routines are passed a separate struct wtap_pkthdr to be filled in.
Get rid of the pseudo_header member of the wblock structure - the
pseudo-header is part of the struct wtap_pkthdr.
Get rid of the union wtap_pseudo_header * argument to
pcap_process_pseudo_header() - it's passed a pointer to a struct
pcap_pkthdr, and that structure contains the union in question.
Have libpcap_read_header() take a FILE_T argument, rather than using
only the "sequential" handle of the wtap it's handed. Have the libpcap
read routine return the offset of the beginning of the pcap record, and
have the seek-read routine read the header and fill in the struct
wtap_pkthdr handed to it.
svn path=/trunk/; revision=49401
both the read and the seek-read routines. Have the read routine return
the offset of the record header as the record's offset, so that the
seek-read routine can read that header.
svn path=/trunk/; revision=49397
globals directly. If we ever manage to make them *not* globals (which
might only be possible with newer versions of Flex), then we can do
better.
Get rid of an unused variable.
Squelch a 64-bit-to-32-bit conversion warning.
svn path=/trunk/; revision=49396
When a TCP segment contains the end of two or more SSL PDUs, the TCP reassembly
code passes that segment up to the SSL dissector multiple times--one for each
SSL PDU. The SSL dissector queues the packet for SSL tap listeners each time it
is invoked. Therefore a single packet can be processed by SSL tap listeners
multiple times. But the tap data that the SSL dissector sends to its tap
listeners is a linked list of all PDUs in the packet.
The SSL tap listener responsible for populating the Follow SSL Stream dialog
did not account for the possibility of seeing a packet multiple times. As a
result, it would process the entire linked list of PDUs each time it received a
packet, and that would result in some SSL PDUs showing up two or more times in
the dialog.
This patch fixes the described bug. It also implements a few slight
improvements in closely related code. See bugzilla for details.
svn path=/trunk/; revision=49387
doesn't need to return the number of bytes of captured packet data (it
can just stuff that into the struct wtap_pkthdr), so have it return a
Boolean success/failure indication.
svn path=/trunk/; revision=49376
have it return -1 for errors or EOF, and have iseries_read() check for a
negative return value and return FALSE. That simplifies it a bit, and
handles the "no more records in the file" case
(iseries_seek_next_packet() will hit EOF and return -1 with *err set to
0, which is what the callers of a read routine expect at EOF).
Get rid of duplicate (and incorrect before the change) comment.
svn path=/trunk/; revision=49375
ipfix_read_and_process_message_header() call it and then fill in the
wtap_pkthdr structure, and use the latter routine in the read and
seek-read routines.
Expand a comment, and fix indentation.
svn path=/trunk/; revision=49369
Theses patches add alot of new message types for the 9P protocol and its
extensions (most specifically 9P2000.L), while staying compatible with the
legacy protocol (hence the hashtable with conversation information, since
version is only known at handshake)
It is still missing alot of 9P2000.u specifics, but I don't have any server
to test it with. I'm also missing some dump to test legacy, but I'm pretty
confident I didn't break much there as it is mostly compatible, most
differences are handled using different messages, the only one that was
changed would be RERROR.
second diff also adds deeper interpretation of the protocol, by following
the conversation stream and keeping a bigger hashtable associating fid (file
handles) and file names, for easier debugging.
From me: roll the contents of the (new) packet-9p.h back into the C file.
svn path=/trunk/; revision=49363
Change "Edit" to "Rename" and add icons to "Manage Profiles..." and "Switch
to...". Update the associated widget, routine, and variable names in order
to facilitate future maintenance.
svn path=/trunk/; revision=49361
not a wtap *, and have it fill in the specified struct wtap_pkthdr.
That makes the seek-read routine do the right thing.
svn path=/trunk/; revision=49358
Starting with collectd 5.0, the representation of time has changed. The new
fields "TIME_HR" and "INTERVAL_HR" contain the seconds since the epoch in steps
of 2^{-30} seconds (roughly nanosecond precision). This patch adds support for
both time formats.
From me:
Permit using 64-bit integers with value-strings, as this protocol actually
seems to needs it. We'll misbehave for named values > 2^32 but there aren't any
of those despite the field being 64 bits.
svn path=/trunk/; revision=49357
routine.
Rename daintree_sna_hex_char() to daintree_sna_process_hex_data() (to
more clearly indicate what it does - it doesn't process a single
character, it processes a whole bunch of them), and have it do some
error checking and fill in the length field in the wtap_pkthdr.
svn path=/trunk/; revision=49356
the same point at which the rest of the wtap_pkthdr is filled in (so
it's done in seek-read routines).
parse_cosine_hex_dump()'s return value is used as the return value of
read routines, so it should be Boolean. Make it so (and have it stuff
the actual length of packet data read into a wtap_pkthdr, which also
ensure that this is done in seek-read routines).
svn path=/trunk/; revision=49352
routine, for use both by the seek and read routines, and move some
common code there.
Make the delta between Symbian and UNIX time a static value.
Make the prefix for all routine names "btsnoop" rather than "snoop".
svn path=/trunk/; revision=49348
for read and seek-read.
Clarify a comment. (wtap_open_offline() only rewinds the file before
calling each open routine; once one of those routines has decided the
file belongs to it, the seek offset belongs to it, so it needs to do all
the seeking necessary - files with a file header *don't* want a rewind,
they want to leave the seek offset positioned *past* the file header so
it can read the records that follow the file header.)
svn path=/trunk/; revision=49347
Guy Harris