Commit graph

20815 commits

Author SHA1 Message Date
Michael Mann
7bf6862ecf convert to proto_tree_add_subtree[_format]
Change-Id: Ia7014003a3cff5181295172978d6c613c3b83b0b
Reviewed-on: https://code.wireshark.org/review/2676
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-28 12:05:43 +00:00
Guy Harris
efc0a00520 We're not currently using dissect_rtcp_psfb_remb(); #if 0 it out.
Also, note that we need to determine how to handle Application Layer
Feedback messages based on the SDP setup traffic for the session; recent
changes disabled dissection of REMB Application Layer Feedback messages
in favor of MS-RTP Application Layer Feedback messages.  (This is why we
shouldn't remove dissect_rtcp_psfb_remb() unless REMB isn't being used
any more.)

Change-Id: Ib320bdf4a64263fdef29fc4ea2583eaae1cc4bee
Reviewed-on: https://code.wireshark.org/review/2684
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-27 07:41:21 +00:00
AndersBroman
f0d291be28 In function 'dissect_rtcp_psfb':
packet-rtcp.c:1232: warning: unused parameter 'top_item'

Change-Id: I76522a9c6094473ce0eeeb7cc929a66e6da21909
Reviewed-on: https://code.wireshark.org/review/2683
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-27 04:24:49 +00:00
Britt McKinley
f36db97506 RTCP: Add support for MS-RTP
Support for Profile Specific Extensions from MS-RTP
Support for RTCP Feedback Messages
Support for Application Layer Feedback Messages. 
MS-RTP: Real-time Transport Protocol (RTP) Extensions
http://msdn.microsoft.com/en-us/library/office/cc431492.aspx

Change-Id: I1f1e6e60b5f9d09b1dffd7e308426c0b67914441
Reviewed-on: https://code.wireshark.org/review/2586
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-27 03:52:11 +00:00
Evan Huus
a87e292272 Tighten the dump-glossary test.
1. The only indication we get of an out-of-order value string is a message on
 STDERR, so check that and fail the test if STDERR wasn't empty.

 2. This exposes an out-of-order value string in packet-stun.c; fix it.

 3. This triggered the pre-commit hook on packet-stun.c, which noticed an API
 error (ENC_ASCII -> ENC_ASCII|ENC_NA); fix that too.

Change-Id: I36f87a2a87b40537119562f22a7e3012716ff239
Lesson: automated testing/tooling is both wonderful and scary.
Reviewed-on: https://code.wireshark.org/review/2682
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-27 03:47:32 +00:00
Martin Kaiser
1560b678ee show an expert info if a non-control urb contains a setup packet
Change-Id: I9339869defa47a862b6174d8821cdd8e6186f5c5
Reviewed-on: https://code.wireshark.org/review/2678
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-27 03:22:00 +00:00
Martin Kaiser
06ba7b4b3f a USB urb of an unknown transfer type does not contain a setup packet
Change-Id: Iac6a259a1081b907149c49023614a5053440e560
Reviewed-on: https://code.wireshark.org/review/2677
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-27 03:21:38 +00:00
Evan Huus
c9b03b424f add a cast, the mask makes it safe (stupid compiler)
Change-Id: Iaf24c62295a93a1abd4fe3daf7e4c9587c3ef76b
Reviewed-on: https://code.wireshark.org/review/2670
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-26 15:38:11 +00:00
Yan Burman
1f724bc891 iSER: Add iSER dissector support
Bug: 10189
Change-Id: Ie99d99a1736b3c6446d5a00edf201a49dfcd4780
Reviewed-on: https://code.wireshark.org/review/2247
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-26 15:26:18 +00:00
Michael Mann
a09de615b4 Fix Function call argument is an uninitialized value
Change-Id: I716e80e53477edd419164c61937800795a550869
Reviewed-on: https://code.wireshark.org/review/2651
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-26 14:07:31 +00:00
Pascal Quantin
7c1b5e9b7e Fix several compilation warnings
Followup of gf798709

Change-Id: I0afddfe2e9b9ac454377f2358a29b4ecdd011b91
Reviewed-on: https://code.wireshark.org/review/2668
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-26 13:08:59 +00:00
Michael Mann
f7987091ba convert to proto_tree_add_subtree[_format]
Change-Id: I525ac2aae2bdbfd5f3a2f3b35f1bf10dde053f66
Reviewed-on: https://code.wireshark.org/review/2667
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-26 11:41:10 +00:00
Britt McKinley
732656c6f3 STUN: Add support of MS-ICE2 (Used by Lync)
Interactive Connectivity Establishment ICE Extensions 2.0
http://msdn.microsoft.com/en-us/library/office/cc431504.aspx

Change from review:
1) Change encoding for foundation to ASCII
2) Move case for MS_IMPLEMENTATION_VER.

Change-Id: Ic524a2fe811695478aba81af9cbb3dbd031bbce3
Reviewed-on: https://code.wireshark.org/review/2579
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-06-26 05:15:00 +00:00
Alexis La Goutte
06cf499eaf Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
Change-Id: Icec39c64d952ccc9739df95135ed79b3196a427a
Reviewed-on: https://code.wireshark.org/review/2652
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
2014-06-26 02:43:12 +00:00
Pascal Quantin
fd5b0777bb DLSw: better fix, as suggested by Evan
Change-Id: I82556c40cc4f0618e9e1c927beafa19ea4659683
Reviewed-on: https://code.wireshark.org/review/2650
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-25 18:53:56 +00:00
Pascal Quantin
a8652ea529 DLSw: ett2 proto_item variable is an input parameter for dissect_dlsw_capex()
Regression introduced in g888f22d

Change-Id: I6ae451ef31b188540db4e4687c9fa492e8aa195e
Reviewed-on: https://code.wireshark.org/review/2649
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-25 17:58:31 +00:00
Peter Wu
4224e353f9 ssl-utils: add missing ett registration
Fixes the dissector bug warning:
"epan/proto.c:4657: failed assertion "idx >= 0 && idx < num_tree_types"

Add some comments to avoid future mistakes, add folding markers and fix
alignment of curves hf.

Change-Id: Ibcb57bfeb09a9777324682704a86f1ce260d345e
Reviewed-on: https://code.wireshark.org/review/2642
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-06-25 17:16:26 +00:00
Pascal Quantin
13a972bac4 DTPT: remove unused variables
Change-Id: I9c8e26af6e0d71012b010dee24a0d0d7220b49f7
Reviewed-on: https://code.wireshark.org/review/2648
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-25 17:05:05 +00:00
Michael Mann
888f22de16 convert to proto_tree_add_subtree[_format]
Change-Id: I2ea1892b5963cc5578cbdd2b03029ca8424f2267
Reviewed-on: https://code.wireshark.org/review/2640
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-25 16:35:14 +00:00
Guy Harris
a11879e218 Get rid of an unused variable.
Change-Id: I8e436b7e4724c85943200087783d3cf7dd7c1535
Reviewed-on: https://code.wireshark.org/review/2639
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-25 02:38:24 +00:00
Michael Mann
29ecd114bf convert to proto_tree_add_subtree[_format]
Change-Id: I5f573dffabb8685a8e5a334ff2bfb24d9838daa6
Reviewed-on: https://code.wireshark.org/review/2601
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-24 23:42:13 +00:00
Evan Huus
83da877fff Add back initializers dropped in g9356d5c689fa
They were actually necessary.

Bug:10224
Change-Id: I9973bf7bab670d12e5b90bb2a57e99f9125d6a07
Reviewed-on: https://code.wireshark.org/review/2632
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-24 22:28:11 +00:00
Evan Huus
2a1e3d16aa Fix two bugs in kafka dissection
- Respect the length field when dissecting message sets
 - Don't "wrap around" in capture when doing request/response matches

Also convert one instance to proto_tree_add_subtree, as an experiment.

Change-Id: Id161687865afa7ca83e6943a643bc54582f65554
Reviewed-on: https://code.wireshark.org/review/2624
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-24 21:59:41 +00:00
Anish Bhatt
b4d4218a18 OSPF Cleanup. Remove unnecessary TFS declarations
Change-Id: I9b4205f6d579ea9e707d83baf81f77393e3098b4
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/2478
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-24 19:56:52 +00:00
Pascal Quantin
eaf6bf3ec0 MBIM: add an option to force SMS PDU decoding format if MBIM_DEVICE_CAPS_INFO message was not captured
Change-Id: Iff78a00b463a7a33e1705c76ea49618af532f3aa
Reviewed-on: https://code.wireshark.org/review/2621
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-24 17:25:30 +00:00
Guy Harris
4f1d20abae proto_tree_add_uint() takes a value, not an encoding, as an argument.
Change-Id: Ie2c0523e32b54cd13506501d98215934a8d1304e
Reviewed-on: https://code.wireshark.org/review/2611
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-24 06:57:32 +00:00
Martin Kaiser
e68638fe6b usb iso urbs on linux can't possibly contain a setup packet
see mon_bin_event() in the linux kernel where the setup_flag is set only
for control urbs

clean up various things related to this assertion:
remove type_2 parameter
show the iso descriptors in any case
calculate the end offset correctly, the end offset is the byte after the
iso data

Change-Id: Iebfbe6443c224a958a1697563aa8fb853d7aa8c2
Reviewed-on: https://code.wireshark.org/review/2541
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-24 03:11:56 +00:00
Joerg Mayer
0f76609237 Remove unneeded include <sys/stat.h>
Change-Id: I3be8f29d2b4fba2cb1d7ee2f29bdb27e42dd40a5
Reviewed-on: https://code.wireshark.org/review/2607
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
2014-06-24 02:32:26 +00:00
Joerg Mayer
836feeb559 Remove unneeded sys/types.h
Change-Id: I03cd66cb9a2d01ea40308b338955756d08a36516
Reviewed-on: https://code.wireshark.org/review/2604
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
2014-06-24 02:08:07 +00:00
Michael Mann
4976d67184 Restore correct tree assignment.
Change-Id: Id06bd486114a80fb899f8dc148d48928e99e775e
Reviewed-on: https://code.wireshark.org/review/2602
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-24 02:01:05 +00:00
Peter Wu
e22d3c9b74 ssl: fix ClientKeyExchange, fix TLSv1.2 SKE for DH
Since DTLS and TLS do not differ in handling ClientKeyExchange and
ServerKeyExchange, its dissection got moved to ssl-utils. The code is
based on the SSL dissector, with header field names adjusted to the
DTLS ones (those got capitalized). Besides a version difference (for
signatures), the header field and function names, the DTLS and SSL code
are equal (this is verified).

This patch refactors the dissectors for DHE_RSA and ECDHE to make use of
a common function to dissect the signed_params field. All offset
tracking is also removed in favor of exception handling by the
proto_tree_add_item function. Occurrences of proto_tree_add_uint are
also replaced by proto_tree_add_item for simplicity.

After those changes, the SKE dissector for DH key exchanges is updated
to handle the mandatory signature field in TLSv1.2, using the newly
added function. (bug 9208)

Another bug occurred after the length check removal, pre-TLS and
OpenSSL's old DTLS implemenation do not include a vector length in
the CKE. This is now also fixed. (bug 10222)

Other minor changes: comments added/corrected, renamed
keyex_dh -> keyex_dhe (includes DHE_RSA and DHE_DSS).

Bug: 9208
Bug: 10222
Change-Id: I76e835d56a65c91facce46840d79c1c48ce8d5dd
Reviewed-on: https://code.wireshark.org/review/2542
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-23 23:31:40 +00:00
Joerg Mayer
8702a6b827 Remove some unneeded includes
Change-Id: I4327ead0451244daa0d876ae3a770cbbf80760c8
Reviewed-on: https://code.wireshark.org/review/2590
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
2014-06-23 23:19:28 +00:00
Pascal Quantin
dd7134d907 Initialize whole buffer in GPRS Mobility and Session Management dissector
Bug: 10216
Change-Id: I572a7a6ce0f816063f02397b667dd46c990cf73e
Reviewed-on: https://code.wireshark.org/review/2583
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-23 20:13:00 +00:00
Joerg Mayer
54cc0d86da Replace AF_ values by COMMON_AF_ values.
Remove no longer needed system includes

Change-Id: Id9ffffaa7da5185041db63fa7611d348a1cc4b68
Reviewed-on: https://code.wireshark.org/review/2577
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
2014-06-23 16:48:26 +00:00
Evan Huus
02edc3369b Revert "Optimize sip_is_known_sip_header()"
This reverts commit c9a5fbeb1d.

Change-Id: Ic2e5d531f719ed1107ef7bb1de12175d4601fd6d
Reviewed-on: https://code.wireshark.org/review/2574
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-23 16:22:30 +00:00
Evan Huus
520190c77b Revert "Cheat and try to fix the generated file manually."
This reverts commit 9079e3ad1d.

Change-Id: I0430408e139ff8de068c970d02e36122552614fe
Reviewed-on: https://code.wireshark.org/review/2575
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-23 16:22:08 +00:00
AndersBroman
9079e3ad1d Cheat and try to fix the generated file manually.
Change-Id: Iabf1821aa0ef676ac4d1d7f2983460b2e671a98a
Reviewed-on: https://code.wireshark.org/review/2573
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-23 15:30:39 +00:00
Jakub Zawadzki
c9a5fbeb1d Optimize sip_is_known_sip_header()
Profling SIP shows that gperf generated hashing code, is
3 times faster than using GHashTable & g_str_hash/_equal()

This result in about 1% improve of whole dissection (sip traffic with filter).

Change-Id: Id6bf64bacd872e2d1c30a1b6356db444b25ba326
Reviewed-on: https://code.wireshark.org/review/2116
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-23 14:42:20 +00:00
AndersBroman
eaf6e551fe Fix a typo.
Change-Id: I6874a6f4a340c2b8e82d1ca5333cbeb31ff27f2d
Reviewed-on: https://code.wireshark.org/review/2570
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-23 08:24:49 +00:00
Jakub Zawadzki
6e0be0173b Add col_append_lstr(), speedup column generation for TCP.
When dissecting with columns TCP dissector spends
around 1/4 time in col_append_fstr(), add col_append_lstr()
and do formatting by ourselves.

Change-Id: If90bc26242761884b4991e8db0db62c8f9e32690
Reviewed-on: https://code.wireshark.org/review/2527
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-23 03:33:59 +00:00
Guy Harris
ab6a45aec6 Get rid of set-but-not-used variable.
Change-Id: Ic0f2c79b4bd9fc737bf33ef64512f4142d74de6b
Reviewed-on: https://code.wireshark.org/review/2568
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22 22:18:12 +00:00
Guy Harris
6896def6da Get rid of some unused variables.
Change-Id: I2a806af639e5f0519ba93b0048ec7a4624fa33fc
Reviewed-on: https://code.wireshark.org/review/2567
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22 21:49:26 +00:00
Guy Harris
9c35a5d8fd Make dissect_lltd() a new-style dissector and register it as such.
Presumably that was the intent.

Change-Id: Icf8529a23a9a36e7f12e446d67f3867771b221d8
Reviewed-on: https://code.wireshark.org/review/2566
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22 21:42:43 +00:00
Michael Mann
9356d5c689 convert to proto_tree_add_subtree[_format] for ASN.1 dissectors
Change-Id: I753ca95e2e1b38bad2c09955317e648c525e40ef
Reviewed-on: https://code.wireshark.org/review/2509
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-22 21:08:21 +00:00
Michael Mann
2c0214efff LLTD dissector
bug: 6071
Change-Id: If7b544a762df10ffc13aeaf8886cf74a1757c37c
Reviewed-on: https://code.wireshark.org/review/2512
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-22 21:07:43 +00:00
Michael Mann
188aa9a80e convert to proto_tree_add_subtree[_format]
Change-Id: Ib60ca75b7da8cfa21cfe2999c9b9448a02c332df
Reviewed-on: https://code.wireshark.org/review/2560
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-22 21:07:16 +00:00
Evan Huus
3fc441e7a5 Initialize whole buffer in GTP dissector
Bug:10216
Change-Id: Ib7de616d50937eb43b16daa4067ee0de9edc8ec7
Reviewed-on: https://code.wireshark.org/review/2562
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-22 20:54:28 +00:00
Evan Huus
ce99d8a205 Fix leak in nbap init function
Change-Id: I9a70d4da936ad5fd847fc1ba0b29b7220030b977
Reviewed-on: https://code.wireshark.org/review/2558
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-22 20:23:52 +00:00
Evan Huus
dfe7e71ec5 Fix a leak in the SCTP dissector
use wmem instead of glib

Change-Id: I326d2dd71b13ae45b4434c86fdacf9f3cec6c069
Reviewed-on: https://code.wireshark.org/review/2557
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-22 20:23:36 +00:00
Michal Labedzki
0a960872d7 Logcat: Set data-text-lines dissectors for log
Some binary logcat packets has more then one line, show them in
a convenient form.

Change-Id: I008aac6fe5589f2b10db51f7221853f9d79bbc7a
Reviewed-on: https://code.wireshark.org/review/2549
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
2014-06-22 16:57:35 +00:00
Michal Labedzki
10fc6e2531 Bluetooth: A2DP: Fix fuzz failture
Fix invalid structure casting by using defaults values,
this also fix DecodeAs for A2DP.

Do the same for VDP.

Change-Id: I360787af648ed65205eb54732ab6d88f8532cf15
Reviewed-on: https://code.wireshark.org/review/2551
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
2014-06-22 16:56:48 +00:00
Michal Labedzki
164af0050d Bluetooth: Complete sessions
Some interfaces support multiple Bluetooth adapters with events like
add/remove. We must support that to distinquish adapters streams
in case that new adapter has the same id that old one.

Next one is create session for "Connection Handle", so
next layer will now when it is connected and disconnected.
This is also used to distinguish streams.

Change-Id: I9e062c8e4cc9c033b75f1a596e8351a215169843
Reviewed-on: https://code.wireshark.org/review/2548
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
2014-06-22 16:56:31 +00:00
Guy Harris
58bbfa5ee3 When setting entry_tree, set entry_item as well.
Hopefully, this will fix the warnings from the buildbot that entry_item
was used without being set.

Change-Id: Ibfd921bfbbad68cd8eafd1e3ad3d178cfca03d6e
Reviewed-on: https://code.wireshark.org/review/2547
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-22 16:42:05 +00:00
Michael Mann
f5e2b4293d convert to proto_tree_add_subtree[_format]
Change-Id: I358bfaa4e5d40cd01b766f614f8bd0dbaf611dd0
Reviewed-on: https://code.wireshark.org/review/2508
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-22 14:34:17 +00:00
Martin Kaiser
08bd0128ed minor cleanups
Change-Id: Ieaa0fa5cdbe8dc8f50cf5b9ee432c786a8f9fc9a
Reviewed-on: https://code.wireshark.org/review/2540
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 04:11:04 +00:00
Martin Kaiser
4c740dc8f5 the tree that we use in the iso transfer function in is the urb_tree
Change-Id: Ia32c2f24df9392d1102fa1121ac93b1071bae7ca
Reviewed-on: https://code.wireshark.org/review/2538
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 03:53:00 +00:00
Martin Kaiser
6b90679284 no need to check the parent tree when we create the iso descriptor tree
Change-Id: I6cbc5047b8d58ecbe41bf5392d31dc0adc81d5d5
Reviewed-on: https://code.wireshark.org/review/2537
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 03:52:35 +00:00
Martin Kaiser
2b6ce23271 rename the ti variable
Change-Id: Iec3bdfcb3cb14e97045789aec1e11288357d379d
Reviewed-on: https://code.wireshark.org/review/2536
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 03:52:13 +00:00
Martin Kaiser
2aae7caa5d create the iso descriptor tree's title in a simpler way
Change-Id: I4e60295208c2ac35a452f5fb3dffd090cc151473
Reviewed-on: https://code.wireshark.org/review/2535
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 03:51:53 +00:00
Martin Kaiser
dfa7337b3a create a new function that dissects the usb linux iso transfer
(just copied the existing code)

Change-Id: Ia6dd9be9b39c3c16408e22181225c18d56ac6016
Reviewed-on: https://code.wireshark.org/review/2534
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-22 03:51:26 +00:00
Anish Bhatt
e02c66f157 Check constraints for OSPFv2 LSAs:
1 Router LSA: >= 24 bytes (>= 0 link descriptor(s) required)
2 Network LSA: >= 28 bytes (>= 1 router-ID(s) required)
3 Summary LSA: >= 28 bytes (>= 1 TOS metric block(s) required)
4 Summary LSA: >= 28 bytes (>= 1 TOS metric block(s) required)
5 AS-External LSA: >= 36 bytes (>= 1 TOS forwarding block(s) required)
7 NSSA LSA: >= 36 bytes (>= 1 TOS forwarding block(s) required)
9 Opaque Link LSA: >= 20 bytes
10 Opaque Area LSA: >= 20 bytes
11 Opaque AS LSA: >= 20 bytes

as described in Bug 6302

for all other types including unknown, check for minimum length of 20

Change-Id: I93451d99a93213b4ded8157cecd54b0a6221d351
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/2292
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-21 18:17:08 +00:00
Evan Huus
37b903d7ab batch of tvb-length conversions
Change-Id: I76ca4d075756e3ac691070e0c05344a410ea2498
Reviewed-on: https://code.wireshark.org/review/2507
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-21 04:01:52 +00:00
Pascal Quantin
6808afd017 TCP: update the list of options and put Kind and Length items in the right subtree
Bug: 10211
Change-Id: Ide37f2a2b33f0d6d7cdff897eed02a8c1ea24f7d
Reviewed-on: https://code.wireshark.org/review/2488
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
2014-06-20 18:51:27 +00:00
Stig Bjørlykke
2ab2921c7d Revert part of svn revision 52045 (git b38ee917)
This fix does change the format printed for values using bitmasks
(because the bit values are printed first) and is not always wanted
in this dissectors (because of readability).

We should have a better way of doing what I want in this dissectors,
so I'll have a look at this later.

Change-Id: I2477aa6b1d0c42a7ad5848bba3cb74dce3bba1f0
Reviewed-on: https://code.wireshark.org/review/2485
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
2014-06-20 17:04:49 +00:00
Guy Harris
ce3d2ff3de Rename dissector_add_handle() to dissector_add_for_decode_as().
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.

Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-20 16:43:56 +00:00
Martin Kaiser
4df6b51784 remove duplicate offset=0
Change-Id: I6653b733dfd2c587909371e50fd0c2efc4649dcd
Reviewed-on: https://code.wireshark.org/review/2482
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-20 16:22:58 +00:00
Martin Kaiser
ffccb9c069 no need for if(tree)
Change-Id: I5762fb30f57d0f9bc3e5fc786577ed1cc49b64d7
Reviewed-on: https://code.wireshark.org/review/2481
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-20 16:22:52 +00:00
Evan Huus
ee2885f9e8 add cast to fix buildbot
Change-Id: I945830a6dd9c34adf9802fa9e9948e2e90d8aba8
Reviewed-on: https://code.wireshark.org/review/2476
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-20 06:14:16 +00:00
Evan Huus
80c070fb51 Don't hide tcp option kind/len fields
Hidden fields are deprecated, and we were hiding them inconsistently anyways.

Bug:10211
Change-Id: Iaf1576ae7bc04c0c0bd896c096b117f1b8af2e9e
Reviewed-on: https://code.wireshark.org/review/2474
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-20 06:07:41 +00:00
Evan Huus
980f5f6711 batch of tvb-length conversions
Change-Id: I5e40df8af6841e3dad71c41d7e43c7971611b15f
Reviewed-on: https://code.wireshark.org/review/2473
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-20 05:33:04 +00:00
Michael Mann
4560881070 Cleanup display filters reported by checkfiltername.pl
Also ensured some files have their correct names at the top so they are more easily grepped

Change-Id: Ib0f5ddf14eb1616a93dee496107dc0eb09048825
Reviewed-on: https://code.wireshark.org/review/2452
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-20 04:09:31 +00:00
Bill Meier
728e5a1ab3 packet-vnc.c: Improve re-assembly.
Essentially:

  When more data is needed to continue dissecting a PDU, use
  DESEGMENT_ONE_MORE_SEGMENT instead of repeatedly requesting
  additional bytes (for one or a few more fields).

  - Improves the efficiency of the dissection;

  - Prevents 'one-pass' tshark dissection from redissecting
    the PDU repeatedly many, many times with each time dissecting
    the PDU with one or a few more additional fields.
    This generated *lots* of (repeated) output since a reassembled
    VNC PDU can contain many fields (each of short length).

  - (A comment in packet-tcp.c states, in effect, that repeatedly
     requesting a specific amount of more bytes to dissect a PDU
     will "break reassembly" although I note that the reassembly did
     seem to work (in-efficiently)).

Note: Although this patch improves the handling of reassembly, the
      dissector has significant issues. For example. see Bug #5366.

I expect this fixes the Bug #10134 issue: "Cannot allocate memory";

Before the fix, 'tshark -nVxr' for the input file generated trees with
multiple hundreds of thousands of entries and generated reassembled
PDUs consisting of many, many small fragments.

Change-Id: I970037c346fbaa4bffa5726fd5bee5f69396eabf
Reviewed-on: https://code.wireshark.org/review/2471
Reviewed-by: Bill Meier <wmeier@newsguy.com>
2014-06-20 02:58:11 +00:00
Evan Huus
0c3e1a243b Add casting and license info to fix buildbots
Change-Id: Iea53b17480d758c16822d80778fa4f186a188a91
Reviewed-on: https://code.wireshark.org/review/2470
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 23:55:47 +00:00
Dario Lombardo
84777a682d Removed SVN Id tag
Change-Id: I41931121ab8854e4737aeb565b4f51be87426fa9
Reviewed-on: https://code.wireshark.org/review/2375
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 22:23:05 +00:00
Michael Mann
e9bce9dd7e Add dissectors to match the groups of display filters they represent instead of all coming from proto_zbee_nwk.
Change-Id: I8049e84af4670b3dec436d2bab143d59557c07aa
Reviewed-on: https://code.wireshark.org/review/2450
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 22:21:37 +00:00
Michael Mann
f5e072a2c3 Remove "pkg" prefix from display filters.
Also rename base protocol filter name to match prefix of all other fields

Change-Id: Iff234c1443252b9f8e6d87fd7a76925746b5e513
Reviewed-on: https://code.wireshark.org/review/2449
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 22:19:58 +00:00
Michael Mann
b98dc77cde Cleanup filter fields that checkdisplayfilter.pl was complaining about.
Cleaned up filter names that were shared, but had different types (which can cause problems in a display filter compare)

Also cleaned up many [FIELDDESCR] that effectively mimicked the field name.  Even more could probably be done (and/or rename field name to be more descriptive), but I was being conservative.

Change-Id: I2e072b4f411c390b9430a0a0d903133d6decae5e
Reviewed-on: https://code.wireshark.org/review/2448
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 22:18:35 +00:00
Jakub Zawadzki
a45ce57a1a Optimize dissect_sip_route_header()
Don't manually fetch each character to find ',' use tvb_find_guint8()

Change-Id: I29711421469e868a86bf2edd7adf8dcc85ed26eb
Reviewed-on: https://code.wireshark.org/review/2446
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 22:16:43 +00:00
Michael Mann
8b12768551 calling subdissectors shouldn't be conditional on a tree
Change-Id: I59ad726c16d4a85dd065f4a21bdf5d86e47c82cd
Reviewed-on: https://code.wireshark.org/review/2451
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-19 22:16:41 +00:00
Martin Kaiser
1e9bc6e483 handle TS packet reassembly for PES packets with 0 length field
(unknown length)

this fixes bug 9527

Change-Id: I255ae9662dfeea06e61e4b0891e0ea8eaa254d0f
Reviewed-on: https://code.wireshark.org/review/2462
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-19 21:52:44 +00:00
Martin Kaiser
0c0bd541a1 no need to initialize these two vars
Change-Id: Ie1a71046b791bcbbf3cf02ddd1c4ddc88b388302
Reviewed-on: https://code.wireshark.org/review/2461
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
2014-06-19 21:52:25 +00:00
Guy Harris
b936dbd7ee Protocols sending the OS's AF_INET6 value are OS-specific or broken.
Check for all the different AF_INET6 values that are on various OSes.
If Totem is, and will forever be, used *ONLY* on one particular OS, feel
free to remove the uses of other _AF_INET6 values (but do *not* change
back to using the OS's AF_INET6; this should dissect the protocol
correctly on *all* OSes).

Add a common AF_INET definition to epan/aftypes.h while we're at it, and
use that; as most OSes picked up 4.2BSD's AF_INET value, most if not all
of them use 2, but IPv6 came out after 4.2BSD, and various OSes all
picked their own values for AF_INET6.

Change-Id: Iae15dfdd15203ed3ecd078a6499821dc09139a98
Reviewed-on: https://code.wireshark.org/review/2458
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-19 21:23:33 +00:00
Evan Huus
15a0a63156 batch of manual tvb_length conversions
Change-Id: Ifea45514bdba8be5f62b9dc560027077297f631e
Reviewed-on: https://code.wireshark.org/review/2456
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 19:56:32 +00:00
Evan Huus
5ed05dd747 batch of manual tvb_length conversions
Change-Id: Ib3a1ddc4342a7a8648d6ed8bfcb35aa229c56a27
Reviewed-on: https://code.wireshark.org/review/2445
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-19 19:55:31 +00:00
Pascal Quantin
0a3b1d8beb Kerberos: fix dissection of packets when Record Mark is present
Bug: 10200
Change-Id: Ied8db64120131c029e276d66aeff8b81a45a7286
Reviewed-on: https://code.wireshark.org/review/2447
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-19 19:44:15 +00:00
Guy Harris
12574468e1 address_to_str() *does* take a const pointer.
At least now it does.  (So does ep_address_to_str().)

Change-Id: I5fdf15ca42faac802fd21b4b6f5b750ed402bd05
Reviewed-on: https://code.wireshark.org/review/2442
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-19 19:10:00 +00:00
Evan Huus
592c3673c6 Fix underflow causing infinite loop in openflow dissector
Bug:10208
Change-Id: I8aff9523fd33cf9e0802153100ea032139966b26
Reviewed-on: https://code.wireshark.org/review/2440
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 19:08:21 +00:00
Guy Harris
08a318a4df Those address_to_str() calls were in packet scope, and were safe.
Change-Id: Ic727eca800a1b8972cf1a09cf2cf4ef8cfe4d0ba
Reviewed-on: https://code.wireshark.org/review/2439
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-19 19:05:23 +00:00
Guy Harris
46ecf18fbd Use address_to_str(NULL, ...) for strings allocated outside dissectors.
ep_address_to_str() doesn't crash if called outside packet scope, but
it's still not correct to use outside packet scope.  Use
address_to_str(NULL, ...) to allocate those strings, and then explicitly
free them when we're done; exceptions don't get thrown between the
allocate and free, so there's no risk of a leak.

Change-Id: Iea2af93b0757e648d399e2ba64249224eb7e9e3c
Reviewed-on: https://code.wireshark.org/review/2438
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-19 18:58:49 +00:00
Evan Huus
83762f9f9b Add sys/socket.h which should fix solaris
Change-Id: Ic6f9e8dce860c2bd54bb4c5e0f2d0526178fc720
Reviewed-on: https://code.wireshark.org/review/2437
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 18:54:53 +00:00
Pascal Quantin
39f6a8b669 Revert "Update PIDL source files with the API changes done in g021e7af"
This reverts commit e09d127a9a.

Change-Id: Id34b9f5875b1d63aaeed96b3ffdc8ece63ab4134
Reviewed-on: https://code.wireshark.org/review/2436
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
2014-06-19 18:42:44 +00:00
Evan Huus
7398779206 rename variable to avoid shadow warning
Change-Id: I5934120da2dddf9076972ea3a471191f7dc9596a
Reviewed-on: https://code.wireshark.org/review/2434
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 18:27:52 +00:00
Michael Mann
b0bc4d5535 Revert "Fixup: ep_address_to_str -> address_to_str"
Most (all?) of these functions are being called within GUI, so they can't have packet_scope, which is why they weren't already converted (I made this mistake once already)

This reverts commit 7fea55a054.

Change-Id: I4bf29b206e5e1f5daefcec131309a8f6e78e1eb1
Reviewed-on: https://code.wireshark.org/review/2428
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-19 18:26:57 +00:00
Michael Mann
14824e6adf Revert "Fixup: tvb_* -> tvb_captured"
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html

This reverts commit 246fe2ca4c.

Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-19 18:25:59 +00:00
Jesse Gross
c95ff6b42f Add dissector for Generic Network Virtualization Encapsulation (Geneve).
Change-Id: I3ecf655d8e49bb7b519c4ba95d4e45c7b114bdd6
Reviewed-on: https://code.wireshark.org/review/2359
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 18:24:03 +00:00
Michael Mann
53594f34e4 Dissectors for totemnet and totemsrp protocols implemented in corosync cluster engine. Bug 3232.
From Masatake YAMATO

changes in patch3 (Masatake YAMATO):

  * Fix a typo(s/Sequnce/Sequence/)
  * Use variable len instead of a number literal
  * Put _U_ marker to length parameter of dissect_corosync_totemsrp_ip_address
  * Use tvb_report_length instread of tvb_length

changes in patch5 (Masatake YAMATO):

  * packet-corosync-totemsrp.c: Adapt to new dissector_try_heuristic interface

    + pass hdtbl_entry argument to dissector_try_heuristic.

  * packet-corosync-totemnet.c: Initialize corosync_totemnet_port to 5405

changes in patch6 (Masatake YAMATO):

  * packet-corosync-totemsrp.c: Use tvb_reported_length instead of tvb_length.
  * packet-corosync-totemsrp.c: Remove unnecessary trailing space in string literals.

  * packet-corosync-totemnet.c: Remove SVN Id tag in a comment.

changes in patch8 (Masatake YAMATO):

  * packet-corosync-totemnet.c: Remove SVN Id tag in comment(again).
  * packet-corosync-totemsrp.c: Use val_to_str_const instead of val_to_str.

changes in patch9 (Masatake YAMATO):

  * wsutil/sober128.[ch]: New files derived from packet-corosync-totemnet.c.
    Decryption code is moved here.
  * packet-corosync-totemnet.c: Remove all decryption code from this file.

Change-Id: Id832d9c5ce1be1668c857c9bbf39e8a84c31880c
Reviewed-on: https://code.wireshark.org/review/725
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 18:23:09 +00:00
Anish Bhatt
0b245a4cf8 Use the same offset += rtnValue logic for all TLV types, instead of a special case for chassis, port & ttl.
I've avoided using any mathematical checks even though tlv type vals increase linearly just in case they change in the future.

Change-Id: I0ec7021df5b91543e12edf9ba8d9c4ac44ecb11c
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Reviewed-on: https://code.wireshark.org/review/2193
Reviewed-by: Evan Huus <eapache@gmail.com>
2014-06-19 18:22:44 +00:00
Guy Harris
3adc5b8c80 To make a dissector available for Decode As, just use dissector_add_handle().
No need to use dissector_add_uint() with a bogus value.

Change-Id: Ia5e51d199487ba14cd671c7df44231a0d407c50b
Reviewed-on: https://code.wireshark.org/review/2431
Reviewed-by: Guy Harris <guy@alum.mit.edu>
2014-06-19 17:54:38 +00:00
Michael Mann
daa70feddc Revert "Fixup: tvb_ensure_length_remaining -> tvb_ensure_captured_length_remaining"
See https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html

This reverts commit 021e7afc9f.

Change-Id: I0640eabce5ce8c4ff3a88ebf848b499f8bb8ed2f
Reviewed-on: https://code.wireshark.org/review/2429
Reviewed-by: Michael Mann <mmann78@netscape.net>
2014-06-19 17:23:41 +00:00
Pascal Quantin
bcff3c57cc Add the ability to dynamically add a new protocol to export PDU dialog box
Change-Id: I83012cc963d514982e40010e837e11a6fcf1bc3e
Reviewed-on: https://code.wireshark.org/review/2423
Reviewed-by: Anders Broman <a.broman58@gmail.com>
2014-06-19 06:48:32 +00:00