While it does make packet-sigcomp.c much bigger, there's no reason for it to be in epan directory.
Change-Id: I2d78c32de1d56e76578e610d4df586b5610d1b49
Reviewed-on: https://code.wireshark.org/review/6682
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Do not make any assumption on the endianness: not all hosts running Wireshark are little endian
Change-Id: I8792904f7000b4f2b9e44ffe41f350ba8b4932d4
Reviewed-on: https://code.wireshark.org/review/6693
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Change-Id: I4d7d1826391b0ac12ef6ad184e7c79d279db5e28
Also: remove some dead initializers.
Reviewed-on: https://code.wireshark.org/review/6688
Reviewed-by: Bill Meier <wmeier@newsguy.com>
(Bugs were introduced in gf5e2b42);
Misc:
Localize a few variables;
Remove some dead initializers.
Change-Id: Ib7493740ecf29ed9f753475f721b47a64f54a278
Reviewed-on: https://code.wireshark.org/review/6687
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Only display dissect of Modem Capabilites when sub option = 5
Actually, it is always display when ftype == special (like sub option = 0)
Change-Id: I5b75654b750bae5ae5022adcb5e8dd055ce6b291
Reviewed-on: https://code.wireshark.org/review/6519
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Caught by ASAN (thanks Alexis!)
Change-Id: Ibbe2c405ba1a3ba0d5a5b9ffff9e95282526028b
Reviewed-on: https://code.wireshark.org/review/6652
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Revert to the older code, but just show the time as "Not representable"
if gmtime() fails.
Change-Id: I435facc042e3ca35fb07292a4b2657ccdfd02abb
Reviewed-on: https://code.wireshark.org/review/6672
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Id5e5efea46e9ff6196607e56f0212fb083e8635c
Reviewed-on: https://code.wireshark.org/review/6670
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
add a length paramenter to the body dissection functions in the apdu table
Change-Id: I4abbd9078fd36385a816963ab042f443e3c26b60
Reviewed-on: https://code.wireshark.org/review/6669
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I3dc0f58b4861a08be687214cae9c6681ebcac286
Reviewed-on: https://code.wireshark.org/review/6668
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
define an apdu table with the direction, minimum length
and a fuction to dissect the apdu payload
set the source and destination address columns depending on the apdu
add some entries to the apdu table
Change-Id: I52bd15bfab7bbe6c97dfe64084e69a51e65a8a6e
Reviewed-on: https://code.wireshark.org/review/6667
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I520b38ed37b2d16d9a15f57b8e83b0b59c9a528c
Reviewed-on: https://code.wireshark.org/review/6666
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
and not each time prefs are changed.
Also: do minor whitespace changes.
Change-Id: I04bfc212e288473a78113e8b124ce4a13ad74ad1
Reviewed-on: https://code.wireshark.org/review/6663
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Don't do manual conversion of a time-field to UTC using gmtime().
Use the standard Wireshark mechanisms.
Change-Id: I2eaee074a590ecab492336bb6ad794bdd036f699
Reviewed-on: https://code.wireshark.org/review/6661
Reviewed-by: Bill Meier <wmeier@newsguy.com>
For FT_ABSOLUTE_TIME fields:
Instead of calling gmtime()/mktime() to convert a time to UTC time
which is then displayed using proto_tree_add_time(),
Use ABSOLUTE_TIME_UTC as the 'display' value for the field and then
display the field using proto_tree_add_item().
Change-Id: I1926c40de76a86072437902cb7621d3873827b11
Reviewed-on: https://code.wireshark.org/review/6659
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Wrong offset (14 -> 20) to get IP Address Legnth
Issue Reported by Rui
Bug: 10873
Change-Id: Ib7aa80ac78028a2c8d548f4030278166be9ed0cc
Reviewed-on: https://code.wireshark.org/review/6657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
With this patch we want to enable a better support of POWERLINK
as a protocol for people who have to perform network diagnostics using
analyzing tools. Up until now, the main tool used was Omnipeek.
Now wireshark will be used more and more, due to the new extcap
infrastructure, which supports debug tools to be added as capture
devices.
To better facilitate that change, we have adapted the textual
representation of the Omnipeek dissector for POWERLINK, as it
allows for a faster and simpler diagnosis routine.
Additionally the name of the protocol has been changed to it's
correct name "POWERLINK" as this is the official name used by
EPSG for describing the protocol.
Changelog:
- Add error code definitions and string values.
- Change name for protocol column to POWERLINK which is more commonly
used than EPL.
- Reformat output in info column to look like output the output of
the POWERLINK plugin for Omnipeek. This facilitates the transition
to Wireshark. The added information and changed output improves the
debugging of POWERLINK nerworks.
Change-Id: I795e2487f2ae7af6b90c29366a1843c9fabffa85
Reviewed-on: https://code.wireshark.org/review/5581
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
To check if a payload is json, the library libjsmn has been added to the source tree, with its licence (MIT).
TODO: the libjsmn can be used to extract tokens in the standard dissection other than heurisitic part.
HPFEEDS dissector has also been changed in order to leverage the new json dissector.
Bug: 10834
Change-Id: Ib1df2a699982dbdd2b5418e97edbdb5cbd9c8978
Reviewed-on: https://code.wireshark.org/review/6350
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TCAP permits the changing of the originating address on the first
backwards continue (i.e. the establishment of the dialogue).
See ITU-T Q.771 (06/97) clause 3.1.2.2.2.2 Confirmation of the dialogue.
In practice, a BEGIN replied to with an END can also exhibit this behaviour.
For example, a BEGIN from GT A TID TA -> GT B,
and the reply CONTINUE from GT B2 TID TB -> GT A TID TA.
To support this, only support a single address hash in
tcaphash_begin_info_key_t and tcaphash_end_info_key_t.
The match of the first CONTINUE should find the appropriate
tcaphash_begin and create the appropriate tcaphash_end entries.
Also fix compile warning with DEBUG_TCAPSRT.
Bug: 10841
Change-Id: Ibe75e3940e757727357b20be10f9c195c5888fdd
Reviewed-on: https://code.wireshark.org/review/6446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changes: Number of small changes to the xml file:
- some fields being connected to the wrong message version
- some header field naming
Change-Id: I062c31777a4193de3d5c44b0ba733dd9d1702352
Reviewed-on: https://code.wireshark.org/review/6602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
some commercial IPTV streamers send bogus info in the extension headers, add some sanity check to skip the erroneous bytes.
Bug: 10513
Change-Id: I6f20073a00ed0f791fa99701534360d304060053
Reviewed-on: https://code.wireshark.org/review/6606
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are a few oid functions that are only called in oids_test.c. I'll presume the APIs are used in proprietary dissectors rather than just remove them.
Change-Id: I4595e00f93bf9ab8cf2493fe0432b91960f55a3f
Reviewed-on: https://code.wireshark.org/review/6592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, remove some no-longer-existent functions from checkAPIs.pl.
Change-Id: I2bf11e3ec03a34f9e89d58d560e340d76fd3ddc1
Reviewed-on: https://code.wireshark.org/review/6645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(The se_ stuff wasn't as contiguous as I thought.)
Also fix some comments to no longer refer to #defines for se_ stuff.
Change-Id: Ibc53e6f0f135bee9795f98550d5242e8e58afb16
Reviewed-on: https://code.wireshark.org/review/6641
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Don't check for se_ routines in checkAPIs; the failure to compile or
link will suffice to catch attempts to use them.
Update comments in another test script to reflect the disappearance of
the session allocator.
Change-Id: If50d953c7130f48b696bc2dd9d327bea2af49bd4
Reviewed-on: https://code.wireshark.org/review/6638
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Get rid of references to ep_ and se_ allocation in code that now uses
wmem allocation instead.
Fix API documentation of conversation_table.h routines to reflect that
as well - some APIs changed to pass wmem scopes.
Also, zbee_sec_key_hash() now takes the output buffer as an argument and
just returns it, and nobody actually uses the return value, so change it
to return void.
Change-Id: Ife1ec675a9322fd0f0be306a9d639ec17aad1c7a
Reviewed-on: https://code.wireshark.org/review/6636
Reviewed-by: Guy Harris <guy@alum.mit.edu>
They (should) all be strictly within the context of dissection, so can just
become packet_scope.
Change-Id: Iaaa733628132f3ee3f1597f3df956e44080734f6
Reviewed-on: https://code.wireshark.org/review/6631
Petri-Dish: Evan Huus <eapache@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
the DISSECTOR_ASSERT macro and friends are all guaranteed to be called within
the scope of a dissection, so they are safe to replace with wmem_packet_scope.
Change-Id: I2684fb902da78d50aca5f4644df66c060caff625
Reviewed-on: https://code.wireshark.org/review/6629
Reviewed-by: Evan Huus <eapache@gmail.com>
This is the last remaining use of se_ memory APIs.
Change-Id: Ic0508a830bc5460bc743d21eb33ffdd7f4ce2eb5
Reviewed-on: https://code.wireshark.org/review/6574
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I3499c2f9e07a960f8bdf83973693bdeb4fb4ebd9
Reviewed-on: https://code.wireshark.org/review/6630
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>