"packet-dcerpc-nt.c", and registers "dcerpc_smb_init()" as an
initialization routine. Take the ett_ registration out of the latter
routine, and also take out the "do this only once" stuff.
Get rid of the initialization routines for netlogon, samr, and spoolss;
they just call "dcerpc_smb_init()", which is now an initialization
routine of its own.
The policy hash initialization should be done before every capture, so
it should be done in an initialization routine, and should not do any
"do this only once" stuff. It should also be called only once before
every capture, rather than 3 times.
The ett_ initialization should, however, be done at the same time all
other ett_ initialization is done - at protocol registration time - so
it should be done in a "proto_register_" routine.
This fixes a bug I saw wherein
1) the tree for Unicode strings was open by default
and
2) if you closed one and then exited, Ethereal would crash.
The problem is that "proto_register_subtree_array()" doesn't expand the
array, it just bumps the number of registered ett_ values; the array is
allocated in "proto_init()". As such, if you register ett_ values with
"proto_register_subtree_array()" *after* "proto_init()" is called - and,
even for the first capture, initialization routines are called after
"proto_init()" is called - you will get ett_ numbers that go past the
number of elements in the array.
Move the declaration of "ett_nt_unicode_string" to "packet-dcerpc-nt.h",
as it's exported from "packet-dcerpc-nt.c".
Get rid of the declaration of "dcerpc_smb_init()" in
"packet-dcerpc-nt.h", and make it static, as it's no longer called from
outside "packet-dcerpc-nt.c".
svn path=/trunk/; revision=5196
regardless of whether they're the first frame we see in a reassembly or
not - put all but the last fragment into the hash table (so subsequent
frames with the same reassembly ID don't get misdissected as
unfragmented frames), return the head of the fragment list for the first
fragment and NULL for all other fragments (so the first fragment gets
dissected as a fragmented packet), and unhash the fragment head from the
reassembly hash table when we see the last fragment.
svn path=/trunk/; revision=5189
least some of the reassembly mechanism, so we can deal with both bogus
and real last fragment (display the bogus ones as unfragmented frames,
treat the real ones as fragments).
svn path=/trunk/; revision=5186
"frame_data" structure for the frame as the key structure, and use the
frame number in that field as the key. (We could be even cheesier and
use the frame number as the key, with casts.)
When we move an entry from the hash table of reassemblies to the hash
table of reassembled packets, free the key structure for the first hash
table. (This doesn't plug a leak, as they get freed when you
reinitialize the data structures, but it does reduce the memory needed
for them to the amount needed for in-progress reassemblies rather than
the amount needed for all reassemblies.)
svn path=/trunk/; revision=5180
addresses.
When showing a list of keysyms, build the text representation of the
item for the list by appending keysyms to the text of the item as
dissected; this fixes a bug in the display of those keysums, and means
that we don't build a text string with the keysyms if we're not
generating the text representation.
svn path=/trunk/; revision=5179
packets, using the reassembly ID and the frame number of the final frame
as the key. There is no guarantee that reassembly IDs won't be reused,
even when talking between the same source and destination address; if,
once reassembly is complete, the "fragment_data" structure is moved to
the latter hash table, this will keep reused reassembly IDs from causing
mis-reassembly.
Add a routine "fragment_add_seq_check()", which
if a fragment has the "more fragments" flag not set but is the
first fragment of a reassembly, treats that as a non-fragmented
frame, allocating a "fragment_data" structure for the reassembly
but not attaching any fragment to it, and adding it to a
reassembled packet list;
if a packet has been reassembled, removes it from the table of
reassemblies and moves it to the table of reassembled packets;
if the frame's been seen already, looks it up in the table of
reassembled packets rather than the table of reassemblies.
Add reassembly support for fragmented 802.11 frames. Use
"fragment_add_seq_check()" to cope with the fact that some
hardware+drivers apparently hands us reassembled frames with a non-zero
fragment number and the "more fragments" bit clear (as if it puts the
802.11 header of the *last* fragment onto the reassembled data).
svn path=/trunk/; revision=5177
Try to check whether the first request we see is an initial connection
request, and dissect it as such if so.
Get rid of the global "next_offset" variable.
Check for buffer overflows when building the summary item for a list
of keysyms.
Display BASE_DEC items in decimal, not hex.
svn path=/trunk/; revision=5173
- support for current SCTP checksum
- fix a bug for the -S parameter
- fix a bug in the displayed output for the TSN and PPI.
svn path=/trunk/; revision=5169
In capability element, length is for the value (excluding type &
len field) not for the whole element. Results in packets not
being parsed correctly.
svn path=/trunk/; revision=5166
memory leaks.
Put "Requests", not "X11 request", in the Info column for packets to the
server - we already know it's X11, and there may be more than one
request in the packet.
Put "Replies/events", not "X11 event", in the Info column for packets
from the server - we already know it's X11, and there may be more than
one message, and the messages might be replies rather than events.
svn path=/trunk/; revision=5164
Declares some variables static.
Creates a new include file packet-rsvp.h, and make use of it
(change some extern decls to #inlcude).
Move the file packet-pgm.h into packet-pgm.c as it is not used
by anything outside packet-pgm.c.
svn path=/trunk/; revision=5162
message regardless of whether they're set or clear, so you can see not
only what flags are set, but also what flags aren't set. (The previous
checkin only affected bitfields that don't control whether other fields
show up in a message.)
svn path=/trunk/; revision=5158
you can see not only what flags are set, but also what flags aren't set.
Don't show reserved bits unless they're set, though.
svn path=/trunk/; revision=5157
with "--with-zlib"/"--without-zlib", and the added support for
"--with-zlib=DIR".
Update to reflect the replacement of "--disable-snmp" with
"--without-ucdsnmp".
Note "--without-pcap" is what you'd use to build on a system without
libpcap.
Fix some typos.
svn path=/trunk/; revision=5153
Ronnie Sahlberg