ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
- if offset is 0, tvb_length is the same as tvb_length_remaining, just faster.
Replace
- col_append_fstr() with faster col_append_str()
- col_add_str() with col_set_str()
when it's safe
svn path=/trunk/; revision=23252
Please apply this patch (made against Wireshark 0.99.4). It defines the
NTLMSSP_NEGOTIATE_ANONYMOUS flag as described in
<http://davenport.sourceforge.net/ntlm.html>.
svn path=/trunk/; revision=20022
if the secblob starts with 'NTLMSSP' call the ntlmssp handle directly and not the gssapi one
ntlmssp:
dont change offset when dissecting a client_time, offset will be changed properly later outside the switch.
svn path=/trunk/; revision=17215
there are only 5 gmemchunks left but they have different litetime for their allocations than the 100+ ones that have been removed.
The remaining 5 should be converted some other way.
svn path=/trunk/; revision=15328
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
(cifs: dc's talking to eachother and when longhorn comes out: anyone wanting to talk dce to a dc!)
((this is an incredibly advanced feature well worthy of mentioning in NEWS))
svn path=/trunk/; revision=13690
1) Added a setup_frame parameter to conversation_t
2) Used the conversation_t next to maintain a list of conversations with the
same src/dest tuple but different setup_frame number.
3) Changed the signature of find_conversation() and conversation_new() to pass
in the frame number.
4) Adjusted packet-sdp to select RTP conversation if both m=audio and m=image
are present, and T.38 conversation if only m=image is present. I expect that
RTP/T.38 dissecting to be better, but I don't have a way to generate T.38
packets.
svn path=/trunk/; revision=13243
make the source files all include the corresponding header files (so
that the declarations in the headers have to match the definitions in
the source files in order for compilation to succeed).
svn path=/trunk/; revision=12116
the NTLMv2 blob, so don't bother dissecting it for now - perhaps we
should see how much of the NTLMv2 response remains, and, if there is
any, put it into the tree as extra data.
svn path=/trunk/; revision=11765
NTLMSSP-related than SMB-related, and documents about NTLMSSP talk about
it, so it's a little more convenient to keep all that stuff together -
and export it through a packet-ntlmssp.h header.
svn path=/trunk/; revision=11585
"Negotiate 56", meaning that 56-bit encryption is supported - and that
"Negotiate 128" means that 128-bit encryption is supported, so note that
in the blurb for that flag.
It also says that the values for "Request Init Response", "Request Accept
Response", and 'Request Non-NT Session Key" are a factor of 16 away from
what our #defines say they are, and that 0x000[124]0000 are "Target Type
{Domain,Server,Share}". Note that in a comment.
svn path=/trunk/; revision=11582
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
