is wrong; cast the "guint8" value to "guint" to widen it, so that adding
1 to it doesn't overflow. (But I don't think that cast should be
necessary - the "usual arithmetic conversions" in C should widen the
value anyway.)
svn path=/trunk/; revision=13770
cerlare it as a parameter that is a struct/union and not a ref pointer to one.
this is ok since toplevel ref pointers are invisible in the wire encoding anyway.
unfortunatelky ethereal dce runtime needed to see that pointer to keep track of whisch one was a toplevel and which one wasnt.
implement a new api to call pointers which explicitely specifies whether the pointer is toplevel or embedded.
eventually all dce dissectors will use this new interface and the generic dissect_ndr_pointer() can be retired.
svn path=/trunk/; revision=13755
(Perhaps we should just get rid of the "tag interpretation" field and,
instead, have explicit hf_ values for each of the fields and subfields.)
svn path=/trunk/; revision=13747
samples, and give the URL of the V5 spec and some hints about how to
handle the private enterprise code in those samples.
For subtrees that cover structures, make the tree cover the entire
structure, not just the first field.
Add the flow sample type and extended data type to the protocol tree.
Set the protocol column name to capitalize "sFlow" the conventional way,
and remove the redundant "sFlow" from the Info column.
svn path=/trunk/; revision=13744
dissecting it; instead, fetch items from the tagged field as we go.
Also, check the length of the tagged field against a minimum length, if
there is one.
When adding the SSID, just fetch it directly as a string, and leave it
up to the string display code to deal with non-printable characters.
When dissecting a tagged field, don't zero out the "out_buff" buffer
beforehand, just stick in the terminating '\0' afterwards.
svn path=/trunk/; revision=13743
Rename the RequestDissector type to ReqRespDissector as it's used to
dissect status (response) lines as well as request lines.
svn path=/trunk/; revision=13738
beautifully fine.
this patch overrides the array, tells idl2eth to not generate code to unmarshall the conformance blob or the data for the array.
a handwritted replacement function is implemented in the template instead which prettifies the output a lot.
svn path=/trunk/; revision=13735
now that we can decrypt DCERPC
the dissection is not complete since idl2eth can not yet handle
all the weird extensions in the idl file yet.
svn path=/trunk/; revision=13729
filter/selector/protocol associations for each dissector. This will be
used to improve our automated tests, but someone with time on their
hands could probably use it to generate a protocol poster using Graphviz.
svn path=/trunk/; revision=13721
- Give each IE its own subtree, with a summary at the root, and
details within the tree. It allows a condensed view when IE
trees are closed.
- Display country info in multiple protocol tree items, with
each (start channel, channels, power) triplet in a separate
item.
- Put a separate item into the protocol tree for each CFP
parameter.
svn path=/trunk/; revision=13713
should be used for ATM, so just use the data dissector for now.
The X.25 dissector registers itself as "x.25", not "x25".
svn path=/trunk/; revision=13711
fix the call to "rtp_add_address()" to match the new signature;
fix a problem with the codec displayed in the "Voip Graph"
for H245 "RequestMode" messages.
svn path=/trunk/; revision=13709
routine to handle that.
Don't format the value text into a buffer; just use
"proto_item_append_text()", so we don't run the risk of overflowing the
buffer.
Use "ip_to_str()" to format an IP address - don't roll our own code to
handle that.
Don't make "is_fhss" global - that causes its value to depend on the
last packet dissected, which isn't necessarily the right value for the
packet being dissected.
svn path=/trunk/; revision=13707
(cifs: dc's talking to eachother and when longhorn comes out: anyone wanting to talk dce to a dc!)
((this is an incredibly advanced feature well worthy of mentioning in NEWS))
svn path=/trunk/; revision=13690
Use "tvb_reported_length_remaining()", not "tvb_length_remaining()", in
the loop parsing the packet contents, so we throw an exception on a
short frame (to mark that it *is* a short frame).
Use "tvb_format_text()" for text strings, so we don't have a problem
with non-printable characters.
Use "ether_to_str()" to turn MAC addresses into strings.
Clean up indentation.
svn path=/trunk/; revision=13679
- better parsing for TIM info element: it parses 'bitmap control' byte
and provides list of AID for stations having power saving traffic.
- separate names for TIM elements. It helps to higlight beacons with
some properties, for example DTIM ones (dtim_count==0).
svn path=/trunk/; revision=13678
and Kerberos decryption is enabled in preferences
and if we have the keytab file available
then attempt to decrypt Secure LDAP
svn path=/trunk/; revision=13660
make spnego able to decrypt data wrapped inside
GSSAPI/SPNEGO/KRB5 arcfour-hmac
This code will be more etherealified and evolve into being able to link with MIT as well.
svn path=/trunk/; revision=13659
Replace the use of the undefined type krb5_keyusage (at least with heimdal)
in decrypt_krb5_data with the old int. The change wasn't complete anyway
as the .h file wasn't changed and the third implemenitation of
decrypt_krb5_data was left out also.
Disclaimer: I only made sure it compiles again, I don't know whether the
change has any side effects.
svn path=/trunk/; revision=13645
it serves the same purpose as the register routine in a built-in
dissector, and don't require all dissectors to have one, as they might
just be taps.
Get rid of the stats tree's init routine, as it's just a tap, and as it
doesn't do anything.
Update the idl2eth Python script to generate plugins with register routines.
svn path=/trunk/; revision=13644
recursion instead of iteration means that packets with sufficiently
large lists can cause it to overflow the stack and crash.
svn path=/trunk/; revision=13643
("Data lengths larger than 2^32-1 are not encodable using primitive
tags"), so it doesn't need to be a "guint64" - but it *can* be that big,
so we should handle the 65536-2^32-1 case.
Don't gratuitously throw away the upper 24 bits of various lengths by
casting them to guint8.
Show signed values as such.
Don't use "match_strval()" - it returns a null pointer if it doesn't
find the value in the value_string table; instead, use "val_to_str()" so
we don't blow up if the value isn't found.
svn path=/trunk/; revision=13640
will treat it as negative" problem by first calling
"tvb_ensure_bytes_exist()" - if the length is *that* large, it will run
past the end of the tvbuff, so the exception that
"tvb_ensure_bytes_exist()" will throw with a negative argument will be
the correct exception.
svn path=/trunk/; revision=13614
comment appropriately.
Make a bunch of routines static.
Don't just dissect stuff past the end of the variable portion as data -
the protocol spec doesn't appear to say there's anything after that.
Don't pass the offset to the routines to dissect the different types of
PDUs, just have them start at 0.
Use guint8 for 8-bit unsigned quantities.
Rename the routine to dissect Abort PDUs to match the other PDU
dissectors.
svn path=/trunk/; revision=13611
followed by PRIu64.
Don't use C++/C99-style comments.
Use "tvb_reported_length()" to get packet lengths - don't use
"tvb_length()", and especially don't directly refer to the "length"
field of the tvbuff.
svn path=/trunk/; revision=13609
Introduce a new init routine for plugins,
which does not take the plugin api table as an
argument and allows etheral to distinguish
between plugins using the old and the new api.
Update README.plugins accordingly
Change all g_warnings() in epan/plugins.c to report_failue().
On windows we do not have a log console open while
loading the plugins, because a log console cannot be opened before the prefs have been read. Thus g_warnings()
does not work for reporting problems with plugins.
svn path=/trunk/; revision=13596
decrypt and behold the new password in plaintext in all its glory
(given you have the keytab with the old one of course)
svn path=/trunk/; revision=13586
don't do it if we don't have the entire packet, including the
CRC value;
fetch the CRC value from the packet with tvb_get_letoh24(),
and compare that against the computed CRC, rather than comparing
the computed CRC (presumably in host byte order) with the
little-endian CRC in the packet (that doesn't work if host byte
order is big-endian).
svn path=/trunk/; revision=13571
the iscsi layer will not hold the LUN value (it is reserved)
so we need to remember if from the initial Command PDU.
make the LUN reporting work for errorrecoverylevel==0 targets
svn path=/trunk/; revision=13563
(it's now in an "ethereal" directory, so there's no need for it to have
a name that distinguishes it from files for other programs) - if it's
not found as "preferences", try "ethereal.conf" for compatibility - and
update the man pages appropriately.
Fix a typo in the section color filters (the file name is "colorfilters",
not "color filters").
svn path=/trunk/; revision=13559
- stat_infos are mantained in a GPtrArray to avoid leaking and overwriting them
- added http_host and request_uri to http_info_value_t
svn path=/trunk/; revision=13555
add infrastructure for them, and display the plugin type (which could be
both dissector *and* tap) in the list of plugins.
svn path=/trunk/; revision=13543
1) added _U_ tags in RMT dissectors to suppress "unused parameter" warnings.
2) added a dissector_add_handle("ip.udp", ip_handle) to IP dissector, to
allow the following chain of protocols: IP over UDP over IP. It seems
uncommon, but it's used by implementations of experimental protocols
(e.g. TCP-XM) that run a userspace IP stack (e.g. lwIP) over UDP. The
dissector of IP over UDP must be enabled explicitly using the "decode
as..." window.
svn path=/trunk/; revision=13540
- Avoid creating a copy of every branch at reinitialization
this used to cause some GTK warnings and a leakage of tree nodes
- propperly check the optarg to avoid getting junk in the filter text
this caused a crash
svn path=/trunk/; revision=13534
- change the tap init_string to %s,tree instead of %s,stat
- change the registration key (it used to be tapname, that disallowed to register more than one tap per protocol)
- add a "pivot" node for convenience
svn path=/trunk/; revision=13502
"decode_boolean_bitfield()" returns a "const char *" - don't cast it to
a "gchar *" and modify what it points to. Instead, just use
"other_decode_bitfield_value()".
svn path=/trunk/; revision=13494
changed the behaviour of get_addr_name:
- resolve to a name if the address supports it
- call address_to_str if it does not, but the address is valid
- return "NONE" if it is AT_NONE
svn path=/trunk/; revision=13463
there are still problems at reinit (gtk2 node->pr warns about an iterator not been OK)
set up propperties of the given files
svn path=/trunk/; revision=13448
on scsi.lun and prettify the summary line a bit.
ndmp still needs some work to track luns between commands
and fcp needs verification it works for volumesetaddressing.
svn path=/trunk/; revision=13420
make it possible to prettify SIDs and control how and where their string representation should be shown in the summary line and the tree
similar to how counted_strings prettification can be controlled
svn path=/trunk/; revision=13413
files. Do this with GENERATED_HEADER_FILES, GENERATED_C_FILES, and
GENERATED_FILES macros in Makefile.common files, along the lines of what
wiretap/Makefile.common has.
Clean up "*~" files with "make clean" rather than only "make distclean"
in some additional places.
Add "maintainer-clean" rules to the Makefile.nmake files, paralelling
the ones in the automake-generated Makefile.in files, using the
GENERATED_FILES macros from Makefile.common files. In some cases, move
the cleanup of files from "make distclean" to "make maintainer-clean",
and in other cases, put in a comment indicating why we're not doing that
(because some files that are distributed in the source tarballs, namely
Flex output, were built with a UN*X Flex and won't compile on Windows,
so we get rid of them with "make distclean" so you can clean up stuff
that *has* to be re-generated for Windows).
Clean up some *CLEANFILES definitions - get rid of ones that no longer
apply as files were moved or that add to the definition a name that's
already there.
svn path=/trunk/; revision=13402
object code for libethereal.dll isn't generated by the
makefile in /trunk.
Having no code in /trunk linked into libethereal.dll
anymore, the definition of the macro _NEED_VAR_IMPORT_
can be moved from various source files in /trunk to /trunk/Makefile.nmake .
So do that, too.
svn path=/trunk/; revision=13389
BSSGP:
- Does not dissect the LLC-PDU twice
LLC:
- Add CRC calculation to differ between ciphered and non-ciphered packets without taking care about the encryption bit.
This solves crashes when the option "ignore ciphere bit" was activated
GMM/SM:
- Dissect detach_type now correctly ( fixed by Miklos Szurdi )
- Dissect timer correctly ( fixed by Miklos Szurdi )
- Update SM causes for Release 6 ( Miklos Szurdi )
- Update service_type for Release 6 ( Miklos Szurdi )
- Rearange pco code like Guy Harris has suggested ( Guy Harris )
- reimplement dissection of IPv4 and IPv6 addresses
- Fix offset in pdp_addr
- Fix offset in Traffic Flow Template (tft)
svn path=/trunk/; revision=13386
BSSGP:
- Does not dissect the LLC-PDU twice
LLC:
- Add CRC calculation to differ between ciphered and non-ciphered packets without taking care about the encryption bit.
This solves crashes when the option "ignore ciphere bit" was activated
GMM/SM:
- Dissect detach_type now correctly ( fixed by Miklos Szurdi )
- Dissect timer correctly ( fixed by Miklos Szurdi )
- Update SM causes for Release 6 ( Miklos Szurdi )
- Update service_type for Release 6 ( Miklos Szurdi )
- Rearange pco code like Guy Harris has suggested ( Guy Harris )
- reimplement dissection of IPv4 and IPv6 addresses
- Fix offset in pdp_addr
- Fix offset in Traffic Flow Template (tft)
svn path=/trunk/; revision=13385
of 0 to be dissected as STUN packets, to support dissecting of
application that follow the ICE methodology described in
draft-ietf-mmusic-ice-03.
Remove some extra spaces at the end of tags for preferences.
svn path=/trunk/; revision=13356
Find attached a patch for "Voip analysis" to get the LRQ/LCF/LRJ messages included in the H323 calls for Gatekeeper to Gatekeeper configurations
svn path=/trunk/; revision=13337
"datafile", and code in epan/filesystem.c expectes DATAFILE_DIR to be
set to the "ethereal" subdirectory of the data directory, not to the
data directory itself.
svn path=/trunk/; revision=13322
Update conversation_new and find_conversation in plugin_api_list.c and
associated files.
Add packet-dcerpc-butc.h to the distribution.
svn path=/trunk/; revision=13288
and the prototype idl compiler.
this is not ready for wide use yet but is useful with a svn area where we can sync our changes to the compiler.
svn path=/trunk/; revision=13280
>From autoconf.info:
In order to support these features, it is essential that `datadir'
remains being defined as `${prefix}/share' to depend upon the current
value of `prefix'.
A corollary is that you should not use these variables except in
Makefiles. For instance, instead of trying to evaluate `datadir' in
`configure' and hard-coding it in Makefiles using e.g.,
`AC_DEFINE_UNQUOTED(DATADIR, "$datadir")', you should add
`-DDATADIR="$(datadir)"' to your `CPPFLAGS'.
svn path=/trunk/; revision=13275
Attached please find a small performance optimization to packet-ip.c,
which removes multiple redundant calls to tvb_get_ptr().
Changed srt_addr and dst_addr from char to guchar
svn path=/trunk/; revision=13272
Please find attached a small patch for CoSine L2 debug dissector. The
code used to incorrectly select the first 4 octets in the tvbuff. This
patch fixes this problem.
svn path=/trunk/; revision=13271
Do not add target address if the packet is a Request. According to the RFC,
target addresses in requests have no meaning
svn path=/trunk/; revision=13269
Patch for graphing ISUP calls. It shows the type of message,
in the first one the calling and called numbers, and in the second the SPs
and CIC; in releases it shows the cause value.
svn path=/trunk/; revision=13263
1) Added a setup_frame parameter to conversation_t
2) Used the conversation_t next to maintain a list of conversations with the
same src/dest tuple but different setup_frame number.
3) Changed the signature of find_conversation() and conversation_new() to pass
in the frame number.
4) Adjusted packet-sdp to select RTP conversation if both m=audio and m=image
are present, and T.38 conversation if only m=image is present. I expect that
RTP/T.38 dissecting to be better, but I don't have a way to generate T.38
packets.
svn path=/trunk/; revision=13243
Guy Harris