Comment out an unused variable definition;
Do some whitespace changes & several other minor changes;
Add editor modelines.
svn path=/trunk/; revision=53578
Use 'offset += 1' instead of 'offset++' for consistency;
Replace 32767 (as a mask) with 0x7FFF for clarity;
Remove some unneeded boilerplate comments;
Do whitespace changes.
svn path=/trunk/; revision=53577
and also DT1s. Update the preference text to reflect that.
(Don't change the actual preference name to avoid breaking backward
compatibility.)
svn path=/trunk/; revision=53576
Move value_string array definitions from .h to .c file
(value_string definitions should never be in a .h file);
Add XXX comments re value_string arrays containing
duplicate values [ptp_opcode_names & ptp_respcode_names];
Remove unneeded #includes (stdio.h, stdlib.h & string.h);
Remove some unneeded initializers;
Add editor modelines.
Do some whitespace & long-lines changes;
svn path=/trunk/; revision=53570
Add an XXX comment noting that the 'ndps_error_types' array has a
number of duplicate values; Also note the commenting out of those
dups which would not have been found via a linear search in the
original unsorted array.
svn path=/trunk/; revision=53558
effort to figure out whether they *are* used (and there's no point in it
doing so - might as well just flag them preemptively).
pidl can't handle this, at least not on OS X, as it's not handling the
C++/C99-style dissectors in the IDL for NSPI, so we manually put the
_U_s back.
svn path=/trunk/; revision=53554
the result of pidl on dce.idl.
(We can't just regenerate it, as there are some pidl bugs that cause bad
code to be generated.)
svn path=/trunk/; revision=53541
suggest using our version of pidl, given that its Wireshark
parser generator has changes to support the current internal
Wireshark APIs for dissectors;
suggest using "--includedir ." to make IDL files in
subdirectories of epan/dissectors/pidl work;
update the list of IDL files with issues;
reformat to 80x66 (if it's good enough for Herman Hollerith,
it's good enough for me!).
svn path=/trunk/; revision=53533
again (and some various other improvements):
Rebuild the dissector with the latest xcbproto and mesa.
Subject: [PATCH 01/11] X11 dissector: Support CARD64 and INT64 types
These types are used by the new Present extension.
Subject: [PATCH 02/11] X11 dissector: Un-blacklist a few structures
The xinput structs are used by the latest xcb/proto, and the xkb
struct has been removed.
Subject: [PATCH 03/11] X11 dissector: Add hack for xinput:ChangeProperty
xinput:ChangeProperty should use switch/case, but only switch/bitcase
is supported at the moment. Add (hopefully temporary) hack.
Subject: [PATCH 04/11] X11 dissector: Use namespace for types
In particular, the name of the xsync struct 'INT64' collides with a
basic type of the same name.
Subject: [PATCH 05/11] X11 dissector: Add support for "Generic" events
All new extensions are using the new "Generic" events instead of
traditional events, because there aren't enough traditional event
numbers.
Denoted by <event xge="true"> in xcb/proto.
Subject: [PATCH 06/11] X11 dissector: Blacklist unused structures
Subject: [PATCH 07/11] X11 dissector: Support multiple enumref in a bitcase
XKB is weird.
Subject: [PATCH 08/11] X11 dissector: Support sumof
Subject: [PATCH 09/11] X11 dissector: Stop generating unused-but-set variables
(This patch also reverts r53298/r53299.)
svn path=/trunk/; revision=53532
again (and some various other improvements):
Rebuild the dissector with the latest xcbproto and mesa.
Subject: [PATCH 01/11] X11 dissector: Support CARD64 and INT64 types
These types are used by the new Present extension.
Subject: [PATCH 02/11] X11 dissector: Un-blacklist a few structures
The xinput structs are used by the latest xcb/proto, and the xkb
struct has been removed.
Subject: [PATCH 03/11] X11 dissector: Add hack for xinput:ChangeProperty
xinput:ChangeProperty should use switch/case, but only switch/bitcase
is supported at the moment. Add (hopefully temporary) hack.
Subject: [PATCH 04/11] X11 dissector: Use namespace for types
In particular, the name of the xsync struct 'INT64' collides with a
basic type of the same name.
Subject: [PATCH 05/11] X11 dissector: Add support for "Generic" events
All new extensions are using the new "Generic" events instead of
traditional events, because there aren't enough traditional event
numbers.
Denoted by <event xge="true"> in xcb/proto.
Subject: [PATCH 06/11] X11 dissector: Blacklist unused structures
Subject: [PATCH 07/11] X11 dissector: Support multiple enumref in a bitcase
XKB is weird.
Subject: [PATCH 08/11] X11 dissector: Support sumof
Subject: [PATCH 09/11] X11 dissector: Stop generating unused-but-set variables
(This patch also reverts r53298/r53299.)
svn path=/trunk/; revision=53531
Part of the fix includes having the IPv6 dissector populate as much of a ws_ip structure as possible to pass to subdissectors of the "ip.proto" table, so the ttl value can be picked up.
svn path=/trunk/; revision=53522
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
We presumably want "decode as" behavior to be consistent across UIs so
call load_decode_as_entries() from read_prefs().
svn path=/trunk/; revision=53498
Fix 2 minor bugs wherein an incorrect (NULL) tree was always used;
Remove some unneeded initializers;
Localize some variables;
Use consistent indentation & whitespace formatting
Add editor modelines.
svn path=/trunk/; revision=53497
improve relative offset calculations for Kyoto-Tycoon protocol
from me:
use col_append_sep_str()
set the correct length in dissect_kt()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9418
svn path=/trunk/; revision=53495
Provide the capability to define a list of value_strings once and
then to expand the list as an enum and/or as a value_string array.
svn path=/trunk/; revision=53487
Create/use value_string_ext_free();
Display certain numbers also as hex in the
"forced to fall back to linear search: ..." value-string warning msg
Add editor-modelines to some files;
Do some whitespace changes.
svn path=/trunk/; revision=53484
Use FT_BOOLEAN instead of FT_UINT16 with 'ptp_bool_vals' value_string array;
Add editor modelines;
Do some whitespace & formatting changes.
svn path=/trunk/; revision=53477
Add menu items for each corresponding item in gtk/main_menubar.c that
calls gtk_stats_tree_cb(). Hopefully that's everything. Note that we use
quite a bit less code than the GTK+ flavor and why we might not want to
do that. Change a few things in ui/qt/CMakeLists.txt to more closely
match the GTK+ version. Add plumbing for tap registrations in
CMakeLists.txt and Makefile.am. Add the ability to copy text as CSV or
YAML.
svn path=/trunk/; revision=53464
Based on attachment #12139 (diff for adding the table) by rtsking117,
but keep original formatting and encoding (ASCII).
svn path=/trunk/; revision=53457
Specifically, proto_tree_add_expert() must take an actual tree node (for example
from proto_item_add_subtree()) and cannot take just any old item node. The
original intent (before the conversion) appeared to be just to put it on the
tree, so do that.
Another assertion gone from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9406
svn path=/trunk/; revision=53456
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog. Any GUI (GTK+/Qt/tshark) can just hook into the "decode as list" to see what can be provided.
This patch includes the GUI portion of the functionality (including packet-dcerpc.[ch] because it had some GUI dependencies that are now removed).
Other notes:
1. Some "GUI text" (UTF8_LEFTWARDS_ARROW and similar) made their way into the dissector code. Not sure how necessary it is and if reformatting the strings to avoid the macros is desired (TCP/UDP use it, SCTP doesn't).
2. I converted the SCTP functionality to have 2 tabs (instead of radio button), currently both are labeled "Transport" which could be confusing to users. Naming suggestions welcome (as well as for naming of tabs from other dissectors).
3. BER and DCERPC have more opportunity to use Decode As now that they are selected based on dissector presense, not packet_info values.
4. Catapult DCT2000 populates pinfo->ipproto, yet under new design will not show up to do Decode As. Should a "decode as item" be created for it?
5. BER dissector doesn't have Clear/Show Current functionality working (never did)
6. Bluetooth (in old design) could have been used "capture wide" instead of single packet (creating tabs of values not present in current packet), which goes against what I believe to be in the intent of Decode As, but I'm willing to hear counter-arguments.
svn path=/trunk/; revision=53446
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog.
This patch includes just the dissector portion of the functionality (minus packet-dcerpc.[ch] because it has hooks to the current GUI)
svn path=/trunk/; revision=53445
The main driving force for this was my new Decode As functionality (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9450) that wants a dissector/subdissector table relationship for all dissectors wanting to use Decode As functionality. The ethertype() function provides the value to the "ethertype" subdissector table, so I think it should be matched to a dissector. Only odd side effect is the display filter of "ethertype" returns no packets because there is no "item" associated with the dissector.
svn path=/trunk/; revision=53443
Add support for new PostgreSQL (9.3) error/notice message fields
Improves the PostgreSQL protocol dissector by adding support for the new error and notice fields which are new in PG 9.3:
http://www.postgresql.org/docs/9.3/interactive/protocol-error-fields.html
In particular, it adds support for the 'p', 'q', 's', 't', 'c', 'd', and 'n' field codes.
From me :
Fix wrong hf name...
svn path=/trunk/; revision=53431
Add RFC6066 CertificateUrl TLS extension
This is not supported by OpenSSL or NSS, the extension itself seems
unsafe, but some implementations seem to support it[1].
Untested, no capture available.
[1]: http://www.ietf.org/mail-archive/web/tls/current/msg02535.html
svn path=/trunk/; revision=53417
Add status_request_v2 TLS extension dissection (RFC6961)
Besides adding status_request_v2 support, this patch moves the
Certificate Status Type from the OCSP Status subtree to its parent
(the extension tree). This is needed because this type applies to all
OCSPResponse fields.
The check for "tree != NULL" seems unnecessary here, it was not
clarified in the original patch so I removed it.
From me
Fix typo
Remove unneeded tvb_ensure_bytes_exist
Use proto_tree_add_item
svn path=/trunk/; revision=53416
Add TLS StatusRequest (RFC6066) ClientHello extension recognition
Only empty Responder ID lists and empty Request Extensions are
implemented. I could not really find existing clients or servers that
populate these.
This status_request extension has a different signature for a
ClientHello and ServerHello, in the latter the extension_data field
must be empty. Therefore an additional parameter is added to
dissect_ssl3_hnd_hello_ext.
From me :
Fix typo
svn path=/trunk/; revision=53415
dissector for Kyoto Tycoon binary protocol
from me:
make port range preference work
highlight the correct bytes for records
remove trailing commas
correct(?) 64->32 cast
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9418
svn path=/trunk/; revision=53383
'localize' some variables;
Remove some unneeded initializers;
Move proto_reg_handoff_...() to the end of the file as per convention;
Add forward declarations for proto_register_...() & proto_reg_hand_off_...();
Reformat some long lines;
Tweak some whitespace;
Add editor modelines.
svn path=/trunk/; revision=53358
'#if 0' variable 'set but never used' & related code;
'localize' some variables;
Remove some unneeded initializers;
Tweak some whitespace;
Add editor modelines.
svn path=/trunk/; revision=53357
Collect packet numbers when following streams so that we can correlate
text positions with packets. Add a FollowStreamText class so that we can
track mouse events. Add a hint label that shows the packet under the
cursor along with packet counts and the number of "turns".
Add the packet number to the C array dump. Note that dumping to YAML
might be useful for Scapy users.
svn path=/trunk/; revision=53314
help from Matthieu Patou.
If the DCE-RPC heuristic failed to identify a TVB, *but* we've already decoded
a DCE-RPC layer in this packet *and* the heuristic failed because we didn't have
enough data, make the reasonable assumption that it actually is another DCE-RPC
packet, and ask TCP to desegment more data for us and try again.
svn path=/trunk/; revision=53310
dissector_try_uint to dissector_try_uint_new: protocols called due to TCP port
matching were not getting added to the list of protocols in the frame. The
"add_proto_name" parameter should be TRUE except in unusual circumstances.
svn path=/trunk/; revision=53308
Create a new dialog each time the user follows a stream. A lot of the
follow code seems to assume one and only one dialog so there are likely
outstanding bugs.
Don't use the global cfile (should we deprecate its usage?). We want to
move closer to multiple documents, not further away.
Clean up after ourselves. Free our payload list and unlink our temp
file. Make a bunch of gchar*s QStrings. Make sure our destructor gets
called and use it.
Make member variable and method names more consistent.
svn path=/trunk/; revision=53306
x11-extensions-implementation.h .
This change was manually applied to the .h file as I can't currently rebuild
the X11 dissector.
svn path=/trunk/; revision=53298
the ftenum_t for the fvalue's ftype, rather than a pointer to the ftype
(which isn't all that useful except as a handle, unless you import the
internal header).
Have fvalue_to_string_repr() return NULL, rather than failing, if the
fvalue's ftype has no val_to_string_repr method.
This lets us not include the ftypes internal header in
ui/cli/tap-diameter-avp.c.
svn path=/trunk/; revision=53290
All dissectors that call tcp_dissect_pdus() have the same relative tree position, so it doesn't need to be specifically saved in the packet_info.
svn path=/trunk/; revision=53253
This was acheived by adding a void* data parameter to the dissect_function_t typedef in packet-rpc.h (r53213). After converting the pinfo->private_data, I'm not sure if it would be better to change the void* data pointer to be a rpc_call_info_value* explicitly. Not all "dissector functions" use it, but it would certainly save a lot of casting...
svn path=/trunk/; revision=53232
airpdcap.c:470:18: error: declaration of 'address' shadows a global declaration [-Werror=shadow]
airpdcap.c:611:18: error: declaration of 'address' shadows a global declaration [-Werror=shadow]
svn path=/trunk/; revision=53216
I didn't realize how expansive this change would be, so committing it now before replacing the pinfo->private_data, so if something needs to be reverted, all of this is not lost.
svn path=/trunk/; revision=53213
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198