-add codepoint to name resolution for Juniper IFMT, IFLE extension TLVs
-bugfix: DLT_JUNIPER_PPP, correct the calculate offset for PPP payload
-bugfix: DLT_JUNIPER_CHDLC, add CHDLC handler
-bugfix: add a more flexible TLV value extraction function which
does not bail if the assumed TLV length does not match
svn path=/trunk/; revision=16764
(http://yersinia.sourceforge.net/index.html)
by Alfredo Andres and David Barroso. There's more information to be put
into Ethereal but it's a start.
svn path=/trunk/; revision=16756
fields as BASE_DEC; bitmaps are typically displayed in hex in Ethereal,
so it should generate BASE_HEX instead. (Submitted to
bugzilla.samba.org as bug 3313.)
A couple of the IDL files use "unistr"; define it as "[string] uint16",
so that the resulting dissectors work correctly.
Regenerate dissectors.
svn path=/trunk/; revision=16754
For OID fields of type FT_STRING, put back the code to append the OID
name. (Ultimately, we should probably convert them all to type FT_OID.)
svn path=/trunk/; revision=16734
bytes you'll be checking are available in the tvbuff first.
Don't require *all* of the packet data to be available, however.
Heuristic dissectors should return TRUE or FALSE. Non-heuristic
"new-style" dissectors should return the amount of data dissected or 0.
svn path=/trunk/; revision=16733
Fix a few problems.
CIGI 1 and 2 are only big-endian; CIGI 3 can be little-endian or
big-endian.
Remove the port preferences.
svn path=/trunk/; revision=16730
Log:
From Grame Lunt:
updated X.500 dissectors to include DOP support.
The "dop" dissector is the renamed "x501" dissector consequently the asn/x501 directory should be removed. The patch includes the changes to epan/dissectors/Makefile.common to reflect this.
As the DOP dissection is not fully tested, I have disabled it by default for now (like DSP) but it can be enabled by the user.
svn path=/trunk/; revision=16727
tipc: First stab at reassembly, as tipc reasembly is based on reading the message length from the first segmented packet and then just add the bytes received I didn't find a better way of doing it.
svn path=/trunk/; revision=16724
If known put the account name, domain name, host name and which frame the suer authenticated in in an expansion below UID in the SMB2 header
svn path=/trunk/; revision=16723
"tvb_get_string()"?
Why even bother with "tvb_get_string()" when you can just use
"proto_tree_add_item()" with a string item?
Make sure that the prefix in a PRIV item isn't bigger than the item
itself. That fixes bug 603.
svn path=/trunk/; revision=16716
Gate X and Y Offset are 16-bit integral numbers of degrees, not 32-bit
IEEE floating-point numbers, and the numbers in collision detection
segment definitions and collision detection volume definitions are
16-bit fixed-point numbers, not 32-bit IEEE floating-point numbers;
handle them as such - this fixes bug 605.
When displaying the packet length in the Info column, display the *real*
length, not the sliced length.
svn path=/trunk/; revision=16714
Hi, Some tiddly changes: pppoe- don't create an empty discovery tags tree when the payload length is 0 chap- make chap.value work as a filterable field rtcp- append the packet type to the protocol tree name
svn path=/trunk/; revision=16712
Hi,
The attached patch fixes the name of the version field, which I
previously mistook for an authorization cookie (which is in fact in a
TLV that follows this field).
svn path=/trunk/; revision=16711
a patch for the X.411, X420 and CMS dissectors to implement the remaining heading extensions and bodyparts.
This includes GeneralText BP, forwarded content BP (forwarded p22 and forwarded p772), PKCS#7 BP, and "business class" messaging extensions.
The X.411 extensions using the SIGNATURE macro have also been implemented. There is also a fix for a bug in the dissection of integer 22 content type.
Graeme
svn path=/trunk/; revision=16689
New protocol : CIGI (with minor updates to make it heuristic)
Hi,
This patch is for a CIGI dissector (complete versions 2 and 3). It has
been [fuzz] tested on GNU/Linux using the Ethereal 0.10.13 codebase.
However, the patch here is against the svn repository.
More information about CIGI can be found at http://cigi.sourceforge.net/
Kyle Harms
svn path=/trunk/; revision=16681
the generated dissector is still "ugly" compared to the handwritten one so there needs a bit of conformance file magic and maybe pidl enhancements before it can go in.
svn path=/trunk/; revision=16651
Gsmmap - Export asn1 structs used by Camel
Camel - Use functions from GSMMAp and ISUP
INAP - Rewrite of the asn1 code to correspond more to CS1 data types
Let ISUP and Q931 dissect apropriate stuff.
svn path=/trunk/; revision=16624
up front and realloc once ...
This will probably be the last changes I make on this dissector, as I want to
concentrate on using asn2eth for LDAP, as time permits.
svn path=/trunk/; revision=16619
Don't fetch CHAP fields until we need them, so that we can at least
partially dissect a short frame.
Even if the CHAP length is wrong, put it into the protocol tree using
the registered field.
Use "tvb_format_text()" to put text into the Info column, so we handle
non-printable characters by escaping them.
svn path=/trunk/; revision=16616
the extensibleMatch.
Make sure the filter string is always null-terminated, as we use
"strlen()" to skip to the end of it.
On the (illegal, but not impossible) chance that we have more than one
matching rule ID, attributeDescription, or matchValue, free any we
already have before fetching a new one.
svn path=/trunk/; revision=16609
Update a comment, and get rid of a commented-out unused variable.
Use "get_ber_identifier()" and "get_ber_length()", rather than
"dissect_ber_identifier()" and "dissect_ber_length()", if we're just
fetching the values, rather than dissecting them. As we're just
fetching the values, if we get an error, put the identifer and length
into the protocol tree (if we've enabled that) with
"dissect_ber_identifier()" and "dissect_ber_length()".
Properly declare class and tag variables as signed.
svn path=/trunk/; revision=16602
Use "tvb_reported_length_remaining()" for all length checks and values,
so we get the *actual* packet length, not the *captured* packet length
(it's a *feature* if it reports a "packet cut short" error if the packet
really *was* cut short by slicing).
Set subtree lengths to -1, so that if an exception is throws while
dissecting them, the length includes all the data.
Get rid of unused variables, and mark unused parameters.
In heuristic checks, give up if we don't have enough data to check.
svn path=/trunk/; revision=16599
Here is a patch to the PPPoED and PPPoES dissectors.
- All fields are now filterable
- General prettification
- I've added a preference to PPoED to set whether or not tag values and data lengths should be shown in the tree (default is OFF)
svn path=/trunk/; revision=16582
ncp2222.py.diff
Fixed decoding of NCP 89,10 reply packet. Fixes malformed packet.
packet-ncp.c.diff
Adds NCP protocol preference options for enabling/disabling the echoing of data to the expert table.
Expert: EID to Name Lookups
Expert: NCP Connections
Expert: NCP Errors
Expert: Server Information
packet-ncp2222.inc.diff
Adds decoding of ZEN attribute values
zendmSearchType
zendmSearchOrder
Fixes blank name stored in EID to Name table if tuned name was returned in resolve name reply packet
Adds capability of reading hf values from NCP tree for exporting specific NCP info to expert table
Adds support for new NCP protocol preference options
Adds expert options for EID to Name Lookups, NCP connections, and Server Information
Change nwconnection from 16bit value to 32bit
Packet-ncp-int.h.diff
Fix function prototypes to match new 32bit nwconnection
Add global variables to allow for new NCP protocol preference options
svn path=/trunk/; revision=16575
This update adds info column data for srvloc request/reply to display SLP version and XID information.
Also adds expert data for srvloc error conditions
svn path=/trunk/; revision=16571
Added a new dissector for CDT (CompressedDataType) as
defined in STANAG 4406 Annex E. This dissector is used in P_Mul to
decode encapsulated X.411 content. I have added a function in the
X.411 dissector to decode a MTS APDU without having a ROS
Changes in this patch:
* Added CDT dissector
* Use CDT dissector in P_Mul
* Added function to decode MTS APDU in the X.411 dissector
svn path=/trunk/; revision=16567
Added a new dissector for CDT (CompressedDataType) as
defined in STANAG 4406 Annex E. This dissector is used in P_Mul to
decode encapsulated X.411 content. I have added a function in the
X.411 dissector to decode a MTS APDU without having a ROS
Changes in this patch:
* Added CDT dissector
* Use CDT dissector in P_Mul
* Added function to decode MTS APDU in the X.411 dissector
svn path=/trunk/; revision=16566
have an OID to register.
If our table of context identifiers and OIDs is to keep that association
on a per-conversation basis, it should use conversations, not
address/port, as we aren't necessarily running over TCP or UDP.
svn path=/trunk/; revision=16554
"call_ber_oid_callback()". (Arguably, the caller of
"call_ber_oid_callback()" should check for that, and report that a
presumably-required field is missing.)
svn path=/trunk/; revision=16544
tvb_get_ptr() returns a "const guint8 *"; don't bother casting its
return value to "const guint8 *".
"cms_verify_msg_digest()" can be passed a const pointer for "alg"; make
its argument a "const char *".
svn path=/trunk/; revision=16534
The following diff (based on current SVN) fixes the following...
1. Adds additional return value 0xa901
"Invalid Data Type Flag (outdated return value - replaced in NSS as 0x89aa error)"
for 87/xx NCP's.
2. Fixes decode for NCP 87/20 reply packets
3. Fixes decode for NCP 89/53 request packets
svn path=/trunk/; revision=16509
Here are a number of small patches for asn1 based dissectors:
acse:
release request/response column information (many X.400/X.500 unbinds are
empty)
"standardised" PNAME to "ISO 8650-1 OSI Association Control Service"
fix for crash when using EXTERNAL dissector
rtse:
column information when attempting a resume
x509if:
generation of LDAP-style DNs from RDNSequences
new function x509if_get_last_dn() to get the last DN generated.
x509af:
DSS parameters
certificate extension naming
subject naming of certificate
x509sat:
Guide syntax (as SET now supported)
PDU exports.
cms:
verification of message digest attribute (SHA-1 and MD5)
ess:
enumerated/restrictive/permissive/informative security categories
x411:
generation of string encoding of X.400 addresses, trace information and message identifiers.
s4406:
separate types for primary and copy precedence to allow better filtering (e.g. primary precedence = flash)
priority-level-qualifier
svn path=/trunk/; revision=16508
handled (but not the same, as the prefix length in OSPF is rounded up to
a multiple of 4 bytes, not just a byte). This simplifies the code, and
keeps us from overflowing the buffer we allocate if the prefix length is
> 128 (we now just report that as an error).
svn path=/trunk/; revision=16507
always put the filename in col_info if it is known
for getinfo/setinfo put the class/level in colinfo as well.
this makes it very easy to see in the packet summary which file a icommand applies to and what kind of info is requested
svn path=/trunk/; revision=16496
updates to rlogin
Hi, this patch:
- uses value_string for control message field
- doesn't use a single global time value to mark start of all conversations!
- corrects client-user-name, server-user-name order in initial user-info
message
- adds data (text input/output) into the protocol tree
- makes lots more things filterable
- improves info column text (always calls rlogin_display() now)
- cleans up some whitespace
svn path=/trunk/; revision=16495
updates to smb
A patch for packet-smb.c is attached:
- it improves timeout decoding
- it defines common NT transaction IOCTL functions
- it corrects decoding of resume key in search queries
- it defines a new function dissect_4_2_16_8_unsure() to replace
dissect_4_2_16_8(). I'm unsure if it is correct. As said in
comments, it works for me, but I find strange that nobody noticed
dissect_4_2_16_8() was wrong. So, it is between "#if 0".
Someone else should confirm dissect_4_2_16_8_unsure() works
before activating it.
svn path=/trunk/; revision=16494
add TID tracking. for all TreeConnect requests/resposnes seen, store the name->tid mapping and other metadata.
as a freebee the disswection of the tid in the ehader is aware of this table so when a tid value is dissected in the header and we known the name for this tid then put it in an expansion below the tid.
svn path=/trunk/; revision=16483
we can regenerate from the header
we need to remember between request/response
we need on a per conersation bases
to reduce the amount of data we store in the per req/resp pair since there will be many of them and we want that struct as small as possible.
svn path=/trunk/; revision=16482
make them a guid in smb2 dissector and make tim pottesr excellent conmtext handle tracking also able to do the same thing for GUIDs
( a context handle is just a 32 biut attribute field followed by a uuid anyway)
svn path=/trunk/; revision=16477
Malformed packet IAM, Calling party number
Application transport - some code clean up.
bug 551 Nor Med PC ethereal-bugs@ethereal.com NEW SS7, ISUP, IAM-signal, malformed packet (not)
Bug 554 Min Low PC ethereal-bugs@ethereal.com NEW ETSI codec dissection error in BICC
svn path=/trunk/; revision=16476
we will do service-response-time statistics before other inferior products have even noticed a new protocol is in town.
svn path=/trunk/; revision=16463
Anders Broman