* Fix the WSP dissector so a Quoted-string with extraneous
trailing quote is displayed without duplicated final quote, and
issue a warning in the protocol tree.
* Remove the Openwave x-up-proxy-client-id header decoding as it
was incorrectly decoded as a text string, and process it with
the default Openwave header parser.
* Fix byte highlighting of some WSP parameters.
* Rename the WSP parameter filter names so they don't all refer to
content_type.
svn path=/trunk/; revision=9062
* Add a "match_string" field to the "packet_info" structure,
saving the string value that matched in a string dissector
lookup, by analogy to "match_port" - this was required for
dissection with token rendering of WBXML content when no public
ID was given (e.g. Nokia/Ericsson OTA provisioning data).
* Add support for textual content type based WBXML token
mapping.
* Add extra WBXML public identifiers.
* Add the Nokia/Ericsson OTA provisioning (version 7) token
definitions.
* Inform the user when a content-type based token match is found.
svn path=/trunk/; revision=9061
In the GPROF logs proto_registrar_get_nth() used to take anything between 2.5 and 5.5% of the time.
Replace the GLIB array with a handroleld one for one of the private structures.
the function should now be virtually zero cost
and thus ethereal should be 2.5-5.5% faster on those traces.
anyone that wants to, please rerun GPROF with this fix and see what has changed.
svn path=/trunk/; revision=9058
over the wire, at least in the DCE RPC 1.1 code.
That suggests that the first 24 bytes of a Map request are the UUID
pointer that the EPM IDL says should be there, not a context handle.
svn path=/trunk/; revision=9057
"AIX", and that code was never compiled. Libpcap uses "_AIX" to
conditionally compile in the extra AIX BPF support; we'll do the same.
svn path=/trunk/; revision=9056
reported this as a problem when compiling on AIX? Doesn't any compiler
complain that "strncmp()" isn't being passed enough arguments? GCC sure
did in a test program I built on FreeBSD 3.4....)
svn path=/trunk/; revision=9055
"context_handle_attributes" in the DCE RPC 1.1 "nbase.idl". Rename our
structure member accordingly.
Note in a comment that we should perhaps display a context_handle as the
attributes and UUID.
Use "proto_tree_add_item()", not "proto_tree_add_bytes()", to put the
context handle raw data into the protocol tree.
svn path=/trunk/; revision=9052
- added a pointer to raw rtp data to _rtp_info that can be used by
taps;
- RTP packets are passed to the tap queue only if they are not
error packets (so that you don't need to filter out ICMP
packets)
- use that pointer in rtp_stream, so it handles packets with
padding, and should handle RTP packets fragmented across
lower-level packets
- moved rtp_stream from tap sources to normal files
(prevents on-start-up registration of the rtp_stream tap
listener)
- rtp_stream tap gets registered/unregistered with the "RTP
Streams" dialog box
i.e. the tap is registered as long as the dialog box is open.
Alternatively, it is de-/registered on demand if RTP Analysis is
called directly on a packet.
- rtp_stream tap listener no longer uses a filter in dissection
` and does not need to have a proto tree being built.
(performance increase)
- fixed: RTP Streams list will get updated in real time if the
dialog box is open while a redissection takes place.
svn path=/trunk/; revision=9051
Use #if 0/#endif rather than comments to remove the code that used to
refer to those routines - it's a bit more robust in the presence of
comments (there aren't currently any, but, just in case somebody adds
them...).
svn path=/trunk/; revision=9050
* Fix an incorrectly #ifdef'ed return introduced by the previous
patch
* Remove the parsed_length parameter from the function signature
of the tag and attribute dissectors - have it return the
parsed length, instead
* Throw ReportedBoundsError exceptions if we run past the end of
the tvbuff, rather than putting a special entry in
* Produce consistent and extensive debug logging (enabled by
defining DEBUG_wbxml)
* Get rid of the dozens of "#ifdef DEBUG ... #endif" constructs
for debug logging
svn path=/trunk/; revision=9047
does not understand. SHARE_INFO_1004, 1005, 1006, 1007, and 1501 seem not
to be understood by any, and it can screw up dissections.
svn path=/trunk/; revision=9044
memory if it throws an exception, as it checks whether the entire string
is in the tvbuff *before* allocating a buffer for it, and that also
means that if the length is absurdly large, an exception will be thrown,
rather than the memory allocation failing.
svn path=/trunk/; revision=9043
correct (and document) the offset computation in the parameter()
and parameter_value_q() functions.
From Lo�c Minier:
- a copy-paste with a missing replacement;
- content-disposition uses parameters not q-values;
- missing "+" for the calculation of parameter-offsets;
- white-space cleanup;
- comment fixes.
svn path=/trunk/; revision=9038
I.e. SEQ : seq==0 ack==0
SEQ|ACK seq==0 ack==1
ACK seq==1 ack==1
This looks much more correct.
This change also fixes the problem reported to ethereal-dev
recently with "Follow TCP Stream" dropping the first character of the stream.
svn path=/trunk/; revision=9034
"dissect_smb_logon()" always return TRUE, so just get rid of their
return value.
"call_dissector()" automatically calls the data dissector if the
protocol for the dissector being called is disabled, so we don't have to
check its result and call the data dissector if it returns 0.
svn path=/trunk/; revision=9027
Implement quoted-string parsing by appending the closing quote
to the string value. If the quoted-string value does not start
with a quote, dissection resumes but a warning is displayed.
Textual headers are assumed to be 0x00 terminated (otherwise we
have a malformed packet or a short frame).
The Trailer header is also dissected now, and the charset
parameter dissection has been rewritten.
The Content-ID header dissector was registered at the place of
the Trailer dissector; this has also been fixed.
svn path=/trunk/; revision=9024