osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
26,094 Commits 23 Branches 0 Tags 1.3 GiB
Commit Graph

7252 Commits

Author SHA1 Message Date
Balint Reczey bafe19e58d fixes some parsing errors revealed by fuzz tests 
svn path=/trunk/; revision=26618
 2008-10-29 16:24:58 +00:00
Guy Harris 246fce7b04 Clean up indentation. 
Fix typoes.

Get rid of C++/C99-style comment.

svn path=/trunk/; revision=26613
 2008-10-28 22:15:42 +00:00
Stig Bjørlykke 209c8de4e5 Make it compile. 
svn path=/trunk/; revision=26611
 2008-10-28 20:55:59 +00:00
Anders Broman de8c90d0fe packet-gsm_sms.c:1643: warning: unused variable 'str' ...etc 
svn path=/trunk/; revision=26608
 2008-10-28 20:21:52 +00:00
Anders Broman c29d949834 From Shmulik Bezale: 
gsm sms -> reassemble + wap support
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3004

svn path=/trunk/; revision=26607
 2008-10-28 19:48:55 +00:00
Anders Broman d397a165c2 From Shmulik Bezale: 
GSM_MAP - ucs2 support on USSD.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2991

svn path=/trunk/; revision=26606
 2008-10-28 19:31:29 +00:00
Anders Broman 1d4e3ad464 From Shmulik Bezale: 
is-637-ansi support more encoding.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3005

svn path=/trunk/; revision=26605
 2008-10-28 19:27:16 +00:00
Anders Broman 222869d394 From Pascal Quantin: 
Buggy 3GPP 44.018 Cell Channel Description / Frequency List IEs decoding.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3007

svn path=/trunk/; revision=26604
 2008-10-28 19:19:37 +00:00
Anders Broman dd18d39f92 Move dissect_geographical_description() from gsm_map to gsm_a_common to make it easier to use it in other dissectors including it from gsm_map makes in neccesarry to include asn1.h. 
Fix some bugs in the code, use it from bssmap.

svn path=/trunk/; revision=26603
 2008-10-28 19:16:10 +00:00
Anders Broman 5edf350ffc Wrong value for ELLIPSOID_POINT_WITH_UNCERT_CIRC used in CASE. 
svn path=/trunk/; revision=26593
 2008-10-27 21:57:36 +00:00
Stig Bjørlykke 357e5e016e Fixed some true_false_string definitions. 
svn path=/trunk/; revision=26591
 2008-10-27 21:36:02 +00:00
Anders Broman 497197b525 From Pascal Quantin: 
Add 3GPP 44.018 SI3 and SI4 Rest Octets decoding.

svn path=/trunk/; revision=26590
 2008-10-27 21:08:54 +00:00
Anders Broman 38e28295cd Update towards 48.008 8.4.0 
svn path=/trunk/; revision=26589
 2008-10-27 21:07:52 +00:00
Bill Meier 45e798a430 Minor rework related to proto_reg_handoff 
svn path=/trunk/; revision=26588
 2008-10-27 20:43:47 +00:00
Bill Meier b01d3d77dc Fix bug in each dissector: port pref change was ignored; Related: proto_reg_handoff rework. 
svn path=/trunk/; revision=26586
 2008-10-27 20:34:44 +00:00
Jaap Keuter 457e4ddd1f From Tom Hughes: 
The attached patch extends the X11 protocol dissector to decode the event
contained in a SendEvent request.

svn path=/trunk/; revision=26584
 2008-10-27 19:16:25 +00:00
Jaap Keuter 7c07ed69d0 On request from Philip Zimmermann: 
Additional cypher type and key agreement, and check of the CRC.

svn path=/trunk/; revision=26574
 2008-10-27 08:04:26 +00:00
Bill Meier be76528ad8 #if ==> #ifdef 
svn path=/trunk/; revision=26567
 2008-10-27 01:39:32 +00:00
Anders Broman b32c91b5a0 Try to make the build bot hapy. 
svn path=/trunk/; revision=26562
 2008-10-26 21:45:37 +00:00
Stig Bjørlykke 52aaa7c77f Match protocol and filter prefix. 
svn path=/trunk/; revision=26561
 2008-10-26 21:29:44 +00:00
Anders Broman f47b645008 From Pascal Quantin: 
Add 3GPP 44.018 SI1, SI2bis, SI2ter and SI2quater full decoding

svn path=/trunk/; revision=26559
 2008-10-26 19:46:46 +00:00
Anders Broman 799b8635f3 Update towards 48.008 8.4.0 
svn path=/trunk/; revision=26558
 2008-10-26 19:44:06 +00:00
Jaap Keuter 68d587a24f Updated to the latest IETF draft draft-zimmermann-avt-zrtp-10. 
svn path=/trunk/; revision=26555
 2008-10-25 23:37:31 +00:00
Stig Bjørlykke f9f52e367e Do not use dot in protocol filter name. 
svn path=/trunk/; revision=26551
 2008-10-25 11:23:05 +00:00
Jaap Keuter 1bc4ea382c From Sebastian Stollenwerk: 
While sniffing h264-packets with more than 8 leading zero bits they're displayed in error: fixed.
If there are FU-A(28) encoded packets, you can't see them in Wireshark: upgraded.

svn path=/trunk/; revision=26549
 2008-10-25 10:32:01 +00:00
Gerald Combs 20e131acf7 Add a modeline blurb for the predominant indentation style, and update some 
whitespace to  match.

svn path=/trunk/; revision=26546
 2008-10-24 23:35:50 +00:00
Jeff Morriss 3b9c92584b Put the contents of each CIC range parameter in a REG_REQ in its own tree 
with a textual summary of the CIC range at the root of the tree.
This makes these parameters much easier to read when there are many of them
in a single message.

svn path=/trunk/; revision=26541
 2008-10-24 19:33:19 +00:00
Jaap Keuter c33f06259d From Tom Hughes: 
The attached patch extends the X11 protocol dissector to decode MappingNotify events.

svn path=/trunk/; revision=26540
 2008-10-24 18:45:03 +00:00
Jaap Keuter 3934dfb936 From Alexander Dupuy: 
More complete support for IPFIX RFC 5103 biflows.

svn path=/trunk/; revision=26536
 2008-10-24 07:32:16 +00:00
Bill Meier 8afa208ffb Windows build: #include winsock2.h only when needed. 
#include winsock2.h pulls in about 90 distinct .h files
and about 140 total .h files. 
Currently winsock2.h is (mostly unnecessarily) included
for each dissector via packet.h/wtap.h.
This patch removes #include winsock2.h from wtap.h and 
then includes winsock2.h (or windows.h) in the 
few specific places required. 
With this patch, my Windows Wireshark build takes 
about 30% less time.


svn path=/trunk/; revision=26535
 2008-10-24 00:42:09 +00:00
Stephen Fisher ede39bfe1f Take out extra */ to fix compile. 
svn path=/trunk/; revision=26534
 2008-10-23 21:26:19 +00:00
Jaap Keuter ddce920fd8 Let the dissectors fill the Protocol and Info columns by calling the even when tree == NULL. 
svn path=/trunk/; revision=26531
 2008-10-23 21:01:04 +00:00
Anders Broman 607de79a7b Update towards 48.008 8.4.0 
svn path=/trunk/; revision=26530
 2008-10-23 20:39:43 +00:00
Jaap Keuter 73cd38c1bd Fix an assignment which is intended as a comparison. 
svn path=/trunk/; revision=26529
 2008-10-23 19:57:19 +00:00
Anders Broman b3256e6d44 Fix: 
cc1: warnings being treated as errors
packet-gtp.c: In function ‘decode_qos_umts’:
packet-gtp.c:3725: error: ‘guar_dl_ext’ may be used uninitialized in this function
packet-gtp.c:3722: error: ‘max_dl_ext’ may be used uninitialized in this function
packet-gtp.c:3725: error: ‘guar_ul_ext’ may be used uninitialized in this function
packet-gtp.c:3722: error: ‘max_ul_ext’ may be used uninitialized in this function
packet-gtp.c:3726: error: ‘sig_ind’ may be used uninitialized in this function
packet-gtp.c:3726: error: ‘src_stat_desc’ may be used uninitialized in this function
make[4]: *** [libdissectors_la-packet-gtp.lo] Error 1

svn path=/trunk/; revision=26528
 2008-10-23 19:44:07 +00:00
Anders Broman 10d2e65228 If we only see one half of a SCCP conneversation we can as a last resort make the association on the RLC(if seen). 
svn path=/trunk/; revision=26527
 2008-10-23 19:25:13 +00:00
Anders Broman 2ff51cb037 Update the QoS IE 
svn path=/trunk/; revision=26526
 2008-10-23 19:22:54 +00:00
Jaap Keuter d6556ed5a2 Add the Content-Length header as a header string, while maintaining the content-length filter option. 
svn path=/trunk/; revision=26522
 2008-10-23 06:57:31 +00:00
Anders Broman 9b9c51873b From shmulikB: 
1. ansi map fail to parser BCD digits when Numbering Plan: Telephony Numbering
(ITU-T Rec. E.164,E.163) (2)

2. fix dissector_try_port if sms-TeleserviceIdentifier RECIEVE BEFORE
sms-BearerData.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2989

svn path=/trunk/; revision=26521
 2008-10-23 05:56:28 +00:00
Anders Broman 6e901dc4fe Mark len as unused. 
svn path=/trunk/; revision=26518
 2008-10-22 21:10:45 +00:00
Anders Broman 41b70e3a96 Some further updates. 
svn path=/trunk/; revision=26517
 2008-10-22 20:56:26 +00:00
Stig Bjørlykke 1d5478595c Mark some unused variables. 
svn path=/trunk/; revision=26516
 2008-10-22 18:55:58 +00:00
Guy Harris 03a81916d8 Get rid of /* inside comment. 
svn path=/trunk/; revision=26515
 2008-10-22 17:50:07 +00:00
Anders Broman a4c3055bbb Update bssap le and BSS MAP. 
svn path=/trunk/; revision=26514
 2008-10-22 16:32:24 +00:00
Bill Meier 119d449880 Fix a bit more spacing 
svn path=/trunk/; revision=26506
 2008-10-20 21:38:53 +00:00
Bill Meier 6da6ad6451 Oops ! Revert (Remove) development stuff .... 
svn path=/trunk/; revision=26505
 2008-10-20 21:14:21 +00:00
Bill Meier 145e8f7b74 Adjust indentation to be more consistent .... 
svn path=/trunk/; revision=26504
 2008-10-20 20:51:04 +00:00
Stig Bjørlykke 7fb7444eff Fixed filter name for "nisplus.dummy" 
svn path=/trunk/; revision=26495
 2008-10-19 14:55:30 +00:00
Jaap Keuter 75d4f03f87 From beanniecai: 
Change non-printable characters(code page 936, simplified Chineses) 0x96 in
packet-ieee80211.c and 0xa7 in packet-sndcp-xid.c to '-' and null character,
otherwise there is always warning C4819 using MS compiler.

Additional some whitespace cleanups applied.

svn path=/trunk/; revision=26489
 2008-10-18 14:24:33 +00:00
Jaap Keuter 5bfa442298 From Peter Harris: 
The attached patch adds support for dissecting 'sent' events to the X11 dissector.

svn path=/trunk/; revision=26488
 2008-10-18 14:19:06 +00:00
Anders Broman 8384b6976a Revert files checked in by misstake. 
svn path=/trunk/; revision=26485
 2008-10-16 21:33:00 +00:00
Anders Broman 248049bcbb Add asn1 file from Heimdal use som stuff from it add more dissection in the template and .cnf file. 
svn path=/trunk/; revision=26484
 2008-10-16 21:27:14 +00:00
Bill Meier c38033dfca Default: "dissector not registered on tcp.port"; 
svn path=/trunk/; revision=26482
 2008-10-16 16:13:28 +00:00
Bill Meier e0501b75d3 Remove unnecessary #includes 
svn path=/trunk/; revision=26481
 2008-10-16 14:34:20 +00:00
Stig Bjørlykke 4528043ab6 Fixed decoding of multiple sequences in a sequence of implict sequence. 
Removed attempt to fix number of items in indef sequence-of and set-of.

svn path=/trunk/; revision=26476
 2008-10-16 10:50:12 +00:00
Michael Tüxen ebd05a6014 Bugfix from Robin Seggelmann for Certificate Request messages. 
svn path=/trunk/; revision=26475
 2008-10-16 10:11:24 +00:00
Jaap Keuter 25cd2bc4d2 From Scott Roberts: 
Patch to have the tds dissector register itself by name.

And fix the name of the register function itself.

svn path=/trunk/; revision=26474
 2008-10-16 07:20:02 +00:00
Anders Broman 3cbb374385 Now Kerberos compiles, a lot of work remains to get it into shape. 
svn path=/trunk/; revision=26467
 2008-10-15 20:08:10 +00:00
Guy Harris 369f9243ce Squelch warnings. 
svn path=/trunk/; revision=26465
 2008-10-15 18:51:41 +00:00
Bill Meier c40304819e From David Castleford (with some changes by Bill Meier); See Bug #2935 
svn path=/trunk/; revision=26464
 2008-10-15 18:22:01 +00:00
Jaap Keuter aba73d539f Add option 22 and 23 dissection. 
svn path=/trunk/; revision=26463
 2008-10-15 17:51:57 +00:00
Bill Meier a60b943947 Fix for bug #2969 
svn path=/trunk/; revision=26462
 2008-10-15 16:26:45 +00:00
Jaap Keuter 1217ba4e77 From Florian Lohoff: 
Update packet-redback.c with hf fields. Dissect more POS packets and clean up
code. Dissect ISIS packets etc.

svn path=/trunk/; revision=26457
 2008-10-14 19:16:28 +00:00
Jaap Keuter 84fe273017 From Florian Lohoff: 
The redback lawful intercept format is a moving target - redback tends to add
more AVPs in newer software versions. Here is an update which covers the
"direction" avp and the "accounting session id".

svn path=/trunk/; revision=26456
 2008-10-14 19:14:57 +00:00
Anders Broman 57660e3fb6 Try to get rid of unused code warnings. 
svn path=/trunk/; revision=26455
 2008-10-14 19:07:26 +00:00
Stig Bjørlykke c2515c5abd Count correct number of items in indef sequence-of and set-of. 
svn path=/trunk/; revision=26451
 2008-10-14 16:28:54 +00:00
Jörg Mayer cf40bd9747 Dump the contents of some elements. 
Standardize printing of enterprise id.

svn path=/trunk/; revision=26447
 2008-10-14 00:17:42 +00:00
Jaap Keuter f293b1639e From Alexis La Goutte: 
I'm a user of Aruba / Alcatel OAW Wireless Switch ( www.arubanetworks.com )
The stream (802.11 Frame) is encapsulated in a tunnel GRE. 

svn path=/trunk/; revision=26446
 2008-10-13 20:40:26 +00:00
Anders Broman 37a91449cb Try to get rid of unused code warnings. 
svn path=/trunk/; revision=26445
 2008-10-13 19:54:48 +00:00
Bill Meier 47a6731043 Remove unused include for conversations.h 
(File regenerated from template & etc)

svn path=/trunk/; revision=26444
 2008-10-13 19:52:55 +00:00
Anders Broman 51de8ebdb8 Back out the expert info - it's wrong. 
svn path=/trunk/; revision=26441
 2008-10-13 19:32:06 +00:00
Anders Broman 61fdd2f1f6 From Martin Lutz: 
IEC 61850 GOOSE protocol

svn path=/trunk/; revision=26440
 2008-10-13 19:31:12 +00:00
Bill Meier dc2fed3ed3 Remove unused prefs.h, conversation.h & data_handle; Fix typo 
(File re-generated from the template & etc)

svn path=/trunk/; revision=26432
 2008-10-13 16:56:17 +00:00
Stig Bjørlykke 9168a0a714 Added total time analysis from Address to Ack-Ack PDU. 
Renamed previous total time to transmission time.

svn path=/trunk/; revision=26428
 2008-10-13 14:59:28 +00:00
Jaap Keuter 49fe94aa3f Fix for bug 2823 
Do not pass automatic variables back into caller space.

svn path=/trunk/; revision=26426
 2008-10-13 06:56:27 +00:00
Anders Broman 3893c32000 From David Aggeler: 
Reworked the item creation.

svn path=/trunk/; revision=26424
 2008-10-12 21:35:23 +00:00
Sake Blok b49434dcd2 From SUZUKI, Shinsuke <suz@kame.net> (bug 2956): 
Remove non-ascii characters to prevent compilation failure on
non-european windows.


svn path=/trunk/; revision=26420
 2008-10-12 09:38:40 +00:00
Stig Bjørlykke 9a50932bcf From Ward van Wanrooij (bug 2955): 
Add the fragment to the defragmentation sequence if the SMTP dissector
encouters a packet that contains both a DATA fragment and the terminating
\r\n.\r\n sequence.

svn path=/trunk/; revision=26419
 2008-10-11 16:01:48 +00:00
Stig Bjørlykke 813c6102b3 Really make it compile. Someone should have a look at this. 
svn path=/trunk/; revision=26417
 2008-10-11 15:16:37 +00:00
Anders Broman 08b51ea542 Just try to make it compile. 
svn path=/trunk/; revision=26416
 2008-10-11 15:00:39 +00:00
Anders Broman 092aab864a Another instance of Signal info. 
svn path=/trunk/; revision=26415
 2008-10-11 14:33:02 +00:00
Anders Broman 93a0edf6dd From David Aggeler: 
packet-dcm, improved DICOM Tag support, misc fixes.

svn path=/trunk/; revision=26413
 2008-10-11 14:25:02 +00:00
Anders Broman f8a1888e9f From Bruno Hivert: 
Pretify Bearer Capability.

svn path=/trunk/; revision=26411
 2008-10-11 11:06:58 +00:00
Anders Broman d5677f851a Add an expert item if src port = dst port. 
svn path=/trunk/; revision=26410
 2008-10-11 10:41:58 +00:00
Jaap Keuter 53708b2c85 Let the dissector call its subdissectors, even when tree==NULL. 
svn path=/trunk/; revision=26409
 2008-10-10 17:55:51 +00:00
Gerald Combs 32a1556557 From rmkml: Fix a typo in a comment. 
svn path=/trunk/; revision=26401
 2008-10-10 15:43:37 +00:00
Anders Broman 5ad34b26b6 Dissect Signal info with gsm-0806 protocol id. 
svn path=/trunk/; revision=26399
 2008-10-10 12:08:28 +00:00
Anders Broman 1742b395c1 From : Mike Kazmier: 
Fixes for two bugs dealing with adaption fields in MPEG2 Transport Streams (packet-mp2t.c)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2946

svn path=/trunk/; revision=26398
 2008-10-10 09:17:26 +00:00
Anders Broman 9f87a8bf94 Put Tag and lengt in the tree. 
svn path=/trunk/; revision=26397
 2008-10-09 18:57:35 +00:00
Anders Broman fdb832cf1b Dissect Bearer cap in Signal info. 
svn path=/trunk/; revision=26396
 2008-10-09 17:51:51 +00:00
Gerald Combs 4bb3c4b8e2 Back out r26377 so that I can get 1.1.1 out the door. 
svn path=/trunk/; revision=26391
 2008-10-09 03:34:12 +00:00
Bill Meier 76c5103967 Minor cleanup in proto_reg_handoff; remove unused #include and typedefs 
svn path=/trunk/; revision=26390
 2008-10-09 01:20:02 +00:00
Jaap Keuter 38cf4a2156 From Shane Kearns: 
The L2CAP dissector assumes all packets on a connection oriented channel are
B-frames (basic mode, or v1.1 backwards compatibility).  
Retransmission mode or flow control mode (introduced in v1.2 bluetooth spec)
use I-frames and S-frames, which are described in the current 2.1 spec here:
Volume 3 (core, host volume) - Part A (L2CAP) - 3.3 (CONNECTION-ORIENTED
CHANNEL IN RETRANSMISSION/FLOW CONTROL MODES).

svn path=/trunk/; revision=26383
 2008-10-08 20:33:55 +00:00
Jaap Keuter bb250894fd From Karl Heinz Wolf: 
This patch adds support for DHCPv4 coordinate-based Location Configuration
Option 123, as proposed by RFC 3825.
The decoding functionality is based on the RFC3825decoder by Klaus Darilion
http://www.enum.at/rfc3825encoder.529.0.html

svn path=/trunk/; revision=26381
 2008-10-08 18:26:53 +00:00
Anders Broman 07ccec7bcb 3GPP TMSI STATUS IE decoding does not update curr_offset 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2945

svn path=/trunk/; revision=26379
 2008-10-08 16:09:28 +00:00
Stig Bjørlykke e5713e2956 Remove a space, which I think was accidentally added in r26012. 
svn path=/trunk/; revision=26377
 2008-10-08 12:30:22 +00:00
Jaap Keuter 9a3accd9b1 Fix for bug 2944: 
Textual correction: Unnumbered Information format-> Unconfirmed Information format, among others.

svn path=/trunk/; revision=26369
 2008-10-07 07:29:32 +00:00
Jaap Keuter cd17e5036d Fix for bug 2638: 
Add support for XOT PVC setup dissection.

svn path=/trunk/; revision=26368
 2008-10-07 06:52:15 +00:00
Guy Harris 49f7ce426b Put a newline at the end of the file. 
svn path=/trunk/; revision=26365
 2008-10-06 21:47:39 +00:00
Anders Broman 0dcea98bb2 Remove experimental dissector. 
svn path=/trunk/; revision=26363
 2008-10-06 20:31:56 +00:00
Anders Broman 1f25f93a07 From Sven Eckelmann: 
B.A.T.M.A.N. dissector consists of many source files

svn path=/trunk/; revision=26362
 2008-10-06 20:24:02 +00:00
Anders Broman cee238507d From Kari Tiirikainen: 
Req/resp tracking and service response time stats for GTP-C

svn path=/trunk/; revision=26361
 2008-10-06 20:11:44 +00:00
Stig Bjørlykke 81633df2db Also use conversation index in the generated dst_ref. 
svn path=/trunk/; revision=26357
 2008-10-06 15:24:20 +00:00
Bill Meier a7e61da1b3 Minor cleanup related to proto_register and/or proto_reg_handoff 
ep_alloc + memset --> ep_alloc0 (teamspeak2)

svn path=/trunk/; revision=26356
 2008-10-05 23:08:54 +00:00
Jaap Keuter 94201f9daa From Alex Turbov: 
Sniffing native ICQ client I've found that SNAC(0x13,09) may contains more than
one buddy to modify. Also in attached patch enhanced decoders for SNACs
0x18-0x1B of family 0x13.

svn path=/trunk/; revision=26355
 2008-10-05 15:12:20 +00:00
Jaap Keuter 56feadb6b7 From Pascal Quantin: 
The attached patch fix several bugs in the decoding function to display the
Cell Channel Description (44.018 chapter 10.5.2.1b) and the Frequency List
(44.018 chapter 10.5.2.13) information elements content.
Without this patch the ARFCNs displayed are completely wrong.

svn path=/trunk/; revision=26354
 2008-10-05 09:30:24 +00:00
Ronnie Sahlberg 2b739fc611 use g_malloc/g_free instead of malloc/free 
svn path=/trunk/; revision=26353
 2008-10-05 08:41:44 +00:00
Jaap Keuter 62e4dd4459 From Colin O'Flynn: 
The idea is that there is now some hardware that can put 802.15.4 frames over
Ethernet. To do so, the 802.15.4 frames are wrapped in an Ethernet frame, with
the Ethertype set to a value indicating the payload is 802.15.4.

Since there is no official ETHTYPE designated by the IEEE, the number 0x809A
is used in this code. However a preference is added to the "IEEE 802.15.4" type
in the preference dialog allowing you to change this ethtype to something else.

The hardware for those interested is the Atmel Raven USB Stick.

svn path=/trunk/; revision=26352
 2008-10-05 08:11:35 +00:00
Ronnie Sahlberg 54716f411b change u_char to unsigned char to make the osx compiler happy 
svn path=/trunk/; revision=26351
 2008-10-05 00:51:28 +00:00
Ronnie Sahlberg d83b8b0336 kerberos/gss enhancements 
add a parameter *datalen to decrypt_krb5_data() so that we can pass back 
the length of the decrypted blob back to the caller.
This is useful for when there are "junk" at the end of the blob and thus 
the decrypted data is not the same size as the encrypted blob.
GSS CFX is one such example.
(we should have done this earlier since it might have made some other 
stuff easier to imlement...)


make the preference setting krb_decrypt a globally visible variable so 
we can see its value and act on it from callers of krb decryption from 
outside of packet-kerberos.c    i.e.   from GSS CFX


Make keytype == -1  a wildcard that when passed to decrypt_krb5_data() 
will try any/all encryption keys.
This since GSS CFX does not provide the enctype in the GSS layer.
(The GSS CFX enctype is only negotiated during the AP-REQ/REP  so we 
should later pick this value up and store it in a CFX session variable.
That is for a later enhancement.
)


Enhance the GSS decryption (that for hitorical reasons are implemented 
in packet-spnego.c  and not packet-gssapi.c :-)  )
to also handle decryption of GSS CFX

This should make wireshark able to decrypt any/all GSSAPI  RFC4121 
packets, if the keytab file is provided.


I have successfully decrypted LDAP using GSS CFX with AES encryption 
with this.




svn path=/trunk/; revision=26350
 2008-10-05 00:28:36 +00:00
Jaap Keuter af8ff96739 Add safety against possible endless loop. 
svn path=/trunk/; revision=26349
 2008-10-04 18:00:35 +00:00
Sake Blok 8b82ba219b Add support for dissecting the 802.1t System ID Extensions 
within the Bridge Identifiers.

(Inspired by http://packetlife.net/blog/2008/sep/26/vlan-challenge/)


svn path=/trunk/; revision=26348
 2008-10-03 22:11:13 +00:00
Stig Bjørlykke acd4e734c9 From Mattias Nissler (bug 2936): 
Fix some gpointer casts.

svn path=/trunk/; revision=26347
 2008-10-03 17:01:08 +00:00
Stig Bjørlykke 6882a5cd1a Several improvements: 
- Split SEQ/ACK analysis into SEQ analysis (pr msg) and ACK analysis
  (pr dest/ackinfo entry) to correctly handle multicast messages.
- Improved dump of timestamp (in units of 100ms).
- Show Address PDU with 0 dest entries as Ack-Ack PDU.
- Print correct number of missing sequence numbers in Ack.
- Indicate end of list entry in Ack.
- Message ID is unsigned.

svn path=/trunk/; revision=26345
 2008-10-03 14:58:53 +00:00
Ronnie Sahlberg 24b76bdc14 add a -K command line option to provide the name of the kerberos keytab 
file to use for decryption of Krb5 and GSS-KRB


svn path=/trunk/; revision=26343
 2008-10-03 05:21:28 +00:00
Ronnie Sahlberg 5c82d9b784 samr enhancements 
svn path=/trunk/; revision=26342
 2008-10-03 03:14:48 +00:00
Ronnie Sahlberg b94c255167 the security info bitmask is 4 bytes, not 2 
svn path=/trunk/; revision=26341
 2008-10-03 02:48:52 +00:00
Ronnie Sahlberg 48cabe4f20 SAMR updates 
svn path=/trunk/; revision=26340
 2008-10-03 02:39:17 +00:00
Stig Bjørlykke 2a4ddda66a Added option to decode as BER encoded ASN.1. 
Dump as data if no decoding.

svn path=/trunk/; revision=26339
 2008-10-02 15:47:06 +00:00
Stig Bjørlykke 55cc2f5adc Decode content according to given content type. 
svn path=/trunk/; revision=26338
 2008-10-02 15:45:54 +00:00
Jaap Keuter 9be273b75b From Frank Kingswood: 
LeCroy instruments use the VICP protocol to carry GPIB messages over Ethernet.

svn path=/trunk/; revision=26337
 2008-10-02 06:53:28 +00:00
Anders Broman fc95c5333f From Sven Eckelmann: 
B.A.T.M.A.N. dissector doesn't dissect gateway clients correct and has problems with truncated packets
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2869

svn path=/trunk/; revision=26336
 2008-10-02 06:29:28 +00:00
Ronnie Sahlberg ab6a6c07cb samr updates 
svn path=/trunk/; revision=26335
 2008-10-02 06:05:05 +00:00
Ronnie Sahlberg 740708750e fix typo 
svn path=/trunk/; revision=26334
 2008-10-02 04:56:22 +00:00
Gerald Combs 98df50f70b Make sure any data structures we allocate are properly initialized. Fixes 
bug 2922.

svn path=/trunk/; revision=26333
 2008-10-02 04:55:51 +00:00
Ronnie Sahlberg 097839cac0 enhancements to SAMR 
svn path=/trunk/; revision=26332
 2008-10-02 04:45:56 +00:00
Stephen Fisher 30d7ab211e From Jelmer Vernooij via enhancement bug #2929: 
Tie the IRC dissector to port 57000 for dircproxy and
other IRC proxies.


svn path=/trunk/; revision=26331
 2008-10-02 03:46:23 +00:00
Ronnie Sahlberg 8f8f84f6ae update to SAMR 
svn path=/trunk/; revision=26330
 2008-10-02 00:07:54 +00:00
Anders Broman f0f2cb8cbe Fix:MPEG PES decode reports "Malformed Packet" when PES packet length is 0 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2229

svn path=/trunk/; revision=26328
 2008-10-01 18:30:16 +00:00
Ronnie Sahlberg 3c8c901617 add 3 new OIDs to the x509af dissector 
svn path=/trunk/; revision=26325
 2008-10-01 05:23:58 +00:00
Ronnie Sahlberg c61094cca2 Call out to GPEF EFSBLOB from the LSA dissector 
svn path=/trunk/; revision=26324
 2008-10-01 05:01:59 +00:00
Ronnie Sahlberg 3bc4b767c5 add a new protocol GPEF. This implements the blobs in 
Microsoft   Group Policy : Encrypted File System Extension
MS-GPEF



svn path=/trunk/; revision=26323
 2008-10-01 05:00:44 +00:00
Ronnie Sahlberg 7d2d454373 add description of PolicyServerRole 
svn path=/trunk/; revision=26322
 2008-10-01 01:42:10 +00:00
Ronnie Sahlberg f413579fdc add two more constants to the lsa_PolicyInfo enum 
add a new constant to the lsa_DomainInfoEnum enum



svn path=/trunk/; revision=26321
 2008-10-01 01:28:52 +00:00
Ronnie Sahlberg 3e15613ed6 add the new autogenerated lsa dissector 
this changes some call signatures requiring changes to the netlogon 
dissector as well


svn path=/trunk/; revision=26320
 2008-10-01 00:48:27 +00:00
Ronnie Sahlberg bf27687d94 add more policy handle types for the new LSA dissector 
svn path=/trunk/; revision=26319
 2008-10-01 00:47:05 +00:00
Ronnie Sahlberg baa1527783 mark LSA as a autogenerated (and thus warningprone) dissector 
svn path=/trunk/; revision=26318
 2008-10-01 00:46:05 +00:00
Ronnie Sahlberg 0b53fc415b update the conformance file to workaround a pidl bug/limitation for top 
level arrays


svn path=/trunk/; revision=26317
 2008-10-01 00:28:15 +00:00
Ronnie Sahlberg b12b8cec37 add initial idl file and conformance file for LSA 
svn path=/trunk/; revision=26316
 2008-10-01 00:14:17 +00:00
Stig Bjørlykke 63a2017571 Add a cast to avoid a warning. 
svn path=/trunk/; revision=26315
 2008-09-30 22:01:04 +00:00
Jaap Keuter 51a72a3478 Fix for bug 2917: 
Modbus Application Protocol Specification V1.1b includes a function 43 (0x2b)
Encapsulated Interface Transport.  When Wireshark encounters this message it is
shown as a TCP message, not a Modbus message.

svn path=/trunk/; revision=26314
 2008-09-30 21:23:19 +00:00
Anders Broman d3ffd5cafd From Wade Hennessey: 
Add support the KDP (Kontiki Delivery Protocol).

svn path=/trunk/; revision=26313
 2008-09-30 21:13:37 +00:00
Anders Broman 0548bc9116 From Ben Greear: 
Add support for LANforge protocol.

svn path=/trunk/; revision=26312
 2008-09-30 21:00:12 +00:00
Anders Broman 6771996389 Fix Bug 2860 Malformed Packet DCP ETSI error with UDP packet length 9 by 
not accepting packages shorter than 10 bytes in the heuristic(min header length).
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2860

svn path=/trunk/; revision=26311
 2008-09-30 18:15:09 +00:00
Jeff Morriss 2207e21a91 get_iec104apdu_len(): make the offset variable a guin32 instead of a guint8 so 
we can deal with TVB lengths greater than 255.  This fixes the infite loop
reported in:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2914o

svn path=/trunk/; revision=26310
 2008-09-30 16:03:18 +00:00
Bill Meier aa30dcd129 Minor proto_reg_handoff cleanup: use find_dissector when appropriate. 
svn path=/trunk/; revision=26308
 2008-09-30 14:49:44 +00:00
Bill Meier 09bef39f3d Minor cleanup related to proto_register, proto_reg_handoff 
svn path=/trunk/; revision=26307
 2008-09-30 14:46:48 +00:00
Sake Blok a550fb9d78 Make the index from the conversation-struct available as field 
"tcp.stream", this will make it possible to sort packets by
tcp stream, filter tcp streams exactly, etc.

It is also the preparation for a fix for bug 1447


svn path=/trunk/; revision=26305
 2008-09-30 12:24:27 +00:00
Jaap Keuter 8b1a8faf1b From Alex: 
NFSV4 parsing of the GETATTR reply is broken. I'm not sure what is going on,
but I re-wrote the GETATTR parsing anyways and my version of the parsing does not 
exibit the same problems.

svn path=/trunk/; revision=26304
 2008-09-30 07:06:32 +00:00
Gerald Combs d2821ce8c0 We always use start_offset, so don't wrap it in "#ifdef HAVE_KERBEROS". 
svn path=/trunk/; revision=26301
 2008-09-30 02:55:42 +00:00
Gerald Combs 6c8f59f916 Add a cast to try to fix compilation on Windows. 
svn path=/trunk/; revision=26300
 2008-09-30 02:55:13 +00:00
Ronnie Sahlberg 011e836f26 dissect lookupnames3 
svn path=/trunk/; revision=26299
 2008-09-29 22:10:40 +00:00
Jaap Keuter 8bea3dd9c1 From Derek Morr: 
The DNS dissector conflates KEY (used for TSIG) and DNSKEY records. Also, the
DNSKEY dissector doesn't parse the REVOKED flag, defined in RFC 5011.

The attached patch splits KEY and DNSKEY parsing, and adds support for REVOKED.

svn path=/trunk/; revision=26298
 2008-09-29 21:40:53 +00:00
Jaap Keuter 6a5135600c From Jelmer Vernooij: 
The attached patch adds support for dissecting GSSAPI authentication
data to the SOCKS dissector.

svn path=/trunk/; revision=26297
 2008-09-29 21:39:13 +00:00
Ronnie Sahlberg 617dac4e04 there exists clients (linux) that sends a SETCLIENTID specifying the 
callback address/port with only 2 octets (high/low port)  i.e. witout 
specifying the ip address.


this caused wireshark to corrupt memory when trying to 0-terminate the 
original string after the fourth '.'   which happened to be beyond the 
end of the string.



svn path=/trunk/; revision=26296
 2008-09-29 21:06:12 +00:00
Ronnie Sahlberg b4d74f2506 from metze 
fallback to spnego_krb5_wrap for RFC4121 krb5 blobs


svn path=/trunk/; revision=26295
 2008-09-29 18:52:17 +00:00
Ronnie Sahlberg 687b0422d3 from Metze 
add dissection of RFC4121 krb5 blobs



svn path=/trunk/; revision=26294
 2008-09-29 18:44:10 +00:00
Ronnie Sahlberg 7d3592fed2 from metze 
add support for decryption of gssapi auth type 16


svn path=/trunk/; revision=26293
 2008-09-29 18:38:45 +00:00
Anders Broman 34c2c82499 GSM MAP: inconsistent spacing in Info column 
Bug https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2912

svn path=/trunk/; revision=26291
 2008-09-29 16:57:09 +00:00
Anders Broman 39941336e4 Add Sequence Number for DTAP messages. 
Fixes bug https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2490

svn path=/trunk/; revision=26290
 2008-09-29 16:53:28 +00:00
Anders Broman 46ecae4dd1 From Joan Ramio: 
New dissector IEC 60870-5-104.

svn path=/trunk/; revision=26289
 2008-09-29 16:49:14 +00:00
Anders Broman 44a0e364e5 From Jelmer Vernooij: 
Support for AYIYA protocol.

svn path=/trunk/; revision=26288
 2008-09-29 16:28:34 +00:00
Anders Broman 637761d295 From Francesco Fusco: 
Endace ERFII (extension header) support.

svn path=/trunk/; revision=26287
 2008-09-29 16:20:24 +00:00
Anders Broman 3a26e89362 From Reinhard(rspmn): 
Wrong display of USSD strings in the GSM 7-bit alphabet for non-ASCII data

svn path=/trunk/; revision=26286
 2008-09-27 14:16:55 +00:00
Bill Meier 69336f7d96 Minor cleanup for proto_reg-handoff & etc 
svn path=/trunk/; revision=26285
 2008-09-27 14:02:23 +00:00
Bill Meier 97e7747d42 Small cleanup of proto_reg_handoff & etc 
- 'once-only' not req'd in some cases
- use find_dissector as appropriate
- remove unneeded code

svn path=/trunk/; revision=26284
 2008-09-27 13:38:59 +00:00
Bill Meier 1a7294c2a7 Handle pref change via pref callback instead of registering an init fcn 
svn path=/trunk/; revision=26283
 2008-09-27 01:08:19 +00:00
Bill Meier 09c5d0c15b Addt'l minor change relating to proto_reg_handoff 
svn path=/trunk/; revision=26282
 2008-09-26 22:34:41 +00:00
Bill Meier c3ea1560bd Minor cleanup related to proto_register and proto_reg_handoff 
svn path=/trunk/; revision=26281
 2008-09-26 22:07:45 +00:00
Bill Meier ffa7320de2 Minor cleanup related to proto_register & proto_reg_handoff 
svn path=/trunk/; revision=26280
 2008-09-26 20:06:40 +00:00
Bill Meier a14b7b5264 Addt'l minor cleanup 
svn path=/trunk/; revision=26279
 2008-09-26 17:12:15 +00:00
Bill Meier c60c77ba4a prefs callback not req'd 
svn path=/trunk/; revision=26278
 2008-09-26 17:06:44 +00:00
Bill Meier 3e347bb88c Minor cleanups related to proto_reg_handoff 
svn path=/trunk/; revision=26277
 2008-09-26 17:04:01 +00:00
Bill Meier 64f088530e Reformat somewhat for readability 
svn path=/trunk/; revision=26276
 2008-09-26 16:45:28 +00:00
Stig Bjørlykke d1c2234b89 Change emv -> evm, as noted in bug 2903. 
svn path=/trunk/; revision=26275
 2008-09-26 10:15:58 +00:00
Jaap Keuter e45be35abb From Sagar Pai: 
This is a dissector for ZRTP, the Zfone projects secure media protocol, developed by Phil Zimmermann.
It is updated to the latest IETF draft draft-zimmermann-avt-zrtp-08.

svn path=/trunk/; revision=26274
 2008-09-25 22:06:58 +00:00
Anders Broman d4a70f2961 Add the missing part of the fix for "Failure to dissect long SASL wrapped LDAP response". 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2687

svn path=/trunk/; revision=26272
 2008-09-25 19:21:44 +00:00
Anders Broman e4e3a49dbe Update to the latest asn1 files and try to get rid of unused code warnings. 
svn path=/trunk/; revision=26271
 2008-09-25 19:20:14 +00:00
Anders Broman e34e97ac41 Update to the latest asn1 files and try to get rid of unused code warnings. 
svn path=/trunk/; revision=26270
 2008-09-25 19:19:39 +00:00
Tomas Kukosa 4981dbb788 do not call proto_tree_add_...() inside PROTO_ITEM_SET_HIDDEN() macro 
it creates item three times

svn path=/trunk/; revision=26269
 2008-09-25 18:32:14 +00:00
Anders Broman 7d8e236960 Add value_string to dissect_q931_cause_ie(). 
svn path=/trunk/; revision=26267
 2008-09-25 05:21:33 +00:00
Guy Harris 48343abfdf Get rid of no-longer-used variables. 
svn path=/trunk/; revision=26266
 2008-09-25 02:57:58 +00:00
Bill Meier 432f7be1e0 Minor proto_reg_handoff cleanup 
svn path=/trunk/; revision=26265
 2008-09-25 02:21:04 +00:00
Anders Broman 33ad445703 Packet-isup.c &packet-q931.[ch]: 
In case of cause pointing out ie "faults" use the correct "ie value_string".
in packet-isup.c use packet-e164.c for country code translation.

svn path=/trunk/; revision=26264
 2008-09-24 21:59:50 +00:00
Ronnie Sahlberg 0536955ab3 track smb dialects between negprot request to the responses so we can 
show the name of the selected dialect in the response and not just the 
index


svn path=/trunk/; revision=26263
 2008-09-24 16:16:01 +00:00
Jeff Morriss ba3f1eaa5a Fix https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2848 : 
Decode SUA GT digits.  This removes the (undecoded, raw BCD) FT_BYTES field
sua.global_title_signals and adds an FT_STRING field sua.global_title_digits
(like in SCCP).

svn path=/trunk/; revision=26262
 2008-09-24 13:41:47 +00:00
Tomas Kukosa 1e9ab739c3 put original tag name (not lowercase) into dissected xml structure too 
dissect xml even if tree is null

svn path=/trunk/; revision=26261
 2008-09-24 10:42:24 +00:00
Bill Meier 69c7082a64 Fix indentation to be reasonably consistent 
svn path=/trunk/; revision=26258
 2008-09-24 00:50:18 +00:00
Bill Meier 5ac2ba6354 Minor changes related to proto_reg_handoff & pref ranges 
svn path=/trunk/; revision=26254
 2008-09-23 15:03:39 +00:00
Bill Meier 65e1251846 Minor change: use guint for prefs port variables. 
svn path=/trunk/; revision=26253
 2008-09-23 01:10:45 +00:00
Bill Meier 1a7111b603 Minor revision related to proto_reg_handoff ... 
svn path=/trunk/; revision=26252
 2008-09-23 00:55:28 +00:00
Bill Meier c5ebd555b7 Trivial changes: comment and spacing 
svn path=/trunk/; revision=26251
 2008-09-23 00:45:05 +00:00
Bill Meier 5cba9cd3ae Fix minor bug: dissector_delete(...) should be "tcp" and not "udp". 
svn path=/trunk/; revision=26250
 2008-09-23 00:33:33 +00:00
Bill Meier 6aa5f8aa6a Minor cleanup related to proto_reg_handoff 
svn path=/trunk/; revision=26246
 2008-09-22 16:26:41 +00:00
Anders Broman 612463c139 Try to fix some "defined but not used" warnings. 
svn path=/trunk/; revision=26243
 2008-09-21 14:23:34 +00:00
Jaap Keuter 19e29e857e From Derek Morr: 
The Kerberos dissector does not parse IPv6 addresses in AS-REQ messages.
Attached is a patch that adds IPv6 dissection support, and adds a new filter,
kerberos.addr_ipv6, which is analagous to the existing kerberos.addr_ip.

svn path=/trunk/; revision=26241
 2008-09-21 13:55:32 +00:00
Guy Harris dbf7b99e97 The Official Home of the AVS header spec appears to bhe the 
linux-wlan-ng source tree; just insert it verbatim into a big honking
comment, rather than trying to play Find The URL with it.

svn path=/trunk/; revision=26239
 2008-09-20 01:57:18 +00:00
Bill Meier ca34becf82 Minor cleanup primarily related to proto_reg_handoff; spacing changes 
svn path=/trunk/; revision=26237
 2008-09-19 20:42:01 +00:00
Bill Meier a3e6eb8071 Minor cleanup mostly related to proto_reg_handoff 
svn path=/trunk/; revision=26236
 2008-09-19 17:39:44 +00:00
Gerald Combs 80e94e3ec3 Move wtap_pcap_encap_to_wtap_encap and wtap_wtap_encap_to_pcap_encap to 
libwsutil.

svn path=/trunk/; revision=26233
 2008-09-19 16:26:37 +00:00