PEP 394[1] says,
"In cases where the script is expected to be executed outside virtual
environments, developers will need to be aware of the following
discrepancies across platforms and installation methods:
* Older Linux distributions will provide a python command that refers
to Python 2, and will likely not provide a python2 command.
* Some newer Linux distributions will provide a python command that
refers to Python 3.
* Some Linux distributions will not provide a python command at all by
default, but will provide a python3 command by default."
Debian has forced the issue by choosing the third option[2]:
"NOTE: Debian testing (bullseye) has removed the "python" package and
the '/usr/bin/python' symlink due to the deprecation of Python 2."
Switch our shebang from "#!/usr/bin/env python" to "#!/usr/bin/env
python3" in some places. Remove some 2/3 version checks if we know we're
running under Python 3. Remove the "coding: utf-8" in a bunch of places
since that's the default in Python 3.
[1]https://www.python.org/dev/peps/pep-0394/#for-python-script-publishers
[2]https://wiki.debian.org/Python
Fix some issues discovered by common python linters including:
* switch `None` comparisons to use `is` rather than `==`. Identity !=
equality, and I've spent 40+ hours before tracking down a subtle bug
caused by exactly this issue. Note that this may introduce a problem if
one of the scripts is depending on this behavior, in which case the
comparison should be changed to `True`/`False` rather than `None`.
* Use `except Exception:` as bare `except:` statements have been
discouraged for years. Ideally for some of these we'd examine if there
were specific exceptions that should be caught, but for now I simply
caught all. Again, this could introduce very subtle behavioral changes
under Python 2, but IIUC, that was all fixed in Python 3, so safe to
move to `except Exception:`.
* Use more idiomatic `if not x in y`--> `if x not in y`
* Use more idiomatic 2 blank lines. I only did this at the beginning,
until I realized how overwhelming this was going to be to apply, then I
stopped.
* Add a TODO where an undefined function name is called, so will fail
whenever that code is run.
* Add more idiomatic spacing around `:`. This is also only partially
cleaned up, as I gave up when I saw how `asn2wrs.py` was clearly
infatuated with the construct.
* Various other small cleanups, removed some trailing whitespace and
improper indentation that wasn't a multiple of 4, etc.
There is still _much_ to do, but I haven't been heavily involved with
this project before, so thought this was a sufficient amount to put up
and see what the feedback is.
Linters that I have enabled which highlighted some of these issues
include:
* `pylint`
* `flake8`
* `pycodestyle`
In File Search Continue requests, the path is a single byte giving the
string length, followed by that many bytes containing the string value.
However, in at least some File Search Continue requests, the string
length value is longer than the string, and there's a NUL, followed by
other non-zero cruft, in the string.
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add NCP 98
Fix NDSrequestprotocolflags not being captured on request so that reply
would offset correctly with CRC flag.
Change-Id: Ie45a1017326dd38393baf3f005f3ec9195438565
Reviewed-on: https://code.wireshark.org/review/33146
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I0de1c332a6052c20f6afbe1e51dfb14e18485891
Reviewed-on: https://code.wireshark.org/review/19899
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Otherwise a call to proto_tree_add_uint_format_value will trigger an assert
Bug: 11550
Change-Id: Ic30b07a424cd94b861cee8999b91154ceeb72469
Reviewed-on: https://code.wireshark.org/review/10689
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This simplifies some of the logic required for field formatting.
Change-Id: I2f9a612b18e3e4ca01311683d9cf61cbad9950f4
Reviewed-on: https://code.wireshark.org/review/10649
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie67892caec2cddee591631045233f8a3f1cc0bc6
Reviewed-on: https://code.wireshark.org/review/10648
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "old" method of populating the INFO column was to dissect all fields of a function/subfunction, then do a search in the tree to find the hf_ values of interest to then format into something for the INFO column. This is very expensive and requires "low level" APIs (for tree manipulation) which really shouldn't be used in a dissector.
The "new" method populates the INFO column at the same time a field is parsed, so nothing has to be revisited (and allows for more fields to be displayed on some malformed packets).
There are still expert infos (and possibly column APIs) under if (tree)s, but I'm not sure how FAKE_TREE_IS_VISIBLE factors into that. Removing the FAKE_TREE_IS_VISIBLE seems to negatively affect dissection.
Change-Id: Ie487e851c2f6558dd12f0c7010757b4a5f36226b
Reviewed-on: https://code.wireshark.org/review/10631
Reviewed-by: Michael Mann <mmann78@netscape.net>
The "old" method of populating the INFO column was to dissect all fields of a function/subfunction, then do a search in the tree to find the hf_ values of interest to then format into something for the INFO column. This is very expensive and requires "low level" APIs (for tree manipulation) which really shouldn't be used in a dissector.
The "new" method populates the INFO column at the same time a field is parsed, so nothing has to be revisited.
There are still expert infos (and possibly column APIs) under if (tree)s, but with the FAKE_TREE_IS_VISIBLE "hacks" removed, there should be less fear in removing the tree checks.
Change-Id: I847827395fc28704f468df8bc8b47b297dde8479
Reviewed-on: https://code.wireshark.org/review/10572
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Including:
1. Using ENC_BIG_ENDIAN and ENC_LITTLE_ENDIAN instead of self made macros
2. Creating an "expert info hook" so that fields can be parsed "in real time" and added as expert info instead of searching by field name and manually getting values. Most of the expert info is still under if (tree)s, but this is another step closer to removing all of the "manual labor" done that requires "special handling" of all tree functionality. Once the "manual labor" is removed, this dissector can behave like every other dissector and the if (tree)s can be removed with more abandon.
Change-Id: If2c6a4c723e12e070e68d6df2d492d4b5ac35123
Reviewed-on: https://code.wireshark.org/review/10555
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The dissector is doing a lot of unnecessary "manual" operations. Start the process of simplifying that to encourage use of general APIs and put control of the "field name" in the hands of the hf_ entry it belongs with.
Change-Id: I5b048c04858ac4a846a276ba12d61c665deb66f8
Reviewed-on: https://code.wireshark.org/review/10547
Reviewed-by: Michael Mann <mmann78@netscape.net>
Modifications to ncp2222.py
Add absolute time values eptime for file/volume info
Add support for 64 bit File Transfer NCP's (22/54, 22/55, 22/56, 22/57, 22/58, 87/70, 87/71, 87/72, 87/73, 89/41, 123/35)
Fix numerous dissection errors in NWInfo and ExtNWInfo structures
Fix some indention (white space) in source
Modifications to packet-ncp2222.inc
Change seq count rollover value to 16 instead of 255 to make it more robust
Add ncp 87,72 reply
Add ncp 8x20 request
Fix ncp 8x20 reply
Change-Id: I80bdcc5854c02edd4ea51c74aa0bbc9c0e062bc1
Reviewed-on: https://code.wireshark.org/review/10017
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Change-Id: Ibe55260e837f0a839649675c08e1bf66d8bcdb52
Reviewed-on: https://code.wireshark.org/review/9924
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Iab2559c2bac5550987c108c6e917506fcec525e9
Reviewed-on: https://code.wireshark.org/review/8221
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Note: Use of most of these filter names could have caused a Wireshark crash.
Change-Id: I393402a25dd26d174baff77f4706f6d5f43a94ae
Reviewed-on: https://code.wireshark.org/review/5610
Reviewed-by: Bill Meier <wmeier@newsguy.com>
There are a few things in here which could still use attention.
Don't regenerate anything now.
Change-Id: I283c224d3523212144707fca3d6265916cb11792
Reviewed-on: https://code.wireshark.org/review/205
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
2.7, and 3.3. The contents of packet-ncp2222.c are different after the
changes (e.g. some array contents are in a different order) but the
output of running 'tshark -nVxr' on the NCP files in the menagerie are
identical.
svn path=/trunk/; revision=51123
Fixed GTKHash table being overwritten when number of NCP packets exceeds 255. Sequence numbers wrap so this was causing the request value table to be overwritten and subsequent malformed NCP packets.
Fixed buid_expert_data for file open reporting to correctly convert to Hex value so proper lookup in val table will succeed.
Added additional OES Linux values to build_expert_data for server entries.
svn path=/trunk/; revision=45177
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319