Mostly plugins, but also LUA and generated skinny dissector.
Change-Id: Ifeb4205442f9a60875266b4e82841ff38b4fdb63
Reviewed-on: https://code.wireshark.org/review/12515
Reviewed-by: Michael Mann <mmann78@netscape.net>
RFC 3518 defines two protocols, one used to encapsulate bridged PDUs and
one used to configure the bridging process. Make them two
separately-registered protocols.
Change-Id: I393ea31ab7ef44cae2ef2b592ffde5d53ecb113f
Reviewed-on: https://code.wireshark.org/review/12509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This includes:
1. new_create_dissector_handle -> create_dissector_handle
2. new_register_dissector -> register_dissector
3. new_register_ber_oid_dissector -> register_ber_oid_dissector
4. new_register_ber_syntax_dissector -> register_ber_syntax_dissector
Also remove PDU_NEW, SYNTAX_NEW and REGISTER_NEW as there is no need for the distinction anymore.
Change-Id: I82c7de7c8ffeeab3259d1b55bb4afc5f6a1e0329
Reviewed-on: https://code.wireshark.org/review/12491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This dissector shows the information related to the RTI TCP Control
messages used to manage the TCP connections, but also dissects the
RTPS data that is sent on top of RTI TCP. This only happens with
RTI's DDS implementation.
Bug: 11640
Change-Id: I89fcb620256aeed7cae5829b70d92c6868d94929
Reviewed-on: https://code.wireshark.org/review/11305
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This ensures:
1. Generated data shows inside brackets [], so it's obvious that the data was actually generated.
2. Clicking on generated data should not highlight bytes in the packet. Previously, this would sometimes highlight parts of the response packet that were unrelated.
3. Fixes some assertions that hit in PDML exporting code, due to wrong data locations being referenced.
Bug: 11863
Change-Id: Ia7ea9d886c8fff0c302088bed44b974ff9447a92
Reviewed-on: https://code.wireshark.org/review/12468
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Fix messages generated by 894X phones, which do not always include all fields
Revert accidental change by using of an older packet-skinny.c.in file
Change-Id: I4c6f0ef053579cbbd0c15e90b44dda6a6b173d0d
Reviewed-on: https://code.wireshark.org/review/12478
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I32d30ada66ee68782194905a8aa669c07f0dc204
Reviewed-on: https://code.wireshark.org/review/12482
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I0aa35944dbae45477a9db365f30cf24355f5328d
Reviewed-on: https://code.wireshark.org/review/12454
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 10627
Change-Id: Ia6940ef7624a92d453cada6693bcd7f4e145a5b6
Reviewed-on: https://code.wireshark.org/review/12453
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This is just a cosmetic change, which makes sense. No funtional
change.
Change-Id: Id24d162379093207863608e70f405e66f789276c
Reviewed-on: https://code.wireshark.org/review/12440
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Tüxen
Reviewed-by: Michael Tüxen <tuexen@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
dfilter_macro_apply_recurse() returns either NULL or a pointer to
freshly-allocated memory, so it doesn't return a const pointer.
dfilter_macro_apply() calls dfilter_macro_apply_recurse(), so it doesn't
return a const pointer, either.
In dfilter_compile(), have separate variables for the filter handed in
and the macro-expanded filter, the former being const gchar * and the
latter being gchar *.
Change-Id: I191549bf0ff6c09c1278a98432a907c93d5e0e74
Reviewed-on: https://code.wireshark.org/review/12446
Reviewed-by: Guy Harris <guy@alum.mit.edu>
For now, we don't change the name of the preference, but we *do* change
the description of the preference and the name of the variable.
Change-Id: I1f80b2e7187679dca787fda5f3d06e9d30536ddc
Reviewed-on: https://code.wireshark.org/review/12444
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This reverts commit b56f53884b.
Sadly, we *do* get warnings at this point with older versions of Flex,
such as the one on the 32-bit OS X buildbot.
Change-Id: I9aec1a16e9f2e1bbcfaac3dffdabdd89af5815e3
Reviewed-on: https://code.wireshark.org/review/12443
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Correct parameter-name "opt-offset" to "offset" in macro
"tvb_eui64_to_str" in epan/to_str.h such that offset is taken into account
when converting eui64 to str.
Bug: 11856
Change-Id: Id0b17c4b9186b4c41d6fe338ba7c017e88f63acf
Reviewed-on: https://code.wireshark.org/review/12441
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Add a missing table entry for Stream Reset Response parameters.
Change-Id: I45172cace57cd3f628a94fd61c4cb37a6c2e17ed
Reviewed-on: https://code.wireshark.org/review/12439
Reviewed-by: Michael Tüxen
Reviewed-by: Michael Mann <mmann78@netscape.net>
1) Fixed the guidPrefix deserialization (before it was showing
counter and it should be instanceId).
2) The PID_PARTICIPANT_GUID was a total mess. Now it looks perfect.
3) Fixed some bounds in the proto_tree creations so instead of
selecting the rest of the tvb, now they select what they have to.
Did all of this keeping the dissection for version 1 untouched.
Change-Id: I93df2a29e292655ceb3f8c1395f31d8e38106dee
Reviewed-on: https://code.wireshark.org/review/12406
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
We shouldn't be getting warnings at this point.
Change-Id: I363a48546cb8d916425f42962ae1697d52ed9a29
Reviewed-on: https://code.wireshark.org/review/12436
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
IPv4 Addresses are currently displayed incorrectly in RFC5444 Addressblocks.
For example, what should be `Address: 10.1.3.0` is incorrectly rendered as
Address: 0.0.0.10
This commit fixes that.
Bug: 11852
Change-Id: Id6dc954e9a06e79375058f6070fe8e0f64167d64
Reviewed-on: https://code.wireshark.org/review/12429
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fixing ESI Label extended community
Fixing PMSI label field decoding on 20 bits
Fixing inclusive multicast Ethernet tag route
Fixing Ethernet segment route
Bug: 11650
Change-Id: Ifadcc3099f681a5c9480d1ccdd50b29ef4c0069f
Reviewed-on: https://code.wireshark.org/review/12430
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Idd57cba39e82a2538bd8a8ceb2263ec23202c25a
Reviewed-on: https://code.wireshark.org/review/12424
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
EtherNet/IP
1. EtherNet Link object parsed Physical Address attribute response incorrectly.
2. Display Unknown Commands as ENIP instead of just TCP data.
CIP
1. For connected data, don't interpret it as a Message Router Request/Response format when the Forward Open connection was not directed to the Message Router. Previously, this data would be incorrectly shown as explicit CIP data. In many cases, this would show as malformed. This traffic will now just display as Data in the Wireshark tree, and "Implicit Data - Class (0x123)" in the Info column. Make this data filterable by "cip.conn_path_class == 0x123".
2. Fix parsing of Unconnected Send responses. Previously, for most cases, the response was not fully parsed, and would just show "Data", or it would parse the response as if the request class was the Connection Manager, which is incorrect. Now, also show the request path of the original embedded message in the tree.
3. Add some detailed error data for malformed Forward Close response.
Change-Id: I1c98ce516373d8c0ed6e049e25342f726bc370ea
Reviewed-on: https://code.wireshark.org/review/12339
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: D. Ulis <daulis0@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I80e664185a34feaebc05fc089c405e658e3b1e60
Reviewed-on: https://code.wireshark.org/review/12423
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Tweak lemonflex-tail.inc to fix an issue this reveals.
It appears that, at least on the buildbots, the Visual Studio compiler
no longer issues warnings for the code generated with %option noyywrap.
Change-Id: Id64d56f1ae8a79d0336488a4a50518da1f511497
Reviewed-on: https://code.wireshark.org/review/12433
Reviewed-by: Guy Harris <guy@alum.mit.edu>
with new_ to plain function names without changing all at the same time.
Change-Id: I52682996704ff2472c9830bb62fda2a3cbef6589
Reviewed-on: https://code.wireshark.org/review/12401
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Bug: 11846
Change-Id: I6eac46dc397263fe005e803730c5d3084bfb7f74
Reviewed-on: https://code.wireshark.org/review/12391
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We actually have to *use* the return value of the method, which the macro did
for us.
Change-Id: I240ca7e526a18054fe39c6c4ded902998dc2fef0
Reviewed-on: https://code.wireshark.org/review/12389
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
This is a common packet when sniffing Cisco routers performing L2TP
with their proprietary AVPs.
Change-Id: I8093f7e3ceb39c9af5b6292289c55f705b53dffb
Reviewed-on: https://code.wireshark.org/review/12368
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
The 'pinfo->clnp_dstref' variable is assigned values twice successively
Change-Id: I02b8ae54728f88c2173b4522d436bd2f7b1b7bc0
Reviewed-on: https://code.wireshark.org/review/12365
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A "ZLB" message is a Zero Length Body message. See RFC 3931
Change-Id: I89d8f2328754e236f0704f851831fd8274f3b99e
Reviewed-on: https://code.wireshark.org/review/12366
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Everywhere else in the l2tp packet tree we show the control connection ID as
an unsigned decimal.
Change-Id: I189b9ce8c56b024a249d18fc62641c2f5283b0c1
Reviewed-on: https://code.wireshark.org/review/12367
Reviewed-by: Anders Broman <a.broman58@gmail.com>
GLib 2.32 is required for use of g_hash_table_contains function
Change-Id: Ia2af2868ab1029d392d921d915b8898fb5ec81a4
Reviewed-on: https://code.wireshark.org/review/12361
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Tracks the interation between PMNS_NAMES and PMNS_IDS packets to build
up a mapping from PMID to a text name and displays the name whenever the
PMID is displayed.
Change-Id: I665b293c32fee95b649fe6a6e26989db1eff38e0
Reviewed-on: https://code.wireshark.org/review/12303
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
That's what my_dgt_tbcd_unpack() did; do the same thing here.
Change-Id: Ia68c6ba652c748bd2661fd6eda736e880f414dc5
Reviewed-on: https://code.wireshark.org/review/12359
Reviewed-by: Guy Harris <guy@alum.mit.edu>
That should be used in for errors in the BCD strings where only 0
through 9 ar valid.
Fix comments to reflect that the two checks for '?' in the output of
tvb_bcd_dig_to_wmem_packet_str() are doing different checks - one is
checking for end-of-string padding, the other is checking for anything
that's not a digit.
Change-Id: I615587b34883ed5bfdc57827451c6e00e213fa5f
Reviewed-on: https://code.wireshark.org/review/12358
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Michael Mann