This does not work for old-style dissectors as they always return
the number of bytes in incoming buffer and not the number of bytes
dissected. This is noted in the documentation.
Change-Id: I5b236a73952cac3efc830e40276283bed9af1f87
Reviewed-on: https://code.wireshark.org/review/2237
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
- Display 'Array of <fieldname>' instead of 'Array of Simple Type'
- Display array indexes for simple types
- Display data type in simple type arrays
Change-Id: Id2cc746898f97ce329c6afb9cc49f1907a9f18e4
Reviewed-on: https://code.wireshark.org/review/2161
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Using dissect_nt_64bit_time it is not possible to access the created proto_item afterwards, hence the new function.
Change-Id: I39aca92536a53841045c30b601b6ec1a7d8bfb4e
Reviewed-on: https://code.wireshark.org/review/2160
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Select an appropriate gcrypt cipher based on ISAKMP encryption ID and
key length attribute. Fixes bug 10128.
Bug:10128
Change-Id: Ie74fc51eb9bfe6d68340056d3ef2ef28c7677fb8
Signed-off-by: Alex Badea <abadea@ixiacom.com>
Reviewed-on: https://code.wireshark.org/review/2296
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
There is a check that disables decryption for non-PSK authentication. It
has been around ever since its introduction in commit acfe071e (svn
r17229). As suggested in bug 7951, remove this check to allow decryption
for e.g. certificates authentication.
Bug: 7951
Change-Id: I5e98407d0f8dbabac2cdaf632cf0af403192872b
Signed-off-by: Alex Badea <abadea@ixiacom.com>
Reviewed-on: https://code.wireshark.org/review/2297
Reviewed-by: Anders Broman <a.broman58@gmail.com>
of finding the package don't allow the first method to fail terminally.
Todo: Fix this in all other places as well.
Change-Id: I5a343fac33f6a5d6e50ff353d739459b2e36711a
Reviewed-on: https://code.wireshark.org/review/2300
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Also make repetition_coding_indications[] standard terminated.
Change-Id: Ice20e1f27f5ab4d111f893608a230b83899efc9f
Reviewed-on: https://code.wireshark.org/review/2288
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
As far as I can tell these calls were just missed in the first initial pass,
they're not in a weird scope.
Close review from somebody else please to verify that!
Change-Id: Ic3188879124dcb8fdf42e79d200d4f244200aa7b
Reviewed-on: https://code.wireshark.org/review/2266
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move visibility to its own method and call it when we show ourselves and
when we thaw.
Change-Id: I936cd33e5ccabddb32061ea347a465ac12f1be87
Reviewed-on: https://code.wireshark.org/review/2289
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Fix a duplicate @HAVE_LUA@ while we're at it.
Change-Id: I21acf388498a996701adea401551a65c9ba4f5f0
Reviewed-on: https://code.wireshark.org/review/2285
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Bereft of life, it rests in peace.
Change-Id: I8b9bc8c6cef0635d5526aa6b389aa33bc41fbc66
Reviewed-on: https://code.wireshark.org/review/2284
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Applying part of Bug 7825
Change-Id: I460b5c61b04d793ccc27c25debbd5e8f08bc6974
Reviewed-on: https://code.wireshark.org/review/2280
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Found thanks to warning:
** (process:20239): WARNING **: Extended value string 'attributes' forced to fall back to linear search:
entry 53, value 32858 [0x805a] < previous entry, value 32861 [0x805d]
Change-Id: I12396380b42bbcb90dd139775c4b8d0bfdc79972
Reviewed-on: https://code.wireshark.org/review/2273
Reviewed-by: Evan Huus <eapache@gmail.com>
This appears to be a TLV architecture, not sure if the T and L should be broken up and filtered separately. Right now, just filtering on value.
Change-Id: Ic5853d2216b6b5f845587e4b789435bed5fe60ff
Reviewed-on: https://code.wireshark.org/review/2252
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix detection of Homebrew on APPLE
Change-Id: I96506bb57d4772c5c90b1117c37e8350cda376ee
Reviewed-on: https://code.wireshark.org/review/2257
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
When a dict structure is passed by GlusterFS, the values are not encoded
normally. We now assume that the GFID in the dict is in network-order,
but this will be incorrect for Big Endian systems. The majority of
Gluster deployments are on Little Endian, and the GFID is displayed
correctly for this case. I am sorry for the few users on Big Endian
Gluster environments, they will see some GFIDs in Wireshark that don't
exist on the Gluster volume.
With this change, it is also made possible to filter on the GFID that is
contained inside of the dict.
Change-Id: I62a265eca34df23a507403397012cf652d43ca54
Reported-by: Vikhyat Umrao <vumrao@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: https://code.wireshark.org/review/1856
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
- make ett_opcua_transport static, is only used locally
- format code grouping extern ett variables
- add subtree variables for encodingmasks of simple types
Change-Id: Ia044ca6ca0ff19e940a03d21610db67fe3679b01
Reviewed-on: https://code.wireshark.org/review/2157
Reviewed-by: Anders Broman <a.broman58@gmail.com>