).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35364 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDetect (and error on) NULL or empty abbreviations. Wireshark aborts on the former...
morriss [Tue, 4 Jan 2011 18:43:24 +0000 (18:43 +0000)]
Detect (and error on) NULL or empty abbreviations.  Wireshark aborts on the former and warns on the latter.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35363 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGive a couple of fields abbreviations.
morriss [Tue, 4 Jan 2011 18:41:25 +0000 (18:41 +0000)]
Give a couple of fields abbreviations.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35362 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMaeke use of dissect_e212_mcc_mnc_ep_str().
etxrab [Tue, 4 Jan 2011 16:58:55 +0000 (16:58 +0000)]
Maeke use of dissect_e212_mcc_mnc_ep_str().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35361 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIntroduce dissect_e212_mcc_mnc_ep_str()
etxrab [Tue, 4 Jan 2011 16:58:07 +0000 (16:58 +0000)]
Introduce dissect_e212_mcc_mnc_ep_str()

Which can be useful to make nice lables like:
+ Serving Network : MCC 311 United States of America, MNC 28

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35360 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Alexis La Goutte via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5544 :
morriss [Tue, 4 Jan 2011 15:39:12 +0000 (15:39 +0000)]
From Alexis La Goutte via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5544 :

Include the packet-ipv6.h changes too.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35359 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix build.
etxrab [Tue, 4 Jan 2011 08:45:03 +0000 (08:45 +0000)]
Fix build.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35358 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDon't use DISSECTOR_ASSERT() to catch malformed packets. Fixes bug
guy [Tue, 4 Jan 2011 08:04:27 +0000 (08:04 +0000)]
Don't use DISSECTOR_ASSERT() to catch malformed packets.  Fixes bug
4048.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35357 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoInstead of going over the Report segment twice, once to get the fields
guy [Tue, 4 Jan 2011 07:48:28 +0000 (07:48 +0000)]
Instead of going over the Report segment twice, once to get the fields
in the segment and once to put them into the protocol tree, just do it
once.  That also means we don't need to allocate an array for all the
reception claims, so we don't have to worry about the claim count (other
than making sure it's non-negative), and that we won't abort the
dissection until we run past the end of the packet.

(The rest of the dissector should be changed to work that way as well.)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35356 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Alexis La Goutte:
jake [Tue, 4 Jan 2011 07:44:39 +0000 (07:44 +0000)]
From Alexis La Goutte:
A Patch to enchance the ICMPv6 Router Renumbering for IPv6 (RFC 2894) Dissector
- Make RR field filterable
- Add RR Result Message
- ...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35355 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd more info to the tree.
etxrab [Tue, 4 Jan 2011 07:14:11 +0000 (07:14 +0000)]
Add more info to the tree.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35354 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFree dumpcap from linking to wiretap.
jake [Tue, 4 Jan 2011 07:06:01 +0000 (07:06 +0000)]
Free dumpcap from linking to wiretap.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35353 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoPrettify dissection of User Location Info (ULI). (Complete)
etxrab [Mon, 3 Jan 2011 23:21:49 +0000 (23:21 +0000)]
Prettify dissection of User Location Info (ULI). (Complete)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35352 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoPrettify dissection of User Location Info (ULI).
etxrab [Mon, 3 Jan 2011 22:13:11 +0000 (22:13 +0000)]
Prettify dissection of User Location Info (ULI).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35351 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Hadar Shoham:
jake [Mon, 3 Jan 2011 21:40:03 +0000 (21:40 +0000)]
From Hadar Shoham:
Add support to EuroCableLabs at bootp opt 60 sub 23.
according to PKT-SP-PROV1.5-I04-090624, paragraph 10.23 Device MIB Support:
type 2 is indicating EuroCableLabs.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35350 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoState in the developer documentation that the tvb_fake_unicode() and
sfisher [Mon, 3 Jan 2011 19:37:13 +0000 (19:37 +0000)]
State in the developer documentation that the tvb_fake_unicode() and
tvb_get_ephemeral_fake_unicode() functions have been superceded by
tvb_get_unicode_string() and tvb_get_ephemeral_unicode_string() respectivey.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35349 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRemove the other use of tvb_fake_unicode() from the DCE/RPC dissector and
sfisher [Mon, 3 Jan 2011 19:28:52 +0000 (19:28 +0000)]
Remove the other use of tvb_fake_unicode() from the DCE/RPC dissector and
replace it with tvb_get_unicode_string().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35348 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix (or at least quiet Valgrind about) https://bugs.wireshark.org/bugzilla/show_bug...
morriss [Mon, 3 Jan 2011 18:48:29 +0000 (18:48 +0000)]
Fix (or at least quiet Valgrind about) https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5542 :

Always initialize *all* the outputs of get_sdp_type().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35347 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoSwitch one of the places in the DCERPC dissector from using
sfisher [Mon, 3 Jan 2011 18:33:58 +0000 (18:33 +0000)]
Switch one of the places in the DCERPC dissector from using
tvb_fake_unicode() to tvb_get_unicode_string().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35346 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDocument new tvb_get_unicode_string() and tvb_get_ephemeral_string()
sfisher [Mon, 3 Jan 2011 18:33:02 +0000 (18:33 +0000)]
Document new tvb_get_unicode_string() and tvb_get_ephemeral_string()
functions.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35345 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIntroduce two new functions for Unicode (UTF-16) string handling:
sfisher [Mon, 3 Jan 2011 18:29:29 +0000 (18:29 +0000)]
Introduce two new functions for Unicode (UTF-16) string handling:

tvb_get_unicode_string()
tvb_get_ephemeral_unicode_string()

These function like their counterparts, tvb_get_string and
tvb_get_epemeral_string, for standard strings.

Also update comment on what the first such function,
tvb_get_ephemeral_unicode_stringz does regarding updating lengthp.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35344 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoPartially fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5542 :
morriss [Mon, 3 Jan 2011 17:55:23 +0000 (17:55 +0000)]
Partially fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5542 :

Fix one of the "Conditional jump or move depends on uninitialised value(s)"
errors from Valgrind: always initialize *val in get_sdp_type().

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35343 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5537 :
morriss [Mon, 3 Jan 2011 17:37:41 +0000 (17:37 +0000)]
Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5537 :

Don't go modifying the bitstring if its length is 0 (meaning that there is only
the NULL terminator).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35342 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMark unused parameters as such.
etxrab [Mon, 3 Jan 2011 17:32:15 +0000 (17:32 +0000)]
Mark unused parameters as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35341 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoMark unused parameters as such.
etxrab [Mon, 3 Jan 2011 17:30:35 +0000 (17:30 +0000)]
Mark unused parameters as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35340 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoComment out a faulty line.
etxrab [Mon, 3 Jan 2011 17:26:12 +0000 (17:26 +0000)]
Comment out a faulty line.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35339 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoEnhance IE dissection and a number of bug fixes.
etxrab [Mon, 3 Jan 2011 17:22:02 +0000 (17:22 +0000)]
Enhance IE dissection and a number of bug fixes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35338 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWe must always return an error code on an error; otherwise, our caller
guy [Mon, 3 Jan 2011 09:17:20 +0000 (09:17 +0000)]
We must always return an error code on an error; otherwise, our caller
will see random crap as the error code.

However, if we're skipping a "TCPIPTRACE-W-BUFFERSFUL" error, if the
"error" we get is an end-of-file indication, that's *not* an error.

It is, however, ultimately a "we dropped some packets" indication; add a
comment noting that we should eventually treat it as such.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35337 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoPut the query list items under the top-level query list item (which
guy [Mon, 3 Jan 2011 08:31:45 +0000 (08:31 +0000)]
Put the query list items under the top-level query list item (which
should've been done in the previous checkin).

Display the "request type" field in a Read Partition request correctly
(only the upper 2 bits matter, and they're an enumerated value).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35336 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIf we have no value to dissect, because the AVP has the wrong length for
guy [Mon, 3 Jan 2011 08:21:35 +0000 (08:21 +0000)]
If we have no value to dissect, because the AVP has the wrong length for
the value's type, return NULL as the label, rather than returning an
uninitialized value as the label.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35335 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd relevant docbook tags in the source.
jake [Mon, 3 Jan 2011 07:41:33 +0000 (07:41 +0000)]
Add relevant docbook tags in the source.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35334 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoInclude dumpcap in the description.
jake [Mon, 3 Jan 2011 07:40:21 +0000 (07:40 +0000)]
Include dumpcap in the description.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35333 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoDo length checking for Integer32, Integer64, Unsigned64, Float32, and
guy [Mon, 3 Jan 2011 03:30:20 +0000 (03:30 +0000)]
Do length checking for Integer32, Integer64, Unsigned64, Float32, and
Float64, as well as for Unsigned32.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35332 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoNote that this is ultimately not necessarily the right fix.
guy [Sun, 2 Jan 2011 21:49:00 +0000 (21:49 +0000)]
Note that this is ultimately not necessarily the right fix.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35331 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFor those cases where we interpret the contents of an OCTET STRING,
guy [Sun, 2 Jan 2011 21:27:57 +0000 (21:27 +0000)]
For those cases where we interpret the contents of an OCTET STRING,
which could be of arbitrary length - even if it's not supposed to be! -
as a value of some other type, by adding them as a registered field,
first check to make sure the length of the field is appropriate for the
type and, if not, show a dissection error, rather than showing a
dissector-bug assertion when we call proto_tree_add_item().

This fixes a bunch of dissector-bug assertions that show up with
malformed BER-encoded packets.

Also, fix a typo, and expand a comment.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35330 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix indentation.
guy [Sun, 2 Jan 2011 19:53:48 +0000 (19:53 +0000)]
Fix indentation.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35329 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix some cut-and-pasteos and other typoes.
guy [Sun, 2 Jan 2011 19:39:24 +0000 (19:39 +0000)]
Fix some cut-and-pasteos and other typoes.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35328 f5534014-38df-0310-8fa8-9805f1628bb7

8 years ago[Automatic manuf, services and enterprise-numbers update for 2011-01-02]
gerald [Sun, 2 Jan 2011 16:03:26 +0000 (16:03 +0000)]
[Automatic manuf, services and enterprise-numbers update for 2011-01-02]

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35325 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd missing packet-btsdp.h
krj [Sun, 2 Jan 2011 08:29:33 +0000 (08:29 +0000)]
Add missing packet-btsdp.h

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35324 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Allan M. Madsen via. bug 5445:
krj [Sun, 2 Jan 2011 08:13:40 +0000 (08:13 +0000)]
From Allan M. Madsen via. bug 5445:

Bluetooth profiles and protocols above RFCOMM and L2CAP can not be dissected correctly because the required information (server channel and dynamic PSM value mappings to services/profiles) about the type of data carried in the payload is not available. RFCOMM is currently hardcoded to handoff all payload data to the obex dissector though it may carry e.g. handsfree, dial-up networking or serial port profile related data.

The patch consists of modifcations to the following dissectors:

btsdp: Extraction of RFCOMM server channel and L2CAP dynamic PSM with service mapping is provided to RFCOMM and L2CAP through a tap interface. In addition, the packet list info is beautyfied and extended with more details for better
overview.

btl2cap: Adds a new dissector table with services and dynamic PSM mapping which is filled by a tap listner catching the info from btsdp. More info added to packet list.

btrfcomm: Adds a new dissector table with services and server channel mapping which is filled by a tap listner catching the info from btsdp. Dissectors for handsfree, dial-up netorking and serial port profiles (all based on RFCOMM) are also added.

btobex: Registers several obex based profiles (e.g. obex push, file transfer, basic printing etc.) in both RFCOMM and L2CAP. Some cleanup.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35323 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoNew Year.
stig [Sat, 1 Jan 2011 12:23:21 +0000 (12:23 +0000)]
New Year.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35322 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd packet-json.c
krj [Sat, 1 Jan 2011 09:42:12 +0000 (09:42 +0000)]
Add packet-json.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35321 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdate some URLs, add another spec.
guy [Fri, 31 Dec 2010 23:30:38 +0000 (23:30 +0000)]
Update some URLs, add another spec.

At least for one of the DOCSIS suboptions, do length checking.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35320 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoA Query List has more than one has multiple QCODEs; you cannot handle
guy [Fri, 31 Dec 2010 22:28:57 +0000 (22:28 +0000)]
A Query List has more than one has multiple QCODEs; you cannot handle
that by doing the entire list as a single FT_UINT8 field, you must
handle each QCODE, in a loop, as that field.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35319 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom FRAsse via bug 5539:
gerald [Fri, 31 Dec 2010 22:24:06 +0000 (22:24 +0000)]
From FRAsse via bug 5539:

There's a buffer overflow in ENTTEC DMX Data RLE, leading to crashes and
potential code execution.

From me: ep_allocate our buffers.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35318 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Jakub Zawadzki via bug 4753: New dissector: JSON, w/minor changes by me:
cmaynard [Fri, 31 Dec 2010 18:03:23 +0000 (18:03 +0000)]
From Jakub Zawadzki via bug 4753: New dissector: JSON, w/minor changes by me:
1) Add links to RFC 4627 and the json.org web site.
2) Comment out hf_json_member_key to keep tools/checkhf.pl happy.
3) Avoid duplicate (application/json) from being displayed in Info column.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35317 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoWhops, packet-sgsap.c is not ASN1.
stig [Fri, 31 Dec 2010 16:25:53 +0000 (16:25 +0000)]
Whops, packet-sgsap.c is not ASN1.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35316 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdded missing packet-sgsap.c
stig [Fri, 31 Dec 2010 16:24:24 +0000 (16:24 +0000)]
Added missing packet-sgsap.c

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35315 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd current list of ROHC profile names, taken from:
martinm [Fri, 31 Dec 2010 00:24:50 +0000 (00:24 +0000)]
Add current list of ROHC profile names, taken from:
http://www.iana.org/assignments/rohc-pro-ids/rohc-pro-ids.txt

As raised by bug 5536, we now at least show which profile is present.
Supporting all of the specific message types is another matter...

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35314 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIt's not a good idea to use tcph->th_seglen if you haven't set it.
guy [Fri, 31 Dec 2010 00:02:54 +0000 (00:02 +0000)]
It's not a good idea to use tcph->th_seglen if you haven't set it.

Fixes bug 4211.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35313 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdate the export dialog screen shots.
gerald [Thu, 30 Dec 2010 20:22:42 +0000 (20:22 +0000)]
Update the export dialog screen shots.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35312 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoCorrected comment for col_custom_occurrence.
stig [Thu, 30 Dec 2010 20:16:33 +0000 (20:16 +0000)]
Corrected comment for col_custom_occurrence.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35311 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoOnly chop the last character (new line) from the error message.
stig [Thu, 30 Dec 2010 20:15:55 +0000 (20:15 +0000)]
Only chop the last character (new line) from the error message.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35310 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix checkAPI.
gerald [Thu, 30 Dec 2010 19:52:24 +0000 (19:52 +0000)]
Fix checkAPI.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35309 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoExtend a comment
etxrab [Thu, 30 Dec 2010 14:10:35 +0000 (14:10 +0000)]
Extend a comment

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35308 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoExtend IE dissetcion.
etxrab [Thu, 30 Dec 2010 14:09:09 +0000 (14:09 +0000)]
Extend IE dissetcion.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35307 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoClarify that "don't make changes here" refers to the copy of Pidl, not
guy [Thu, 30 Dec 2010 03:22:45 +0000 (03:22 +0000)]
Clarify that "don't make changes here" refers to the copy of Pidl, not
to the .cnf files (or perhaps even the .idl files).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35306 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoOK, I found a URL that will get you to the CPAN page for Yapp without
guy [Thu, 30 Dec 2010 03:13:37 +0000 (03:13 +0000)]
OK, I found a URL that will get you to the CPAN page for Yapp without
embedding a version number.  Use it.

"This will build and install the binaries and the manpage (pidl.1)."
refers to the process of installing Pidl; put it immediately after the
steps for installing Pidl.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35305 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoThe rids argument to samr_GetGroupsForUser() is *not* a single RID, it's
guy [Thu, 30 Dec 2010 02:56:51 +0000 (02:56 +0000)]
The rids argument to samr_GetGroupsForUser() is *not* a single RID, it's
an array of samr_RidWithAttributeArray structures.  Don't equate it to
hf_samr_rid; that causes hf_samr_rid to be added as an item with a
length of -1, but, as hf_samr_rid is an FT_UINT32 field, that causes a
dissector bug error.

The version of Yapp I was using, at least, didn't like C++-style
comments in the IDL file; replace them with C-style comments.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35304 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd some white space.
guy [Thu, 30 Dec 2010 02:10:49 +0000 (02:10 +0000)]
Add some white space.

Give more information about getting Yapp; not everybody using it is
necessarily using SUSE (and, yes, that's how it appears to be spelled
now, even though the "u" was for "und" and not originally capitalized).

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35303 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd GEOIP_COUNTRY_EDITION_V6 to geoip_type_name_vals[].
cmaynard [Wed, 29 Dec 2010 21:06:05 +0000 (21:06 +0000)]
Add GEOIP_COUNTRY_EDITION_V6 to geoip_type_name_vals[].

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35302 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdate list of relevant protocol specs. Some drafts are now RFC's.
cmaynard [Wed, 29 Dec 2010 20:58:14 +0000 (20:58 +0000)]
Update list of relevant protocol specs.  Some drafts are now RFC's.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35301 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdates for Wireshark portable installer. Using nsis unicode now.
cmaynard [Wed, 29 Dec 2010 20:41:53 +0000 (20:41 +0000)]
Updates for Wireshark portable installer.  Using nsis unicode now.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35300 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix two minor typos.
cmaynard [Wed, 29 Dec 2010 20:30:36 +0000 (20:30 +0000)]
Fix two minor typos.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35299 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix a buffer overflow in the engineId preferences. Fixes bug 5530.
gerald [Wed, 29 Dec 2010 20:09:27 +0000 (20:09 +0000)]
Fix a buffer overflow in the engineId preferences. Fixes bug 5530.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35298 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix incomplete conversion from an on-the-stack buffer to an ep_allocated
guy [Wed, 29 Dec 2010 19:40:36 +0000 (19:40 +0000)]
Fix incomplete conversion from an on-the-stack buffer to an ep_allocated
buffer - the size of the latter can't be found with sizeof, as all you
have is a pointer to the buffer.  sizeof (pointer) happened, by chance,
to give the right answer on ILP32 platforms, but gave a too-big answer
on LP64 and LLP64 platforms, which meant we overflowed the buffer when
clearing it.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35297 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd Compile BPF to the capture options dialog description.
jake [Wed, 29 Dec 2010 18:26:04 +0000 (18:26 +0000)]
Add Compile BPF to the capture options dialog description.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35296 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoUpdate capture options dialog description.
jake [Wed, 29 Dec 2010 18:16:50 +0000 (18:16 +0000)]
Update capture options dialog description.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35295 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix the HAI value display filter string.
jake [Wed, 29 Dec 2010 07:39:52 +0000 (07:39 +0000)]
Fix the HAI value display filter string.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35294 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix Windows build, which complained about possible loss of data converting
sfisher [Wed, 29 Dec 2010 00:29:05 +0000 (00:29 +0000)]
Fix Windows build, which complained about possible loss of data converting
from a double to a time_t.  I removed nstime_to_secs() and grab the
seconds portion of the nstime (which is a time_t), since that's all the
precision needed in the code right now anyway.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35293 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom non-customers via bug 5530: Fix a buffer overflow in the MAC LTE
gerald [Tue, 28 Dec 2010 20:47:48 +0000 (20:47 +0000)]
From non-customers via bug 5530: Fix a buffer overflow in the MAC LTE
dissector.  From me: Add a define, ep_allocate the buffer.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35292 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoIt is not guaranteed that the records in numerical (frame table) order
guy [Tue, 28 Dec 2010 20:32:58 +0000 (20:32 +0000)]
It is not guaranteed that the records in numerical (frame table) order
will be in sequential (byte offset) order in the file; don't treat the
record offset going backwards as an error.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35291 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom non-customers [AT] operamail [DOT] com, submitted via bug 5529:
cmaynard [Tue, 28 Dec 2010 20:19:41 +0000 (20:19 +0000)]
From non-customers [AT] operamail [DOT] com, submitted via bug 5529:
    Values[9] is fetched twice but Values[8] not at all, despite printing it
    later on.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35290 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Alexis La Goutte via bug 5528:
cmaynard [Tue, 28 Dec 2010 18:26:16 +0000 (18:26 +0000)]
From Alexis La Goutte via bug 5528:
    Fix wrong Field Type for HAI-Value and MN-Value (RFC 5271)

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35289 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoImplement first part of request in bug #5527 - allow the user to change
sfisher [Tue, 28 Dec 2010 18:22:59 +0000 (18:22 +0000)]
Implement first part of request in bug #5527 - allow the user to change
the timestamp display in the RTP Player to time of day with a checkbox
similar to in the IO Stats graph.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35288 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoImprove sanity checking of reception claim count. Fixes bug 5521.
cmaynard [Tue, 28 Dec 2010 18:02:24 +0000 (18:02 +0000)]
Improve sanity checking of reception claim count.  Fixes bug 5521.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35287 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd tvb_bcd_dig_to_ep_str()
etxrab [Tue, 28 Dec 2010 12:36:26 +0000 (12:36 +0000)]
Add tvb_bcd_dig_to_ep_str()
/*
 * Given a tvbuff, an offset into the tvbuff, and a length that starts
 * at that offset (which may be -1 for "all the way to the end of the
 * tvbuff"), fetch BCD encoded digits from a tvbuff starting from either
 * the low or high half byte, formating the digits according to an input digit set,
 * if NUll a default digit set of 0-9 returning "?" for overdecadic digits will be used.
 * A pointer to the EP allocated string will be returned.
 * Note a tvbuff content of 0xf is considered a 'filler' and will end the conversion.
 */

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35286 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd dissection of NAS message container.
etxrab [Tue, 28 Dec 2010 11:24:46 +0000 (11:24 +0000)]
Add dissection of NAS message container.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35285 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd application id="16777232" name="Ericsson Charging-CIP.
etxrab [Tue, 28 Dec 2010 11:23:47 +0000 (11:23 +0000)]
Add application id="16777232" name="Ericsson Charging-CIP.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35284 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Alexis La Goutte:
jake [Tue, 28 Dec 2010 10:34:19 +0000 (10:34 +0000)]
From Alexis La Goutte:
A patch to enchance the ICMPv6 dissector
- Update RFC Draft (draft-ietf-ipngwg-icmp-name-lookups-07/08) to Final RFC (RFC 4620)
- Make NI field filterable
- ....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35283 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Masashi Honma:
jake [Tue, 28 Dec 2010 09:30:24 +0000 (09:30 +0000)]
From Masashi Honma:
EAP WPS RF band may be '2.4 GHz and 5 GHz'.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35282 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd support for showing errors matching substrings (like LTE RLC stats supports)...
martinm [Tue, 28 Dec 2010 01:06:51 +0000 (01:06 +0000)]
Add support for showing errors matching substrings (like LTE RLC stats supports).  TODO: fix the loayout/spacing....

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35281 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd a tooltip.
martinm [Tue, 28 Dec 2010 01:05:45 +0000 (01:05 +0000)]
Add a tooltip.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35280 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoClarify some comments
sfisher [Mon, 27 Dec 2010 22:24:07 +0000 (22:24 +0000)]
Clarify some comments

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35279 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoThe RTP Player shows the number of seconds since the beginning of that
sfisher [Mon, 27 Dec 2010 21:44:34 +0000 (21:44 +0000)]
The RTP Player shows the number of seconds since the beginning of that
call's packet flow along the x-axis.  Add " s" to the end of each number
to give the user an idea those numbers are seconds.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35278 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoGet rid of trailing white space.
guy [Mon, 27 Dec 2010 21:40:48 +0000 (21:40 +0000)]
Get rid of trailing white space.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35277 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd dissection of Radio Priority LCS.
etxrab [Mon, 27 Dec 2010 20:23:26 +0000 (20:23 +0000)]
Add dissection of Radio Priority LCS.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35276 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoRemove de_sgsap_tmsi as it's not needed.
etxrab [Mon, 27 Dec 2010 20:19:55 +0000 (20:19 +0000)]
Remove de_sgsap_tmsi as it's not needed.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35275 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix build by #if 0 out unused de_sgsap_tmsi() function.
sfisher [Mon, 27 Dec 2010 16:38:03 +0000 (16:38 +0000)]
Fix build by #if 0 out unused de_sgsap_tmsi() function.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35274 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoAdd more IE dissection.
etxrab [Mon, 27 Dec 2010 15:15:55 +0000 (15:15 +0000)]
Add more IE dissection.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35273 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFrom Alexis La Goutte:
etxrab [Mon, 27 Dec 2010 10:57:42 +0000 (10:57 +0000)]
From Alexis La Goutte:
ICMPv6 Enhancements : make ICMP option filterable (Part 2)

*Merge (and update) FMIPv6 Option with ND Option
*Make ICMP option filterable (use proto_tree_add_item..)
*Reorder ND Option
*Add dissector for RA Flags Extension (RFC5075)
*Add dissector for Handover Key Request/Reply (RFC5269)
*Add dissector for Handover Assist Info / Mobile Node ID (RFC5271)
*Add dissector for DNS Search List (RFC6106

From me removed a c++ style comment and changed
to tvb_memcpy(tvb, (guint8 *)&prefix.bytes in a couple of places.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35272 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoFix the Message numbering.
etxrab [Mon, 27 Dec 2010 09:33:39 +0000 (09:33 +0000)]
Fix the Message numbering.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35271 f5534014-38df-0310-8fa8-9805f1628bb7

8 years agoTry to apiece the Ubuntu buildbot.
etxrab [Mon, 27 Dec 2010 08:23:55 +0000 (08:23 +0000)]
Try to apiece the Ubuntu buildbot.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@35270 f5534014-38df-0310-8fa8-9805f1628bb7