Enable decryption of TLS 1.2.
Add some cipher suites from RFC5246 and RFC5289.
Fixed a bug in the handling of stream cipher.
(The explicit IV field in the application record doesn't exist when stream ciphers are used. But the original code handles it as if one-byte IV exists.)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6688
svn path=/trunk/; revision=40273
- ... and make that distinction configurable for capture files that do not have padding in small frames, but do have trailers
- Add VSS-Monitoring dissector to show by the TAP inserted time- and portstamps
svn path=/trunk/; revision=40108
This patch covers following -
i) Support for detecting OSPFv2 Opaque RI LSA. (RFC4970)
ii) Support for detecting OSPFv2 RI Capabilities TLV (RFC4970)
iii) Support for detecting OSPF Dynamic Hostname TLV (RFC5642)
iv) As per RFC4970, support for detecting RI LSA for OSPFv3 as well.
svn path=/trunk/; revision=40073
- Removed some mpls preferences which are no longer relevant/needed like
decode PWAC payloads as PPP traffic and assume all channel types except 0x21
are raw BFD.
- MPLS extension from PW-ACH to MPLS Generic Associated Channel as per RFC 5586
- Updated Pseudowire Associated Channel Types as per
http://www.iana.org/assignments/pwe3-parameters
- Updated the VCCV bitmaps as per RFC 5885
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6574
svn path=/trunk/; revision=40026
kNet (KristalliNet) dissector for Wireshark
kNet is a connection-oriented network protocol for transmitting arbitrary application-specific messages between network hosts. It is designed primarily for applications that require a method for rapid space-efficient real-time communication. kNet is an application-level protocol which can be ran either over UDP, TCP or SCTP transports.
From me :
* Add Modelines information and fix trailing whitespace
* Merge packet-knet.h in packet-knet.c
* Make Checkhf happy
* Fix Clang/GCC Warning about unused variable
* Add Authors info & CMakeList.txt
svn path=/trunk/; revision=40010
Enhance XMPP Dissector
XMPP is communication protocol that is based on XML.
Existing Jabber dissector has only few filtering possibilities and displays packets in inconvenient way.
This dissector is a result of cooperation with Jitsi community as Google Summer of Code project (http://www.jitsi.org/index.php/GSOC2011/XmppWireshark).
From me :
Add Mariusz Okrój in AUTHORS File
Add Modelines information
svn path=/trunk/; revision=39799
Dissector for HSR and PRP-1
Here is a patch that adds a dissector for HSR and for PRP-1. Both protocols are defined in IEC62439 Part 3. (High-availability Seamless Redundancy / Parallel Redundancy Protocol)
The existing PRP dissector has been refactored to support both the old PRP (now called PRP-0) and the new PRP-1.
There are three distinct dissectors:
- HSR (ethertype 892F)
- HSR/PRP supervision (ethertype 88FB)
- PRP-0 and PRP-1 (trailer dissector; disabled by default)
From me :
* Fix Clang Warning
* Add modification for CMakeLists.txt
svn path=/trunk/; revision=39692
dissector for HDCP (High bandwidth Digital Content Protection)
HDCP can run on top of TCP, there's no fixed port number assigned. I created a heuristic dissector that's disabled by default and can be enabled by setting a preference (similar to the hilscher dissector). The idea behind this is that some HDCP messages are hard to recognize (e.g. one byte message id + 8 random bytes). Having the dissector enabled at all times may generate false positives.
svn path=/trunk/; revision=39480
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5929
From me:
packet-cipmotion.c:
FT_BOOLEAN fields with bitmasks need a bit-fieldwidth in the hf[] entry 'display' field;
Define attribute_size as guint32 since it has to store guint8*guint16;
Use ENC_NA as encoding arg in proto_tree_add_item() for FT_BYTES field types;
Remove trailing whitespace from lines;
Other minor cleanup and reformatting.
packet-enip.c:
Use ENC_NA as encoding arg in proto_tree_add_item() for FT_BYTES field types;
svn path=/trunk/; revision=39396
Re-write of the EIGRP dissector to support Multi-Protocol (TLV 2.0) and
Multi-Topology (TLV 3.0). This version also support Service Advertisement
Framework(SAF) extensions to EIGRP
Dissector includes:
- Dissection of all EIGRP Opcodes and TLVs
- Decode of EIGRP Flags and bitfields
- Decode of EIGRP Communities
- Decode of latest EIGRP "wide metric" formats
- Decode of EIGRP Extended Metrics
- Decode of SAF packets with XML client data handed off to XML dissector
From me:
Fix checkapi errors/warnings use G_GINT64_CONSTANT and G_GINT64_MODIFIER
svn path=/trunk/; revision=39339
Update 802.11s packet dissecting to the ratified standard (v12.0)
[PATCH 8/9] add support for Root Announcement (RANN) IEs
svn path=/trunk/; revision=38281
Vuze, called Azureus before, is a great BT client and has a lot of users,
while its DHT implementation is different from the official one.
From me: New-style dissectors are supposed to to always return
"bytes dissected" (not just when tree != NULL);
svn path=/trunk/; revision=37755
Attached is a dissector for CN/IP protocol described in EIA-852. It is mainly
used to encapsulate and send Lontalk (EIA-709.1) or EIA-600 frames over UDP (or
TCP).
This dissector can only decode the common header and data frames can be decoded
by further dissectors.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5907
svn path=/trunk/; revision=37596