- Added ASN.1 integer values for StandardExtension, ExtensionAttributeType
and TokenDataType.
- Added expert info for unknown standard-extension, extension-attribute-type
and tokendata-type.
- Added expert info for unknown built-in content-type.
svn path=/trunk/; revision=22730
- As noted by Thomas Anders values are not added to the tree anymore. Move the calling of subdissectors to the end of the function, so that the value is added to the tree.
- add port 8161 to be decoded as SNMP (hey, it's on IANA's services file!)
UAT:
- do not have the uat reloaded.
OIDS:
- do not complain if renaming an OID to an identical name
svn path=/trunk/; revision=22704
rename dcerpc_smb_fetch_pol to dcerpc_fetch_polhnd_data and also make
it take an additional parameter to return the "type" of the policy
handle, if such a type was stored.
extend the pol_value structure used to track policy handles to also
store a type to represent what created the policy handle
types could be USER/ALIAS/CONNECT/... etc handles returned from the
SAMR interface
add a new helper function dcerpc_store_polhnd_type()
track policy handles between request/responses for dcerpc
update the samr.cnf file to make the samr dissectors for
SetSecurity/QuerySecurity dissect the specific bits for the security
descriptor correctly based on whether the policy handle refers to a
CONNECT/DOMAIN/USER/ALIAS or GROUP
svn path=/trunk/; revision=22703
- reimplement the "snmp.variable_oid" dissector table
- oids.[ch]
- get rid of keytype_implicit in oid_value_type_t we won't use it.
- have the windows base path for mibs be consistent to where we've put the mibs
- oid_get_from_encoded() and oid_get_from_string(): have the subids array being computed in a prior statement of where the side-effected argument is going to be used... worked on gcc, not on windows... I deserve "have daemons flying out of my nose" for that :-).
svn path=/trunk/; revision=22684
1. Priority field decode.
The 802.1q tag field of a frame is separated from its frame body in
a ERSPAN packet.
Current packet-cisco-erspan.c decodes only the vlan id field of the
802.1q tag.
This patch can also decode the priority field of the 802.1q tag.
2. Direction of a captured frame decode.
A ERSPAN packet includes the additional information of the direction
a captured frame as below.
If a caputred frame comes from outside to a switch port, this means an
'Incoming' frame. If a caputred frame goes out of a switch port,
this is an 'Outgoing' frame.
Added an extra unknown value for the bit between direction and spanid.
svn path=/trunk/; revision=22649
- Decodes all valid Restart Signaling CLVs
- The restart flags are now shown in a tree and have display filters for them
- The Remaining hold time field now has a display filter
- The Restarting Neighbor Id field is now decoded
- Corrected another CLV decoder that assumed the length of a system ID was 6
and hard coded that value instead of using the id_length variable
Rearranged the Restart Signaling Flags to show the most significant bit first
svn path=/trunk/; revision=22646
The MP_REACH_NLRI (and MP_UNREACH_NLRI) parser incorrectly increments a buffer
offset. Any attributes following will be skipped and/or parsed incorrectly.
No security problem I see - the bounds are checked before parsing each attribute.
svn path=/trunk/; revision=22598
1. Moved all the network layer message type decodings under the network layer control bit check to prevent malformed packets.
2. Added the decoding of the optional network number for the Who-Is-Router-To-Network message type.
3. Added the decoding for the Establish-Connection-To-Network and Disconnect-Connection-To-Network network layer messages.
4. Corrected Initialize-Routing-Table and Initialize-Routing-Table-Ack decoding.
5. Added Network layer info under Column Info.
svn path=/trunk/; revision=22597
When LACP packets have the actor state or partner state fields set to 0x00,
wireshark prints the state like this (note the closing parenthesis):
Actor State: 0x00)
Since there are no flags set, this fields should be printed like this:
Actor State: 0x00
svn path=/trunk/; revision=22594
When a subdissector on top of TCP set ... DESEGMENT_UNTIL_FIN ... then
the subdissector should receive the whole reassembled TCP stream in tvb.
But the bug is it is missing the last payload from the FIN packet.
svn path=/trunk/; revision=22578
The following patch decode DHCP option 249 (Classless Static Route) used by
some Microsoft systems. Same decoding as option 121 (RFC 3442).
svn path=/trunk/; revision=22576
This patch set provides a an API for out of band signalling protocols to
register flows as SRTP/SRTCP using extended versions of the existing
rt(c)p_add_address functions. At present the encrypted portions of the payloads
are simply skipped, and the auth tags etc added as fields.
svn path=/trunk/; revision=22562
gsm_a :
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1754
SMS CP (gsm_a_dtap), RP (gsm_a_rp) and T-PDU (gsm_sms) protocol stacks are
decoded in Wireshark when called by BSSAP or RANAP.
Same protocol stack can be called by GPRS-LLC (sapi 7). Simple modification
needed in packet-gsm_a.c to add dtap dissector to llcgprs.sapi 7.
Me a comment in gprs-llc.
svn path=/trunk/; revision=22559
Fixed an offset for diagnostic in COL_INFO.
This file should really be rewritten to use more proto_tree_add_item's
instead of proto_tree_add_text's.
svn path=/trunk/; revision=22552
different ways, add a set of common conversion routines. Add a
"Frequency/Channel" column and fill it in where we can. Fix RSSI column
printing in PPI.
Fix up whitespace along the way.
svn path=/trunk/; revision=22538
Supports RC2, RC4 and 3DES with SHA1 Password-based Encryption using libgcrypt functions.
Password is provided as a preference, as is trying to decode with a empty/NULL password.
svn path=/trunk/; revision=22534