Modification to (proto.h) is made to add an additional expert group type of PI_REQUEST_CODE to allow Request tag information to be passed to the expert tap. This is for such reasons where a dissector would like to echo specific information about certain types of requests. For example: NCP connection request is really a request not a REPLY_CODE. Same is true for the TCP SYN request.
Changes to packet-ncp.c
1. Server broadcast message flag. Now indicates if the message is a pending message or an oplock clear notification.
2. Cleanup of packet signature detection process. Previous method had some flaws so I redesigned it. Appears to be solid now.
3. Echo NCP Server Session information to expert tap.
Note on item #3: NCP Connection+Task = NCP Session, a Single connection can have many tasks. The server sees each connection/task as a unique session. For this reason the NCP session information is now echoed to the expert composite statistics so that you can easily identify the different NCP processes and sessions. It is important to NCP analysis to understand that each session is most likely a different program on the requesting host sharing the same NCP connection.
Changes to packet-ncp2222.inc
1. Comment out the echo of NCP connection info to expert tap. Replaced by NCP sessions.
2. Add displayEID in request decode (resolves Coverity defect for dead code in NCP dissector)
Changes to ncp2222.py
1. Fix for endian display of bindery object type in NCP 0x1720.
2. Fix for size of bindery object type to 2 bytes instead of 4 to match other bindery NCP's.
svn path=/trunk/; revision=17636
2 patches for the "flow graph" display. It is better not to insert invalid packets into the list than to control the list is correct while using it...
svn path=/trunk/; revision=17622
drawing_area widgets. Instead of canoodling around with a global list
of graphs, simply associate a graph to its widgets using OBJECT_SET_DATA.
This should take care of Coverity CIDs 50 - 59.
Clean up whitespace.
svn path=/trunk/; revision=17554
Please find enclosed 2 patches.
- Voip_calls_dlg.c.patch fixes a problem that appears with a release
compiled with GTK 2.8 + Visual Studio 2003. It seems g_snprintf can
corrupt memory when a length bigger than the array size is provided in
the second parameter (even if the generated string is smaller than the
array actual size!!)
- graph_analysis.c.patch fixes a memory corruption problem easy to
reproduce. Just open the pcap file enclosed, select "Statistics"->"Flow
Graph" and activate the "Network source/destination addresses" radio
button before pressing OK. You'll see a crash dump.
Thanks to check in
Best Regards
Laurent
svn path=/trunk/; revision=17543
use UTF-16 internally and GTK+ 2.x uses UTF-8, which means we have to
do a lots of conversions.
Add utf_8to16() and utf_16to8 convenience functions to strutil.c.
svn path=/trunk/; revision=17534
This bug was discovered while looking at defects #130 and #131 discovered by coverity.
This patch also fixes these non-severe defects.
svn path=/trunk/; revision=17531
- Change to display NCP connection for each conversation
- New NCP Endpoints. Please apply
expert_comp_table
- Use local variable space instead of pointer. The previous implementation utilized pointers and the values would change the table data.
svn path=/trunk/; revision=17446
a patch for the VoipCalls to fix a couple of issues:
- a problem with the RTP Events (RFC2833) not been handle correctly
- Display the RTP stream in time order when the setup frame is after the
RTP stream.
- fix a init issue that caused the H245 packet to not been displayed
correctly.
svn path=/trunk/; revision=17383
more like the one used by gedit. (Note that the file in question might
not be a capture file, although it probably is.)
svn path=/trunk/; revision=17355
pinfo->net_src and pinfo->net_dst where used to set up conversation, but
this fields are null on eap stream. use pinfo->src and pinfo->dst
instead.
The patch also enable strict checking in the 'follow ssl stream' dialog.
svn path=/trunk/; revision=17333
- enable the 'follow SSL stream' menu item only when a ssl packet is selected.
- when 'following' an ssl stream, show ssl decrypted data only for current conversation.
- fix a typo in ssl preference description.
svn path=/trunk/; revision=17301
The Windows-native routines were integrated by inserting
#if GTK_MAJOR_VERSION >= 2 && _WIN32
win32_native_routine(GDK_WINDOW_HWND(top_level->window));
return;
#endif
at the beginning of each GTK+ file routine. There's probably a prettier
way to do this.
Some of the sizes need to be tweaked in win32-file-dlg.rc, but everything
seems to work.
Fix up whitespace.
svn path=/trunk/; revision=17285
Jaap Keuter