This is an attempt to standardize display/handling of checksum fields for all dissectors.
The main target is for dissectors that do validation, but dissectors that just report the
checksum were also included just to make them easier to find in the future.
Bug: 10620
Bug: 12058
Ping-Bug: 8859
Change-Id: Ia8abd86e42eaf8ed50de6b173409e914b17993bf
Reviewed-on: https://code.wireshark.org/review/16380
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also some other tricks to remove unnecessary tvb_get_string_enc calls.
Change-Id: I2f40d9175b6c0bb0b1364b4089bfaa287edf0914
Reviewed-on: https://code.wireshark.org/review/16158
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Before there was a wrong dissection of parameters that wasn't
predictable because of the wrong offset. This could lead to anything.
Now, it shows an expert warning indicating that the RTPS packet
doesn't contain all the bytes specified by the parameter but it shows
properly the parameterId and the length. In order to parse properly
the whole PID_EXTENDED parameter we'd need to handle fragments. That
is not the purpose of this commit.
Change-Id: I0f3f0f1d309d43a530047f510169fb07983a9fb6
Reviewed-on: https://code.wireshark.org/review/15698
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The name specified "no header". This is false. It contains the header.
Change-Id: I921b7c23d64f43551830e840066231031432dc7c
Reviewed-on: https://code.wireshark.org/review/15646
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added partial support for Secure DDS as well as TopicQuery and
IP Mobility (RTI features).
Fixed also a few bugs: wrong octet sequence offset, fixing "switch"
statement that was falling through and shouldn't, fixing endpoint
filters and correct dissection of inline_qos.
Change-Id: I9d1c048eaaf3914420bdd6be37fb2040a6a47874
Reviewed-on: https://code.wireshark.org/review/15496
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I28e2098c72faedcb112db605e004010f0dcd1215
Reviewed-on: https://code.wireshark.org/review/15614
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Juan Jose Martin Carrascosa <juanjo@rti.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Bug:12415
Change-Id: I457bda34b089f95525192ed4cdce0d4fe8883fd7
Reviewed-on: https://code.wireshark.org/review/15305
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Before, the dissector didn't have any code path to dissect the PT
discovery parameters. The code path necessary as well as the
parameter definitions have been added.
Change-Id: I17665a56d033ffbfd16d47fe2e7374111aff9530
Reviewed-on: https://code.wireshark.org/review/14804
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
A lot of people fail when interpreting ACKNACKs. I added a new field
that interprets the numeric values and shows a brief sentence with
the analysis.
Bug: 12312
Change-Id: I89a33f04c52ebd5ca486d2e23bddb7a6646945e7
Reviewed-on: https://code.wireshark.org/review/14724
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added the submessage and prepared the code paths so it is easy to add
more vendor-specific submessages (from any vendor)
Change-Id: I47aa35d64839cd04eb35f7f8fdd94ef1324570fb
Reviewed-on: https://code.wireshark.org/review/14864
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Change-Id: I81a83638c2318ba0d806263dbf692cd19b30ce9b
Reviewed-on: https://code.wireshark.org/review/14707
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I852aa09bff6a37ef03b5f55bdf8933ed181da2d0
Reviewed-on: https://code.wireshark.org/review/14705
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
As well as in the rest of network protocols, in RTPS we have senders
and receivers of data. The atomic unit is not the host address (IP)
or the host address and port (UDP) but the guidPrefix. The guidPrefix
represents a single DomainParticipant, that very likely will be an
application. I have added filters to be able to differentiate from
source of information and destination of information. Before, the
only filter available was rtps.guidPrefix
Change-Id: I810d8b043796119c6e381bdbcb6061e0525ea272
Reviewed-on: https://code.wireshark.org/review/14466
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Before, the parameter ids were handled incorrectly. A vendor specific
parameter definition was used for all the vendors. This is wrong for
ids starting at 0x8000. This commits aims to fix that problem and
make easier the addition of new parameters or vendors.
Change-Id: I0d40aa8cbfa44d5bb2928075001fe39e6f14abc2
Reviewed-on: https://code.wireshark.org/review/14007
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The standard says that UDPv6 is the index 2. However, the dissector
contained the old implementation of RTI DDS (which had SHMEM = 2
and UDPv6 = 5). I have updated the dissector to be compliant with
the standard and indirectly be compliant with the new version of
RTI DDS which now implements the standard in this aspect.
Change-Id: Iaade0e457fda35362c04a7658d62242cf8868127
Reviewed-on: https://code.wireshark.org/review/13922
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adding this information is useful for custom dissectors so they can
add it to the display. When a lot of samples are sent in RTPS in
the same batch, it is very helpful to have the index in the display.
Change-Id: I0f158eeb9d5e9b4fcf67ef6e72dcfa655b9cc427
Reviewed-on: https://code.wireshark.org/review/13875
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
In RTPS, regular samples are serialized with the format
<encapsulation, serialized data> and thus, the dissection of the
encapsulation was suggested to be done in the custom dissector.
However, batches are serializing the encapsulation only once as
<encapsulation, sample 1, sample 2>. This makes us need to dissect
the encapsulation in the RTPS dissector and providing as (void*) data
to the custom dissector. This way we support the regular samples
dissection as well as the batches dissection.
I have defined rtps_dissector_data in packet-rtps.h and I suggest
we include that header file when we want to write a custom dissector.
Bug: 12029
Change-Id: I74ed4c31484f9a99ad6c44c6c34cc52be2adb7c8
Reviewed-on: https://code.wireshark.org/review/13413
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With this dissector, anyone can write a plugin to dissect their
data type and RTPS will call it if the dissector is registered using
the Type Name (what is the common thing to do).
Also, added a fix in dissect_APP_ACK so now the APP_ACK messages
are properly dissected. It had a couple of wrong offsets and was
calling dissect_serialized_data instead of directly adding the
serialized data (dissecting an encapsulation that is not there).
Bug: 11917
Change-Id: Ie1c6880d60e3537a1cbae4840cc6ff6e1a62ca0e
Reviewed-on: https://code.wireshark.org/review/12824
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
The DATA_BATCH dissection contained wrong proto_tree arguments in
a few calls. Also, changed the size of a tree from -1 to the actual
size.
Change-Id: I5f34869a6d231a0bd74c815499b627fe329b6eb0
Reviewed-on: https://code.wireshark.org/review/13059
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This dissector was mostly code-reviewed in a previous change:
https://code.wireshark.org/review/#/c/11305
But it had an issue with a pointer using a sequence number (8 Bytes).
This change is meant to correct that, as well as a small formatting
error I found in the text shown.
Change-Id: Ib7e27eb2734c46e970b99161bd04438b5675bde4
Reviewed-on: https://code.wireshark.org/review/12660
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I5ea72998de9bbc3db02a33b53c0bb5a89e597b6d
Reviewed-on: https://code.wireshark.org/review/12427
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This patch is to improve the usability of the filtering wrt the
guidPrefix.
Change-Id: I45367c642a405a6a57811743ef2a0f85d96792ce
Reviewed-on: https://code.wireshark.org/review/12700
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This dissector shows the information related to the RTI TCP Control
messages used to manage the TCP connections, but also dissects the
RTPS data that is sent on top of RTI TCP. This only happens with
RTI's DDS implementation.
Bug: 11640
Change-Id: I89fcb620256aeed7cae5829b70d92c6868d94929
Reviewed-on: https://code.wireshark.org/review/11305
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
1) Fixed the guidPrefix deserialization (before it was showing
counter and it should be instanceId).
2) The PID_PARTICIPANT_GUID was a total mess. Now it looks perfect.
3) Fixed some bounds in the proto_tree creations so instead of
selecting the rest of the tvb, now they select what they have to.
Did all of this keeping the dissection for version 1 untouched.
Change-Id: I93df2a29e292655ceb3f8c1395f31d8e38106dee
Reviewed-on: https://code.wireshark.org/review/12406
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
of the RTPS special announcements that RTI sends. They just start
by RTPX and are sent to the domain 0 always.
Bug: 11765
Change-Id: I00b47f1aa1702bb35aeb8c4686c7012fecc94baa
Reviewed-on: https://code.wireshark.org/review/12105
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Name and the Type Name of the sample by consulting a hash table
that relates GUIDs and this information.
This information is very useful to any analysis performed to RTPS
data. It can be disabled using a checkbox so it doesn't impact
performance when capturing (default = disabled).
Bug: 11729
Change-Id: Ic9fa3a777dfed3cb46166b8e7c9783a12c161e7d
Reviewed-on: https://code.wireshark.org/review/11602
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
RTPS uses NTP encoding with a BASETIME equal to 0.
Also, changed "magic" by "Magic"
Change-Id: I2512176f2018396edaa6b2a1478facd26118cb13
Reviewed-on: https://code.wireshark.org/review/11184
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: Idbe7ee2750233eea3cb7c2bbef2bbb2c629a0183
Reviewed-on: https://code.wireshark.org/review/11160
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Change-Id: I353b4fcb3091e731a4b2a68e1932a5abc60c6038
Reviewed-on: https://code.wireshark.org/review/10323
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Shift 1U instead, to make sure it's unsigned; the result of, for
example, the result of shifting a signed value left is undefined if the
value times 2^{shift count} doesn't fit in the *signed* type of the
shifted value. That means, in particular, that the result of shifting 1
left by {number of bits in an int - 1} is undefined. (In *practice*,
it'll probably be -2^32, with the bit you want set, but that's not
guaranteed, and GCC 5.1 seems not to like it.)
Change-Id: I0d27565c382a04ceda9eec65f45a430ceb74cf53
Reviewed-on: https://code.wireshark.org/review/8255
Reviewed-by: Guy Harris <guy@alum.mit.edu>
col_...() and expert_...() should not be called under 'if(tree)'
Change-Id: I2f1a8345ff18c0174bcd81b37179aa2d5ee74aca
Reviewed-on: https://code.wireshark.org/review/6825
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Apparently some compilers do sufficient inlining optimization to notice that
there's at least one caller of rtps_util_add_typecode which passes an
indent_level of 0. Such compilers are *also* picky enough to complain about
memset being called with a length of 0, leading to a warning which we turn into
a compile error.
I thought about putting in an "if indent_level > 0" but I figure memsetting the
entire buffer (length >= 1) is simpler and more efficient in the common case.
Change-Id: Ica21ba988eb0c1251e7b4ef2e110336d5ee32837
Reviewed-on: https://code.wireshark.org/review/6766
Reviewed-by: Evan Huus <eapache@gmail.com>
Fifth batch (packet-rtp.c -> end).
Will look at cleaning up and committing script afterwards.
Change-Id: I8ed61dc941d98d3f7259a9d1f74e214eb7b4bfa2
Reviewed-on: https://code.wireshark.org/review/6052
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Michael Mann