Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Part 1 of many
Change-Id: I77a5789ac23388e6a5f8098dc398592f39638124
Reviewed-on: https://code.wireshark.org/review/5532
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
See, for example:
http://code.google.com/p/diod/wiki/protocol#attach,_auth_--_messages_to_establish_a_connection
and
http://code.google.com/p/diod/wiki/protocol#Overview
where the latter says
9P2000.L consists of a subset of the canonical 9P2000
operations, the 9P2000.u attach and auth messages, plus new
operations designed to map to the Linux VFS in a straightforward
way.
so tattach and tauth are the same as 9P2000.u.
Don't throw a dissector assertion of there's data at the end of the
packet; in the particular case that found this bug, yes, it was a
dissector bug, but it could also be a malformed packet, and we should
not throw dissector assertions unless we know *for certain* that the
problem is a dissector bug rather than a malformed packet.
Change-Id: I5ef5d837bccb4e7c4844d31a138aa55a85ec1b60
Reviewed-on: https://code.wireshark.org/review/3758
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Ib6024307e85d6c23decf40e9759f549c19ffe136
Reviewed-on: https://code.wireshark.org/review/3318
Petri-Dish: Michael Mann <mmann78@netscape.net>
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Fix version detection (detect against full string instead of prefix),
properly dissect Tcreate extension field (9p2000.u only), dissect
Tunlinkat flags (9p2000.L).
Refactor pattern to dissect string[s] types for DRY.
Convert to use tcp_dissect_pdus. I have not seen a fragmented case, but
maybe that may happen in the future.
The main motivation for touching 9p was that it returns bogus values
for some types. This has been fixed by properly increasing offset, and
always return the captured length.
Change-Id: If2184204ae9c853b94aca8ade3763d7fe523fa86
Reviewed-on: https://code.wireshark.org/review/2836
Reviewed-by: Christopher Maynard <Christopher.Maynard@gtech.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
Also make repetition_coding_indications[] standard terminated.
Change-Id: Ice20e1f27f5ab4d111f893608a230b83899efc9f
Reviewed-on: https://code.wireshark.org/review/2288
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
explicit, and frees up the "generic" names (like tvb_memdup) for new signatures
that take the appropriate wmem pool.
Majority of the conversion done with sed.
svn path=/trunk/; revision=52164
packet-9p.c:342:16: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint16 len; /*< Length of the string */
^~~
/**<
packet-9p.c:343:13: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
char *str; /*< The string */
^~~
/**<
packet-9p.c:364:15: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint8 type; /*< Type */
^~~
/**<
packet-9p.c:365:19: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint32 version; /*< Monotonically incrementing version number */
^~~
/**<
packet-9p.c:366:16: error: not a Doxygen trailing comment [-Werror,-Wdocumentation]
guint64 path; /*< Per-server-unique ID for a file system element */
^~~
/**<
5 errors generated
svn path=/trunk/; revision=51260
Follow-up on 9P dissector enhancement ( https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8589 )
"fid"s, 9P file descriptors, are valid from the moment it's allocated until
when it's freed. My original patch kept a fid hashtable updated everytime a
packet was dissected in full-view (with a non-null tree)
Attached is a patch that builds a tree for each 9P fid and stores the
corresponding path when it becomes valid/marks it as invalid when it no longer
is.
svn path=/trunk/; revision=51092
Theses patches add alot of new message types for the 9P protocol and its
extensions (most specifically 9P2000.L), while staying compatible with the
legacy protocol (hence the hashtable with conversation information, since
version is only known at handshake)
It is still missing alot of 9P2000.u specifics, but I don't have any server
to test it with. I'm also missing some dump to test legacy, but I'm pretty
confident I didn't break much there as it is mostly compatible, most
differences are handled using different messages, the only one that was
changed would be RERROR.
second diff also adds deeper interpretation of the protocol, by following
the conversation stream and keeping a bigger hashtable associating fid (file
handles) and file names, for easier debugging.
From me: roll the contents of the (new) packet-9p.h back into the C file.
svn path=/trunk/; revision=49363
Also (for a few files):
- create/use some extended value strings;
- remove unneeded #include files;
- remove unneeded variable initialization;
- re-order fcns slightly so prefs_reg_handoff...() at end, etc
svn path=/trunk/; revision=44438
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
proto_tree_add_item() calls.
For strings, add ENC_UTF_8. (Yes, the byte order is irrelevant for
those - but they should arguably be FT_UINT_STRING, as they're counted
strings, and the byte order *is* relevant for FT_UINT_STRING.)
svn path=/trunk/; revision=39041
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
ABSOLUTE_TIME_LOCAL or ABSOLUTE_TIME_UTC, indicating whether to display
the date/time in local time or UTC. (int)ABSOLUTE_TIME_LOCAL ==
(int)BASE_NONE, so there's no source or binary compatiblity issue,
although we might want to eliminate BASE_NONE at some point and have the
BASE_ values used with integral types start at 0, so that you can't
specify BASE_NONE for an integral field.
svn path=/trunk/; revision=31319