it as appropriate in the code to read Network Instruments Observer
captures (rather than tweaking the "protected" flag in the packet data),
and use that flag in the 802.11 dissector.
Fix indentation while we're at it (tabs are not *ipso facto* 4 spaces).
svn path=/trunk/; revision=43795
implicitly by the #define name and string they were defined to; not all
UATs neatly fit into any of the categories, so some of them were put
into categories that weren't obviously correct for them, and one - the
display filter macro UAT - wasn't put into any category at all (which
caused crashes when editing them, as the GUI code that handled UAT
changes from a dialog assumed the category field was non-null).
The category was, in practice, used only to decide, in the
aforementioned GUI code, whether the packet summary pane needed to be
updated or not. It also offered no option of "don't update the packet
summary pane *and* don't redissect anything", which is what would be
appropriate for the display filter macro UAT.
Replace the category with a set of fields indicating what the UAT
affects; we currently offer "dissection", which applies to most UATs
(any UAT in libwireshark presumably affects dissection at a minimum) and
"the set of named fields that exist". Changing any UAT that affects
dissection requires a redissection; changing any UAT that affects the
set of named fields that exist requires a redissection *and* rebuilding
the packet summary pane.
Perhaps we also need "filtering", so that if you change a display filter
macro, we re-filter, in case the display is currently filtered with a
display filter that uses a macro that changed.
svn path=/trunk/; revision=43603
Wireshark > 1.4 does not correctly read Association ID for PS Poll packets
Wireless Frame with subtype 0x1a don't interpret the Association ID (always 0).
Fix :
proto_tree_add_uint() wasn't changed to proto_tree_add_item()
#BACKPORT
svn path=/trunk/; revision=43556
Look before we loop
Check the value of various key count parameters against the size of their
parent tag *before* we start looping on them.
Stick an expert error on the field and bound the loop at a sane point if the
count is bogus.
svn path=/trunk/; revision=42631
Add wlan.ra field value to wlan.addr
The (hidden) field wlan.addr==xx:xx:xx:xx:xx:xx currently matches wlan.da,
wlan.bssid, wlan.sa and wlan.da fields but not wlan.ra field.
svn path=/trunk/; revision=42597
802.11s Decoding Bug (Mesh Control Field)
Wrong offset use to dissector Mesh Extended Address(bug from the revision 39314)
svn path=/trunk/; revision=42105
registered OUIs from manuf and allow custom dissectors for
Organizationally Specific TLVs. Fixes bug 7080.
Use uint_get_manuf_name() and uint_get_manuf_name_if_known(), rather
than tvb_get_manuf_name() and tvb_get_manuf_name_if_known(), in cases
where we've fetched the OUI.
Have the ECP/VDP dissector also display registered OUIs from manuf.
Get rid of the OUI_CISCO_2 OUI from tlv_oui_subtype_vals, as that can
come from the manuf file. Leave in comments explaining why, for now, we
aren't using the manuf file for *all* the OUIs.
svn path=/trunk/; revision=42055
In some cases:
Use val_to_str_const() instead of val_to_str();
Reformat long lines;
Do some general whitespace changes.
svn path=/trunk/; revision=41587
Remove tag_len parameter - it was redundant.
The length passed no longer contains the vendor id.
- add_tagged_field / TAG_VENDOR_SPECIFIC_IE:
Reorder so that the ieee "standard" vendor ids come fist,
after that the really vendor specific stuff.
svn path=/trunk/; revision=41027
for (i = 1; i <= N; i++)
...
the type of "i" must have, as its maximum value, a value >= the maximum
value of N; otherwise, if N is equal to the maximum value that fits in
"i", the loop willnever terminate. (If that requires "i" to be larger
than you'd like, do the loop as
for (i = 0; i < N; i++)
...
which doesn't have that problem.)
Clean up the "i = 1" clause's white space in those for loops.
svn path=/trunk/; revision=41010
anything that can run Wireshark (it might be slower), and if the maximum
count value is 16-bit, you can loop forever if the maximum count value
happens to be 65535.
(Yes, this means that
guint i, j;
...
for (i = 0; i < j; i++)
...
risks looping forever if j is 2^32-1, and the same applies to 64-bit
counters. There are probably fewer protocols with 32-bit counts, and
probably even fewer with 64-bit counts, but the way it should be done in
those cases, for safety, is
i = 0;
for (;;) {
if (i >= j)
break;
...
if (i == j - 1)
break;
}
or something such as that.)
Fixes bug 6809.
#BACKPORT
Will schedule for 1.6.x.
svn path=/trunk/; revision=40967
Mesh Peering Management reason code field interpreted as status code
The Mesh Peering Management tag displays a status code instead of a reason code
svn path=/trunk/; revision=40132
It's tedious to parse the blockack bitmap by hand, showing it in wireshark
directly is much nicer. Attached patch does so, only for compressed BA for now.
From me: made it filterable.
svn path=/trunk/; revision=40126
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
Move sniffer meta data parsing to separate files
packet-ieee80211.c includes dissectors for three different styles
of IEEE 802.11 sniffer meta data (like signal strength). Move these
to separate files in the same style as a fourth format (radiotap)
was already handled, so that packet-ieee80211.c focuses on the
actual IEEE 802.11 frame dissecting.
This reverts
http://anonsvn.wireshark.org/viewvc?revision=23911&view=revision
Objections?
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6443
svn path=/trunk/; revision=39379
Guy Harris