whether the length value in the TPKT header is large enough to include
that much payload - if not, report the packet as not being a TPKT
packet.
Have the heuristic Q.931 dissector supply the appropriate value.
svn path=/trunk/; revision=5457
where the pointer to "dissect_data()" was in 0.9.3; the pointer to
"dissect_data()" wasn't initialized in 0.9.3 (as the function wasn't
exported - you call it through a handle), so no plugin should have been
using it, and putting the pointer to "tcp_dissect_pdus()" in its place
means the structure offsets of all function pointers after it will be
the same in 0.9.3 and the next release, preserving binary compatibility
for plugins.
svn path=/trunk/; revision=5395
extracting PDUs from it and possibly doing reassembly. Make the COPS,
DNS, DSI, Gryphon, and SCCP dissectors use it.
Add "set_actual_length()", "tcp_dissect_pdus()",
"decode_boolean_bitfield()", "decode_numeric_bitfield()", and
"decode_enumerated_bitfield()" to the list of routines available to
dissectors on platforms where routines in the main program aren't
available to dynamically-loaded code.
Declare routines in "to_str.h" as "extern"; as I remember, that's
necessary to allow the "decode_XXX_bitfield()" routines declared therein
to be made available to plugins as per the above.
Note that new exported routines should be added to the end of the table
if that's the only change being made to the table.
Create a new "plugin_api_decls.h" header file, used to declare both the
"p_" variables and the "p_" structure members in the routine-exporting
mechanism; this reduces the number of places you have to change to
change the list of exported routines.
svn path=/trunk/; revision=5394
As a result of that, we now construct a tvbuff for each Gryphon message;
this obviates the need to pass a message length to the dissectors for
each message type.
svn path=/trunk/; revision=5321
In the "configure.in" files, add
-D_U_="__attribute__((unused))"
to CFLAGS if we're using GCC, and add
-D_U_=""
otherwise, so _U_ can be used to mark arguments as unused.
Add -D_U_="" arguments to the Makefile.nmake files as well, so _U_ works
with Microsoft Visual C++ as well.
Add comments and RCS IDs to the Makefile.nmake files that don't already
have them.
svn path=/trunk/; revision=4824
have a TPKT header at the beginning, so there's not need for it to have
an offset as an argument; its callers don't have to know how big the
TPKT header is (or we can put a #define in "packet-tpkt.h" for it). Get
rid of the second argument.
svn path=/trunk/; revision=4791
packets per segment.
Instead of having a routine for dissectors such as the Q.931 dissector
to call to dissect the TPKT header, have a routine that does all the
reassembly and multiple-packets-per-segment work, and have the Q.931
dissector call it. Export "is_tpkt()", and the new routine, to plugins.
Add preferences for TPKT and Q.931 reassembly.
svn path=/trunk/; revision=4778
"epan/..." pathnames, so as to avoid collisions with header files in any
of the directories in which we look (e.g., "proto.h", as some other
package has its own "proto.h" file which it installs in the top-level
include directory).
Don't add "-I" flags to search "epan", as that's no longer necessary
(and we want includes of "epan" headers to fail if the "epan/" is left
out, so that we don't re-introduce includes lacking "epan/").
svn path=/trunk/; revision=4586
variables wrap-around. Since the request/reply packets are related via
a hash based on these uniqueness variables, long NCP traces can
have mis-matches reqeust/reply records.
Thus, only do the hash-lookup for the reply packet during the first
sequential scan of the trace file. Once the pertinent info is found,
store it in the packet's private data area.
Since the memory allocated for the hash and for the structures that make
up the keys are no longer needed after the first sequential run through
the trace file, arrange to free that memory after the first sequential
run. Similar to the register_init_routine() that allows dissectors
to register callbacks for calling *before* a capture file is loaded,
set up a register_postseq_cleanup_routine() function that allows
dissectors to register callbacks for calling *after* the first
sequential run-through of the trace file is made. This is not
a *final* cleanup callback, since Ethereal will still have that trace file
open for random-access reading.
I didn't have tethereal call postseq_cleanup_all_protocols() since
tethereal doesn't keep the trace file open for random-access reading.
I could easily be swayed to make tethereal call that function, however.
svn path=/trunk/; revision=4484
fixed to put something interesting there, fix the GIOP dissector to
restore the Protocol column if no heuristic dissector succeeded, and fix
up the plugin GIOP subdissectors to use "col_set_str()" to set the
Protocol column.
svn path=/trunk/; revision=4424
fix a bogus batch mode inference rule of make, so that
"vc60.pdb" files are created in the proper directory;
delete ".pdb" files in a "nmake -f Makefile.nmake clean";
include the text2pcap and mergecap ".pdb" files in the Windows
binary distribution.
svn path=/trunk/; revision=4385
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
svn path=/trunk/; revision=4371
structure to the "packet_info" structure; only stuff that's permanently
stored with each frame should be in the "frame_data" structure, and the
"column_info" structure is not guaranteed to hold the column values for
that frame at all times - it was only in the "frame_data" structure so
that it could be passed to dissectors, and, as all dissectors are now
passed a pointer to a "packet_info" structure, it could just as well be
put in the "packet_info" structure.
That saves memory, by shrinking the "frame_data" structure (there's one
of those per frame), and also lets us clean up the code a bit.
svn path=/trunk/; revision=4370
plugin APIs, and add the new "dissector_add_handle()".
Add an entry in the dissector table structure for
"create_dissector_handle".
svn path=/trunk/; revision=4314
take a dissector handle as an argument, rather than a pointer to a
dissector function and a protocol ID. Associate dissector handles with
dissector table entries.
svn path=/trunk/; revision=4308
from being required by anyone other than packet-data.c.
It can now be accessed with call_dissector() with the name "data".
dissect_data is now also of dissect_t.
svn path=/trunk/; revision=4271
addr_XXX p_XXX;
for all the declarations, to simplify things, as per Tomas Kukosa's
suggestion.
Fix a couple of comments.
svn path=/trunk/; revision=4149
that they're external when the plugin is compiled, and there's no
definition to satisfy the extern, so plugins fail to compile.
Add a "plugins/plugin_api_defs.h" header file that defines them, and
include that in one (and only one) source file for a particular plugin.
svn path=/trunk/; revision=4117
former depends on having "guint64" and the latter depends on
"%ll[douxX]" being what's used to print 64-bit integers, and there are
platforms on which Etheeal runs that don't have "guint64" or that don't
use "%ll[douxX]" to print 64-bit integers.
Get rid of the routines to extract 64-bit integers into "gint64"s and
"guint64"s, as per Ronnie Sahlberg's suggestion, to discourage people
from writing code that won't work on all platforms; they should be using
FT_UINT64, or the routines in "int-64bit.c", instead.
svn path=/trunk/; revision=4102
"proto_item_set_text()" except that it appends the result of the
formatting to the item's current text, rather than replacing the item's
current text. Use it in the DNS dissector.
svn path=/trunk/; revision=3880
but, before you set the text, you throw an exception while putting stuff
under the subtree, you end up with an absolutely blank protocol tree
item, which is really gross. Instead of calling
"proto_tree_add_notext()", call "proto_tree_add_text()" with at least a
minimal label - yes, it does mean you do some work that will probably be
unnecessary, but, absent a scheme to arrange to do that work if it *is*
necessary (e.g., catching exceptions), the alternative is an ugly
protocol tree display.
svn path=/trunk/; revision=3879
plugins, as the MGCP dissector uses it.
Don't set pointers to "dfilter_init()" and "dfilter_cleanup()" in that
transfer vector, as there *aren't* any pointers to them in the transfer
vector.
svn path=/trunk/; revision=2949
be loaded and their initialization routines called in right after we
call the initialization routines for built-in dissectors, but don't call
their handoff registration routines yet, and then call the handoff
registration routines right after calling the handoff registration
routines for built-in dissectors.
Do all that in "proto_init()", rather than "epan_init()".
That way, we call all dissector registration routines together, and then
call all dissector handoff registration routines together; all the
registration routines are called before any handoff registration
routines, as is required, and, as "proto_init()" is called by
"epan_init()" before "dfilter_init()" is called, all filterable fields
have been registered before "dfilter_init()" is called, and no plugins
have to call "dfilter_init()" themselves to get their fields registered.
Remove pointers to "dfilter_init()" and "dfilter_cleanup()" from the
plugin address table, as plugins shouldn't be calling them any more, and
remove calls to them from plugins.
svn path=/trunk/; revision=2940
statements.
Move the setting of the Protocol column in various dissectors before
anything is fetched from the packet, and also clear the Info column at
that point in those and some other dissectors, so that if an exception
is thrown, the columns don't reflect the previous protocol.
svn path=/trunk/; revision=2932
It was the last dissector that used "old_call_dissector()", and
tvbuffifying it got rid of that, so get rid of "old_call_dissector()".
svn path=/trunk/; revision=2892
"{old_}heur_dissector_add()", "{old_}conv_dissector_add()", and
"register_dissector()", so that an entry in those tables has associated
with it the protocol index of the protocol the dissector handles (or -1,
if there is no protocol index for it).
This is for future use in a number of places.
(Arguably, "proto_register_protocol()" should take a dissector pointer
as an argument, but
1) it'd have to handle both regular and heuristic dissectors;
2) making it take either a "dissector_t" or a union of that and
a "heur_dissector_t" introduces some painful header-file
interdependencies
so I'm punting on that for now. As with other Ethereal internal APIs,
these APIs are subject to change in the future, at least until Ethereal
1.0 comes out....)
svn path=/trunk/; revision=2849
"prefs_register_module()" except that it takes a protocol index as
returned by "proto_register_protocol()" as its first argument, rather
than taking two character strings as arguments as its first two
arguments, and uses the protocol's abbreviation as the name to use for
preferences in the preferences file and the "-o" flag and uses the
protocol's short name as the name to use in the tabs in the
"Edit->Preferences" window.
svn path=/trunk/; revision=2812
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
svn path=/trunk/; revision=2811
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
svn path=/trunk/; revision=2810
make it a bit of a pain to set their values on the command line (you
have to quote the name). Use underscores instead.
Give the gateway and callagent port preferences different names.
Fix up the text descriptions and labels for those preferences.
svn path=/trunk/; revision=2782
dissector call it through a handle, and make it static.
Give "dissect_data()" an "offset" argument, so dissectors can use it to
dissect part of the packet without having to cook up a new tvbuff.
Go back to using "dissect_data()" to dissect the data in an IPP request.
svn path=/trunk/; revision=2651
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
platforms that have "gint64".
Fix plugin-table lines for "dissector_delete()", "dissect_data()",
"prefs_register_module()", and "prefs_register_uint_preference()".
The MGCP dissector uses routines from GLib, so when building it as a DLL
for Windows, it has to be linked with "glib-XXX.lib".
svn path=/trunk/; revision=2643
"proto_item_set_len()", "proto_item_set_text()", and the preference
routines expected to be used by dissectors to the table of function
pointers handed to dissectors on platforms where dynamically-loaded
modules can't access symbols from the main program.
svn path=/trunk/; revision=2638
of function pointers handed to dissectors on platforms where
dynamically-loaded modules can't access symbols from the main program.
svn path=/trunk/; revision=2635
"plugins/Makefile.nmake" to build that plugin.
Add to the table of routines callable from plugins
"old_dissector_add()", "old_dissect_data()", and
"proto_is_protocol_enabled()", so that the Gryphon dissector can build
on Windows.
Move the includes of "plugins/plugin_api.h" and "moduleinfo.h" before
all the other includes, except for "config.h", in "plugin-mgcp.c", to
match what the Gryphon dissector does; "plugins_api.h" must be included
before any of the routines whose names it #defines in order for the
plugin to build on Windows. (It still doesn't build on Windows, as
still more routines need to be added to the table of routines callable
from plugins, but tomorrow is another day. Making libethereal a DLL may
obviate the need for that table, *if* all the routines called from a
plugin are in libethereal, as I think routines in a DLL, even a
run-time-loaded DLL, can call routines from another DLL as long as those
routines are exported from the other DLL.)
svn path=/trunk/; revision=2622
Add "tvb_find_line_end_unquoted()" for the benefit of the SDP dissector;
get rid of "find_line_end_unquoted()" as nobody uses it any more.
Add "tvb_pbrk_guint8()" for the benefit of
"tvb_find_line_end_unquoted()"; it searches for any of a number of
characters, unlike "tvb_find_guint8()" which searches for only one.
svn path=/trunk/; revision=2595
variables and a "dissector" routine, a "plugin_reg_handoff()" routine,
which will act just like the "reg_handoff()" routine of a non-plugin
dissector, registering the dissector with handoff tables.
This lets them plug into both TCP and UDP, or plug into protocols other
than TCP or UDP.
Those new-style plugin are enabled and disabled using the standard
"Edit->Protocols" mechanism (and thus should use
"OLD_CHECK_DISPLAY_AS_DATA()" or "CHECK_DISPLAY_AS_DATA()"); they don't
show up in the list of plugins, aren't enabled or disabled from that
list, and, as they don't have a filter, can't have the filter changed
from that list - instead, they should register preferences for port
numbers and the like if they should be configurable to use different
ports.
Make the Gryphon protocol a new-style plugin.
svn path=/trunk/; revision=2565
plugin is enabled -> disabled -> re-enabled due to the fact that
the protocol registration is performed at each plugin_init() call
(and there is no protocol cleanup like with dfilter_cleanup).
Now we use the proto_xxx static variable to check if it is the first
activation or not (in this case, the proto_register_xxx routines are
not called.
svn path=/trunk/; revision=2290
- add <stdarg.h> or <varargs.h> in snprintf.h
and remove those inclusions in the other #ifdef NEED_SNPRINTF_H codes
- remove the check of multiple inclusions in source (.c) code
(there is a bit loss of _cpp_ performance, but I prefer the gain of
code reading and maintenance; and nowadays, disk caches and VM are
correctly optimized ;-).
- protect all (well almost) header files against multiple inclusions
- add header (i.e. GPL license) in some include files
- reorganize a bit the way header files are included:
First:
#include <system_include_files>
#include <external_package_include_files (e.g. gtk, glib etc.)>
Then
#include "ethereal_include_files"
with the correct HAVE_XXX or NEED_XXX protections.
- add some HAVE_XXX checks before including some system header files
- add the same HAVE_XXX in wiretap as in ethereal
Please forgive me, if I break something (I've only compiled and regression
tested on Linux).
svn path=/trunk/; revision=2254
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
svn path=/trunk/; revision=2031
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
svn path=/trunk/; revision=1939
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
build "register.c" in the top-level Makefile;
set path in "config.nmake" to include the Cygwin directory for
tools - those tools are needed to build "register.c";
remove constructed source files, and some additional object
files, when doing "nmake clean".
svn path=/trunk/; revision=1896
Makefile.nmake clean" when "nmake -f Makefile.nmake clean" is done in
the top-level directory, so that "nmake -f Makefile.nmake clean" cleans
everything up.
svn path=/trunk/; revision=1792
pointers, and call the APIs by calling through the function pointers -
the old technique of using wrappers didn't work, as the underlying
function they all called no longer exists.
svn path=/trunk/; revision=1724
the name of the global variable containing packet information, and, on
platforms where dynamically-loaded code can't access global variables
and functions in the main program, we #define "pi" in plugins to be
"(*p_pi)", which causes problems even if a plugin with a local variable
named "pi" *isn't* accessing the global "pi".
svn path=/trunk/; revision=1723
proto_tree_add_protocol_format()
proto_tree_add_uint_format()
proto_tree_add_ipxnet_format()
proto_tree_add_ipv4_format()
proto_tree_add_ipv6_format()
proto_tree_add_bytes_format()
proto_tree_add_string_format()
proto_tree_add_ether_format()
proto_tree_add_time_format()
proto_tree_add_double_format()
proto_tree_add_boolean_format()
If using GCC 2.x, we can check the print-format against the variable args
passed in. Regardless of compiler, we can now check at run-time that the
field type passed into the function corresponds to what that function
expects (FT_UINT, FT_BOOLEAN, etc.)
Note that proto_tree_add_protocol_format() does not require a value field,
since the value of a protocol is always NULL. It's more intuitive w/o the
vestigial argument.
Fixed a proto_tree_add_item_format-related bug in packet-isis-hello.c
Fixed a variable usage bug in packet-v120.c. (ett_* was used instead of hf_*)
Checked in Guy's fix for the function declearation for proto_tree_add_text()
and proto_tree_add_notext().
svn path=/trunk/; revision=1713
This change allows you to add a new packet-*.c file and not cause a
recompilation of everything that #include's packet.h
Add the plugin_api.[ch] files ot the plugins/Makefile.am packaging list.
Add #define YY_NO_UNPUT 1 to the lex source so that the yyunput symbol
is not defined, squelching a compiler complaint when compiling the generated
C file.
svn path=/trunk/; revision=1637
have top-level Makefile.nmake call Makefile.nmake's in subdirectories.
Build plugins, and build generated source (lex, yacc). The only thing we
can't build is register.c; I need to re-work the top-level Makefile.nmake
because it lists object files, not C files, which make-reg-dotc needs.
svn path=/trunk/; revision=1608
The distro is buildable finally. I had to change "plugins/gryphon" from
a separately configured (i.e., "./configure") package to a member of
the main ethereal autoconf package so that PLUGIN_DIR could be passed
to plugins/gryphon/Makefile.am. In doing so, I had to get rid of
plugins/gryphon/config.h which had PACKAGE and VERSION #defined, the latter
of which was actually used in packet-gryphon.c. So I moved those two
#defines into a new file, plugins/gryphon/moduleinfo.h.
svn path=/trunk/; revision=1438
Make the default plugindir $(libdir)/ethereal/plugins/0.8. Ethereal now
looks for plugins in the following directories:
/usr/lib/ethereal/plugins/0.8
/usr/local/lib/ethereal/plugins/0.8
$plugindir (if different from above)
$HOME/.ethereal/plugins
svn path=/trunk/; revision=1382