It's not needed.
Instead, have get_transaction() return the request_val; the caller can
fetch the command from its "value" member.
While wee're at it, update some of the web reference information for
DSI.
Add lricon.svg and lriconinst.svg, which provide the core graphic
element for the various Logray icons. Add lricon*.png, which were
created using the templates at
https://developer.apple.com/design/resources/. Add Logray.icns,
logray.ico, and lograyinst.ico, and use them in various packaging
resources.
The specification never hit RFC status, it wasn't implemented or
deployed and the ECN nonce stuff was moved to HISTORIC recently..
So remove support from the dissector, freeing parameter type
0x8001, which was also never assigned by IANA.
The "seq" field in several structures is either a transaction ID from
ATP for AppleTalk or a request ID from DSI for AFP-over-TCP. Call it
tid.
The "aspinfo" structure is really information from ATP *and* ASP for
AppleTalk or from DSI for AFP-over-TCP. Call it atp_asp_dsi_info.
Among other things, this prevents confusing "aspinfo.seq" from the ASP
sequence number, which it is *NOT*.
Add the "length < caplen" expert info regardless of whether the "frame"
protocol is referenced by a packet-matching expression, just as we do
with the "fractional time component of the absolute frame time is >=
1000000000" expert info.
Fixes#18312.
Fix tvb_find_guint16 when there is a partial match (first byte
matches but second byte does not) in the buffer before an
actual match.
The function claims that it takes negative offsets and a negative
maxlength value (for "to the end of the buffer.") Convert those to
absolute offsets and limits at the start of the function rather than
repeatedly having special checks for negatives.
Fix the "number of bytes searched so far" calculation, which was only
correct for negative offsets (but only used when there was a partial
match.)
Add Percent-encoding to the list of encoding types that Show
Packet Bytes can handle.
There's a function added to glib 2.66 to handle this for arbitrary
bytes that might have internal nulls (and which allows the result
to be non UTF-8), but we don't require that version yet, so extend
the existing function.
Related to #1084
When using the TCP analysis results to ignore retransmissions
when out-of-order desegmentation is *not* enabled, if on the first
pass there is an unfinished MSP or the sequence number is newer than
any segment we've processed, then the segment is needed for reassembly.
In that case ignore any TCP Analysis claim that a segment is a
Retransmission and process it anyway. Fixes the capture in #13388
and some of the examples in #15993 with out-of-order desegmentation
off.
Some subdissectors, such as those that are state-based, will always
require an in order stream to process correctly and it is difficult
to make those work with out-of-order desegmentation disabled.
The tcpinfo struct is declared on the stack in dissect_tcp. If we need
to use a member of it (seq) as a key in a map that is declared at file
scope, just use the integer directly with GUINT_TO_POINTER.
Fix#17854 (at least one instance of it; the issue can crop up in a number
of subtle ways.)
- corrected wrong assigned error codes.
- corrected printing of present-value bitstring object.
- added BACnetPropertyStates decoding for unsigned and signed states.
- added new vendor id's.
When reassemble_ooo is set, we can do a better job determining
if a segment is retransmitted or not from the reassembler perspective,
which is different than what TCP sequence analysis determines, which
is retransmission from the sender's perspective.
This also allows us to have a good way of dealing with retransmission
but with additional data.
This only works when reassembling out of order is set. Without it,
we fall back to the old method of detecting retransmissions, which
has a harder time with the edge cases.
Fix#17406, fix#15993, fix#13388, fix#13523.
Give details about the conversation elements key and the pair of
address/port endpoints key, including a bunch of XXX comments about how
this should perhaps be cleaned up.
It's not a general key for looking up arbitrary conversations - that's
what an array of conversation elements is for - it's just a pair of
address/port endpoints. (It's not even hijacked for conversations
identified by a circuit ID any more.)
RFCs 5101/7011 make it clear that sequence numbers are uniquely
associated for each Observation Domain withing a Transport Session.
That means that the sequence number tracking should be conversation
data. (This is not quite right on SCTP, because "Each SCTP Stream
counts sequence numbers separately, while all messages in a TCP
connection or UDP session are considered to be part of the same
stream," but find_conversation_pinfo for SCTP gets a conversation
based on the association, and getting the stream id is not transparent.
It is closer to correct.)
This prevents warning about bad sequence numbers when there are
multiple Transport Sessions within a capture for the same
Observation Domain ID (most likely for the default value 0.)
Go ahead and make the other map with the stored sequence analysis
results that is keyed by frame number into proto data as well.
This patch allows to parse messages for the upcoming 2019 Amd1 version
that uses header version 4. Since the standard is not final yet, more
changes to fully support it are (probably) required.
In addition, this patch does not stop parsing, if the version is
unknown. Since the last releases were basically compatible, assuming
that the header can be parsed is the better choice.
While it is the correct action for a TCP end-point to stop
processing of the options when an EOL is found, a protocol
analyzer should at least ensure that there is no non-zero
data after it.
Use the variables WIRESHARK_QT{5,6}_PREFIX_PATH.
This allows having Qt5 and Qt6 paths configured isimultaneously and switch easily between them.
Use list(APPEND) to avoid clobbering other CMAKE_PREFIX_PATH paths.
Follow-up to b33210750c.
Dr. Lars Völker