called by "dissect_lapbether()". "packet-lapbether.c" included
"packet-lapb.h", to get "dissect_lapb()" declared, but that header file
doesn't exist.
Dissectors should call other dissectors indirectly, so have the LAPB
dissector register itself and have the LAPB-over-Ethernet dissector get
that handle and call the LAPB dissector through that handle, rather than
making the LAPB dissector non-static and adding a "packet-lapb.h" header
to declare it.
Remove some unnecessary includes from "packet-lapbether.c".
svn path=/trunk/; revision=2799
the parent tvbuff, we have to set "pinfo->len" and "pinfo->captured_len"
unless we know for certain that *no* old-style dissectors will be called
later, because old-style dissectors get their length information from
"pi.len" and "pi.captured_len".
svn path=/trunk/; revision=2795
Add a new subdissector table in the LLC dissector for protocol IDs with
a Cisco OUI, and register the CDP, CGMP, and VTMP dissectors in that
table, rather than calling them via a switch statement.
Register the ISL dissector by name, and have the Ethernet dissector call
it via a handle.
Fix the handling of the checksum field in the CDP dissector.
The strings in CDP are counted, not null-terminated; treat them as such.
Fix the handling of the encapsulated frame CRC, and the encapsulated
frame, in the ISL dissector, at least for Ethernet frames; it may not be
correct for encapsulated Token Ring frames.
svn path=/trunk/; revision=2792
doesn't work like the read timeout in BPF - the timer doesn't start
until at least one packet has arrived.
I think that's the way read timeouts should work on *all* packet capture
mechanisms, but it does mean that Solaris will, on a quiet net, exhibit
the same symptoms that Linux used to exhibit before we put in a
"select()" call to wait until either packets arrive or a timer expires -
the "pcap_dispatch()" call blocks until a packet arrives, so the display
doesn't get updated and Ethereal doesn't respond to user input until a
packet arrives.
Furthermore, Linux isn't the only OS that lacks any read timeout
on its packet capture mechanism; the others will also have that problem.
We therefore do the "select()" on *all* platforms other than the BSDs
(where the timer starts when the read is done, and can be used for
polling); I don't know whether it's necessary on Digital UNIX, but I
suspect it's necessary on SunOS 4.x (as the 5.x "bufmod" is probably
derived from the 4.x one, and the 5.x one, as per the above, starts the
timer when a packet arrives), and it may even be necessary on 3.x, those
(BSD, SunOS including 5.x, and Digital UNIX) apparently being the only
UNIXes that appear to have such a read timeout.
svn path=/trunk/; revision=2790
on it, such as the exit status if it exited "normally" but unexpectedly.
On UNIX systems, #define the various POSIX <sys/wait.h> macros (and the
non-POSIX WCOREDUMP()" macro) if they're not defined by <sys/wait.h> (or
if we don't have <sys/wait.h>), and use them to dissect the exit status.
svn path=/trunk/; revision=2788
Change them to use facilities in Ethereal that were probably not present
when they were originally written, e.g. routines to fetch 24-bit
integers and to dump a bunch of raw bytes in hex.
Redo them to extract data from the packet as they dissect it, rather
than extracting an entire data structure at once; that way, it may be
able to dissect a structure not all of which is in the packet.
Dissect a bit more of the type-of-service metrics etc. in OSPF packets.
Make "tvb_length_remaining()" return a "gint", not a "guint"; it returns
-1 if the offset is past the end of the tvbuff.
Add a "tvb_reported_length_remaining()" routine, similar to
"tvb_length_remaining()". Use it instead of just subtracting an offset
from "tvb_reported_length()".
svn path=/trunk/; revision=2787
"tvb_length_remaining()" will return -1 if the offset argument is past
the end of the tvbuff; check for values > 0, not values != 0, when
checking to see if there's extra garbage at the end of the packet.
svn path=/trunk/; revision=2786
NUL-terminated string, starting at a given offset. The size includes
the terminating NUL. If it doesn't find the terminating NUL, it throws
the appropriate exception, as either there's no terminating NUL in the
packet or there is but it's past the end of the captured data in the
packet.
Use that routine in the TFTP dissector. As it throws an exception if
the string isn't NUL-terminated, we can just use "%s" to print option
strings; we don't need to use "%.*s" with a string length.
svn path=/trunk/; revision=2783
make it a bit of a pain to set their values on the command line (you
have to quote the name). Use underscores instead.
Give the gateway and callagent port preferences different names.
Fix up the text descriptions and labels for those preferences.
svn path=/trunk/; revision=2782
1) checks to make sure that the terminating '\0' is found in the
string, and throws a BoundsError exception if it isn't (TFTP
packets should fit in a single frame, so if the '\0' isn't
found, that's an error);
2) adds 1 to the length to include the trailing '\0';
and use it to find all string lengths, so that we properly handle short
or malformed frames.
svn path=/trunk/; revision=2778
"asn1_string_value_decode()", as it can be used for various character
string types as well.
Turn "asn1_octet_string_decode()" into "asn1_string_decode()", which
takes an additional argument giving the tag expected for the string in
question, and make "asn1_octet_string_decode()" a wrapper around it.
Clean up the ASN.1 dissection in the Kerberos dissector, making more use
of the code in "asn1.c", wrapping more operations up in macros, and
doing some more type checking.
Use "REP" rather than "RESP" in names and strings; "REP" is what the
Kerberos spec uses.
Make the routines in the Kerberos dissector not used outside that
dissector static.
Fix some problems with the dissection of strings in the Kerberos
dissector (it was extracting the data from the wrong place in the
packet).
In Kerberos V5, the "kvno" item in the EncryptedData type is optional;
treat it as such.
Treat integers as unsigned in the Kerberos dissector.
svn path=/trunk/; revision=2777
fractions of a second (the resolution is 1/2 second).
In the bitfield breakdown of the flags/type field of a CLNP PDU, report
the PDU type as a name rather than as an abbreviation.
svn path=/trunk/; revision=2776
version of libpcap; that's used on Linux for captures on the "any"
device (which captures from all interfaces simultaneously) and for
captures on devices whose link-layer type libpcap doesn't (yet) support
natively.
The spanning tree code, when checking for GV{M,R,...}P packets, must
first check whether the link-layer destination address is, in fact, an
Ethernet-style address; on Linux cooked captures, there *is* no
destination address, so it's of type AT_NONE, not AT_ETHER.
svn path=/trunk/; revision=2772
Make sure that if _gtime is null, a bad format message returned.
Also noticed that I am going to have to do something about Unicode strings soon and the SMBopenX dissect is slightly wrong ... Oh well, it is the Xmas break soon :-) No rest for the Wicca'd (please don't interpret that as a statement of my religious affiliation, it is just a cute saying :-)
svn path=/trunk/; revision=2764
replace the existing checksummer with a modified version of the BSD
checksumming code. Add a flag to the "packet_info" structure to
indicate that a packet is the first fragment of a fragmented datagram,
so that the checksummers won't try to checksum those.
(It doesn't seem to add a lot of CPU overhead, so we don't introduce a
flag to disable it, yet. Further checks may be necessary to see whether
the overhead is just swamped by other overheads when scanning through a
capture dissecting all frames, or if it truly is negligible.)
Make the Boolean preference option controlling whether to make the
top-level protocol tree item for TCP display a packet summary static to
the TCP dissector (it doesn't need to be accessible outside the TCP
dissector).
svn path=/trunk/; revision=2751