It's Windows-specific, so name it appropriately.
Change-Id: Ic518cbfabebf95757f6b308a4d547a6cabed6a5e
Reviewed-on: https://code.wireshark.org/review/2528
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This doesn't preclude use on < XP but does potentially allow
use of API's that don't exist on Win2K, and doing so would then
stop the exe from running on 2K.
Change-Id: I08b58bd510b832ddabbb717dd73eb7a89264048e
Reviewed-on: https://code.wireshark.org/review/2504
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This mean we also have to move CFString_to_C_string() there for OS X.
Change-Id: Ic91ad872e9d5290cf34f842503ededd5452e4337
Reviewed-on: https://code.wireshark.org/review/2511
Reviewed-by: Guy Harris <guy@alum.mit.edu>
In some cases "-v" was already used so "-V" is the option.
Note that the version information in these utilities is much shorter than what
is presented by the big programs.
As requested by https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5804
Bug: 5804
Change-Id: I35db35a4eace2797afd895f9be7322ef39928480
Reviewed-on: https://code.wireshark.org/review/2489
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The files that use LONGOPT_CAPTURE_COMMON and OPTSTRING_CAPTURE_COMMON
include capture_opts.h unconditionally, so there's no need to define
them if we don't have pcap. In addition, we want the capture options
"available" even if we don't have pcap, so we can tell the user "you're
using a version of *shark without pcap, but you gave a capture option".
Change-Id: I0bd3893b73d3d903610d0bc6cacb60bfb37096f4
Reviewed-on: https://code.wireshark.org/review/2503
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(The name for -p matches what's in the tcpdump trunk.)
Change-Id: If4f1824518aee1f0213f140d884db9c676dd15c4
Reviewed-on: https://code.wireshark.org/review/2497
Reviewed-by: Guy Harris <guy@alum.mit.edu>
While we're at it, simplify the #ifdefs and #defines in capture_opts.h -
don't do the same tests twice.
Change-Id: I2079167f31789470ef77120054d769d5914745e3
Reviewed-on: https://code.wireshark.org/review/2496
Reviewed-by: Guy Harris <guy@alum.mit.edu>
No capturing, no capture options.
Change-Id: I0023184b9c358d5876f19a098590f34d641c8649
Reviewed-on: https://code.wireshark.org/review/2493
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The names match tcpdump trunk's names for the corresponding options.
Also have capture_opts.h provide a #define for the part of the short
option string that corresponds to the capture short options that all our
programs that take capture short options take (those are largely the
ones we have in common with tcpdump).
Change-Id: Ia209425959c801725850b56a7d63441ee99b5001
Reviewed-on: https://code.wireshark.org/review/2492
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Also, make the convention for long-only options be that their
case-statement values start at 128, so they avoid colliding with any
ASCII code points, including control characters.
Make the tables of long options "static const" while we're at it, and
get rid of unnecessary casts.
Change-Id: I55702a85e9bc078b1cd0f2803ebb68a710405bab
Reviewed-on: https://code.wireshark.org/review/2491
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This fix does change the format printed for values using bitmasks
(because the bit values are printed first) and is not always wanted
in this dissectors (because of readability).
We should have a better way of doing what I want in this dissectors,
so I'll have a look at this later.
Change-Id: I2477aa6b1d0c42a7ad5848bba3cb74dce3bba1f0
Reviewed-on: https://code.wireshark.org/review/2485
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I6653b733dfd2c587909371e50fd0c2efc4649dcd
Reviewed-on: https://code.wireshark.org/review/2482
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I5762fb30f57d0f9bc3e5fc786577ed1cc49b64d7
Reviewed-on: https://code.wireshark.org/review/2481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
This is intended as a replacement for all of the proto_tree_add_text followed by proto_item_add_subtree calls.
Change-Id: I892136d7b9d8b4e100996097eff62ce7af9512d2
Reviewed-on: https://code.wireshark.org/review/2472
Reviewed-by: Michael Mann <mmann78@netscape.net>
Hidden fields are deprecated, and we were hiding them inconsistently anyways.
Bug:10211
Change-Id: Iaf1576ae7bc04c0c0bd896c096b117f1b8af2e9e
Reviewed-on: https://code.wireshark.org/review/2474
Reviewed-by: Evan Huus <eapache@gmail.com>
Also ensured some files have their correct names at the top so they are more easily grepped
Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
1. Correctly identify ASN.1 dissectors (so checkfiltername.pl can be more lenient on them)
2. "Whitelist" known (good) filters
Change-Id: Iea662190b6655a1919bf08bc35e7978eb2693509
Reviewed-on: https://code.wireshark.org/review/2453
Reviewed-by: Michael Mann <mmann78@netscape.net>
Essentially:
When more data is needed to continue dissecting a PDU, use
DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
additional bytes (for one or a few more fields).
- Improves the efficiency of the dissection;
- Prevents 'one-pass' tshark dissection from redissecting
the PDU repeatedly many, many times with each time dissecting
the PDU with one or a few more additional fields.
This generated *lots* of (repeated) output since a reassembled
VNC PDU can contain many fields (each of short length).
- (A comment in packet-tcp.c states, in effect, that repeatedly
requesting a specific amount of more bytes to dissect a PDU
will "break reassembly" although I note that the reassembly did
seem to work (in-efficiently)).
Note: Although this patch improves the handling of reassembly, the
dissector has significant issues. For example. see Bug #5366.
I expect this fixes the Bug #10134 issue: "Cannot allocate memory";
Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.
Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>