Sniffing native ICQ client I've found that SNAC(0x13,09) may contains more than
one buddy to modify. Also in attached patch enhanced decoders for SNACs
0x18-0x1B of family 0x13.
svn path=/trunk/; revision=26355
The attached patch fix several bugs in the decoding function to display the
Cell Channel Description (44.018 chapter 10.5.2.1b) and the Frequency List
(44.018 chapter 10.5.2.13) information elements content.
Without this patch the ARFCNs displayed are completely wrong.
svn path=/trunk/; revision=26354
The idea is that there is now some hardware that can put 802.15.4 frames over
Ethernet. To do so, the 802.15.4 frames are wrapped in an Ethernet frame, with
the Ethertype set to a value indicating the payload is 802.15.4.
Since there is no official ETHTYPE designated by the IEEE, the number 0x809A
is used in this code. However a preference is added to the "IEEE 802.15.4" type
in the preference dialog allowing you to change this ethtype to something else.
The hardware for those interested is the Atmel Raven USB Stick.
svn path=/trunk/; revision=26352
add a parameter *datalen to decrypt_krb5_data() so that we can pass back
the length of the decrypted blob back to the caller.
This is useful for when there are "junk" at the end of the blob and thus
the decrypted data is not the same size as the encrypted blob.
GSS CFX is one such example.
(we should have done this earlier since it might have made some other
stuff easier to imlement...)
make the preference setting krb_decrypt a globally visible variable so
we can see its value and act on it from callers of krb decryption from
outside of packet-kerberos.c i.e. from GSS CFX
Make keytype == -1 a wildcard that when passed to decrypt_krb5_data()
will try any/all encryption keys.
This since GSS CFX does not provide the enctype in the GSS layer.
(The GSS CFX enctype is only negotiated during the AP-REQ/REP so we
should later pick this value up and store it in a CFX session variable.
That is for a later enhancement.
)
Enhance the GSS decryption (that for hitorical reasons are implemented
in packet-spnego.c and not packet-gssapi.c :-) )
to also handle decryption of GSS CFX
This should make wireshark able to decrypt any/all GSSAPI RFC4121
packets, if the keytab file is provided.
I have successfully decrypted LDAP using GSS CFX with AES encryption
with this.
svn path=/trunk/; revision=26350
- Split SEQ/ACK analysis into SEQ analysis (pr msg) and ACK analysis
(pr dest/ackinfo entry) to correctly handle multicast messages.
- Improved dump of timestamp (in units of 100ms).
- Show Address PDU with 0 dest entries as Ack-Ack PDU.
- Print correct number of missing sequence numbers in Ack.
- Indicate end of list entry in Ack.
- Message ID is unsigned.
svn path=/trunk/; revision=26345
provide a default case (returning an error) to prevent wiretap from asserting
out because we didn't set the packet encapsulation.
svn path=/trunk/; revision=26327
Modbus Application Protocol Specification V1.1b includes a function 43 (0x2b)
Encapsulated Interface Transport. When Wireshark encounters this message it is
shown as a TCP message, not a Modbus message.
svn path=/trunk/; revision=26314
We might receive new packets while redissecting and don't want to
dissect those before the packet-list is fully rebuilt.
svn path=/trunk/; revision=26309
Stig Bjørlykke