NISO Z39.50 is a protocol used by libraries and library vendors for information retrieval and catalog manipulation. It is defined using ASN.1 using BER encoding. It has an assigned TCP port of 210. This is an initial implementation.
Features:
- The Z39.50 standard OIDs are defined.
- The bib-1 attribute set is decoded.
- The bib-1 diagnostics are decoded.
- Some OCTET STRINGs which are nearly always printable ASCII are special-cased.
- The MARC (MAchine Readable Cataloging) format is decoded. Only the MARC21 variant is
currently handled, but this is one of the most common variants. The most common tags
are decoded. The MARC dissector is included in the Z39.50 dissector, but the code is
structured in such away that it could be pulled out.
Todo:
- Add information to the Wiki about Z39.50.
As part of this work, the definition of isdigit_string() was fixed to avoid const complaints.
Change-Id: I29a7db53375ef8be83738a1ab98707761d878717
Reviewed-on: https://code.wireshark.org/review/31209
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Extcap utilities can be Python scripts. Show the files as URLs and
allow double click to open.
Change-Id: I214caa2683896b89fbe6243562eee9b12d4ae217
Reviewed-on: https://code.wireshark.org/review/31221
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The stat tree API only supports 32-bit integers and if nanosecond resolution
is used correctly it's easy to hit integer overflow issues on even a fairly
small capture file trying to sum up response times.
Bug: 15382
Change-Id: I15d2cfbdbec7b0bef2bcfe1afe4f6eb6fc1d2456
Reviewed-on: https://code.wireshark.org/review/31217
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Ie5ab56f1ee80d14032969cbe7f31e086fb2b4b91
Reviewed-on: https://code.wireshark.org/review/31159
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Don't try to (re)set parameters in a struct when its pointer
points to NULL.
Bug: 15374
Change-Id: I953e82795990fde5fce2ad6d955781b372a9e405
Signed-off-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-on: https://code.wireshark.org/review/31189
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
Make the time stamp precision a 4-bit bitfield, so, when combined with
the other bitfields, we have 32 bits. That means we put the flags at
the same structure level as the time stamp precision, so they can be
combined; that gets rid of an extra "flags." for references to the flags.
Put the two pointers next to each other, and after a multiple of 8 bytes
worth of other fields, so that there's no padding before or between them.
It's still not down to 64 bytes, which is the next lower power of 2, so
there's more work to do.
Change-Id: I6f3e9d9f6f48137bbee8f100c152d2c42adb8fbe
Reviewed-on: https://code.wireshark.org/review/31213
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The F5 trailer dissector is called before the taps are called, so there
is no reason why the taps should attach information to the frame if
there isn't any information attached - if there's an F5 trailer, there
will be information attached to the frame, so there's no need to attach
one, and if there's no F5 trailer, there's no analysis to be done, so
there's no need to attach one.
That way, we don't waste memory that we aren't going to use (about 100MB
for a large capture I have that has almost 3 million packets).
Change-Id: I471b6c9b0fc6eb36f3aff35d6fba2f73c3a0eb90
Ping-Bug: 15385
Reviewed-on: https://code.wireshark.org/review/31210
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I5b5a627f9d75c2b9aa1ceb3a43c7991833dce751
Reviewed-on: https://code.wireshark.org/review/31195
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I96f937ac7f0b085cd1db80b67f490193b02f9aca
Reviewed-on: https://code.wireshark.org/review/31203
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This suite uses different output formats to check against fixed
samples.
Change-Id: I8adccfefea35a6d3cfacf3da61e8a72d830ed3a0
Reviewed-on: https://code.wireshark.org/review/31056
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Dario Lombardo <lomato@gmail.com>
This patch extends the test suite with:
* a way for tests to check if a given byte sequence dissects into an expected dissection result.
Unit tests included:
* ASTERIX I019
* ASTERIX I063
* ASTERIX I065
Change-Id: Ib168382ec15b0b610ff5913806120ba1bf1d1503
Reviewed-on: https://code.wireshark.org/review/31083
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Instead of using the current date (that can differ from packets)
take if from the current frame. That will put the frame in an index
related to its capture date instead of its loading date.
Small indentation fixes.
Change-Id: If9f9dad1399c2b1bf145e8bcc45a6936e4599cd7
Reviewed-on: https://code.wireshark.org/review/31204
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
This squelches -Wmissing-prototypes warnings.
Change-Id: I49feace8796c9786e09183e8dcf82d08e06996a2
Reviewed-on: https://code.wireshark.org/review/31193
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's not used outside this file.
Change-Id: I1eead997dbd4d3b58498192a0aec73094a49a067
Reviewed-on: https://code.wireshark.org/review/31202
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Nothing else uses it.
Change-Id: I1de8ced2ceeaf02f2c9eeeef9b6680d5ad7f4794
Reviewed-on: https://code.wireshark.org/review/31201
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
It's not used outside this file, and isn't declared in any header file.
Change-Id: I5b2e7600188bd25333fb85eed21ac41737794988
Reviewed-on: https://code.wireshark.org/review/31200
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preferences file includes an optional comma-separated string of
hidden interface type integer values (gui.interfaces_hidden_types).
Augment the interface_type enum and the preferences file to better
document what these interface type integer values stand for.
Change-Id: Idd268ed7f252cfa56dd046d24ff7ff597018f5d3
Reviewed-on: https://code.wireshark.org/review/31191
Petri-Dish: Jim Young <jim.young.ws@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add the request URI to the response to allow filtering of
responses by request URI in a single pass.
Bug: 15344
Change-Id: I89bf675dccaed37f54a4d13956223cbdde601e7d
Reviewed-on: https://code.wireshark.org/review/31184
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Fix compilation on OSX:
../epan/dissectors/packet-geonw.c:1248:164: error: format specifies type 'unsigned long' but the argument has type 'guint64' (aka 'unsigned long long') [-Werror,-Wformat]
proto_tree_add_uint64_bits_format_value(subtree, hf, tvb, (start << 3) + (*offset) - start, (((*offset) - start) << 3) - ((*offset) - start),tmp_val,"%lu",tmp_val);
~~~ ^~~~~~~
%llu
While here, minor indentation issues have been fixed.
Change-Id: I5fc37d337fc302a16210c784e75cf39085ef622e
Reviewed-on: https://code.wireshark.org/review/31186
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
It has been added to the debian-setup script, then it is
pointless to force it.
Change-Id: I5c9f047c7e5826ff06f483d5a2f0c2e808c17853
Reviewed-on: https://code.wireshark.org/review/31180
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
The use of this function has beed discontinued in
v2.9.1rc0-109-gee439bb82d.
Change-Id: I0106b0812ebabbe7fc754be6dc0e636c8088c835
Reviewed-on: https://code.wireshark.org/review/31181
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Dissects secured messages from GeoNetworking protocol as per
ETSI_TS_103_097 (v1 or 2). Msg_id or application id is used to determine
subdissector: "geonw.sec.v1.msg_type" and "geonw.sec.v2.app_id".
Unsecured and signed payloads are subdissected, encrypted payload is kept
as data.
Version 3 secured message dissection calls ieee1609dot2 dissector. No
subdissector is provided in this case.
Use Application ID as defined in ETSI_TS_103_965.
Change-Id: Iff90a0e433d7774790cda50a557631d65c6de2ce
Reviewed-on: https://code.wireshark.org/review/31164
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (35,8%) but work in progress...
Change-Id: I3d0d861037abe5e5f2611f95ac27ad42c8d20c47
Reviewed-on: https://code.wireshark.org/review/31158
Reviewed-by: Anders Broman <a.broman58@gmail.com>
No yet available at 100% (57,05%) but work in progress...
Change-Id: I3fa95c49003aa6fd5183d24fe76b721520a44ba0
Reviewed-on: https://code.wireshark.org/review/31157
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Editor change (No packet change)
Also update link to spec
Change-Id: I7b64edc1db85d6092858eab98098692ae5c69eb4
Reviewed-on: https://code.wireshark.org/review/31169
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Craig Jackson