- NetrJoinDomain2 and NetrUnJoinDomain2 (can be used to remotely join a
machine to an Active Directory domain, typically with the JOIN and
UNJOIN of the netdom utility)
- NetrRenameMachineInDomain2
- NetrAddAlternateComputerName and NetrRemoveAlternateComputerName
(operations added in Windows XP)
All these operations carry a blob (524 bytes) containing an encrypted
version of the password of the account with domain administration
credentials, currently displayed as hex data because the format of this
blob is currently unknown (at least, for me).
svn path=/trunk/; revision=11142
and "Decode As" dialogs (so that you can cut down the size of the
protocol lists in those dialogs by disabling "uninteresting" protocols).
svn path=/trunk/; revision=11132
(always as strings, always as raw bytes, or as strings iff all bytes are
printable ASCII), and put the destination and source TSAPs into the
protocol tree so they can be filtered on.
svn path=/trunk/; revision=10978
- full support for "Wake Up" and "Security Parameter Recovered" messages
- full support for IPsec (additionally to SNMPv3) DOI
- add descriptive text to the info column (COL_INFO)
- proper FT_BOOLEAN type for "Re-establish" and "ACK required" flags
- proper item length for "PacketCable" (top-level), "List of ciphersuites"
and "Application Specific Data"
- minor cleanup
svn path=/trunk/; revision=10965
add a config.nmake option to control whether to build
libethereal.dll or not;
remove "./wiretap" from PATH to prevent problems due to
wrongly-loaded files;
build dissector.lib with MSVC;
move "print.c" and "ps.c" to the dissector helpers, as "print.c"
imports variables from packet-frame.c and packet-data.c, which
are in libethereal;
move "g711.c" out of the dissector helpers, as they're used only
by Ethereal in a tap, not in Tethereal or in any dissector;
add a .def file for libethereal;
arrange to declare global variables exported from libethereal
with "__declspec(dllimport)" when building programs that import
those variables;
update the NSIS installer.
Make the "configure" script define ETH_VAR_IMPORT as "extern".
svn path=/trunk/; revision=10834
also make isns not dump core just because someone has encoded an integer in 0 bytes.
still need to add reassembly of fragmented pdus (first fragment/last fragment)
but have example captures of that so thats for tomorrow.
svn path=/trunk/; revision=10805
media dissector for a given media type (value of a Content-Type header)
must provide the logic to fall-back to this media dissector upon no match.
Note that you must set the pinfo->match_string to the media type name,
and if the media type is specified with parameters, then those parameters
can be added to pinfo->private_data. If there are no parameters, or the
parameter decoding is not implemented, you must set pinfo->private_data
to NULL.
Known TODOs:
- Fix the WSP parameter handling so it accompanies any media dissector.
Simplest approach is to retrieve the header field label from the WSP
Content-Type field and to search for a semicolon in it (or by using
the string length of the content type string representation).
- Verify that that subdissection always works in the WSP dissector,
even when the protocol tree is not being built.
- Implement the media dissector in the remaining dissectors that use the
media type string table.
svn path=/trunk/; revision=10743
Dissection of the EncryptedFileSystem dce/rpc interface.
This dissector also contains a complete and fully tested IDL definition for
the entire interface.
svn path=/trunk/; revision=10734
ANSI and GSM MAP stats enhancements and cleanups;
enhanced parameter dissection related to SS for GSM A-interface
and MAP;
minor GSM SMS fix;
GSM SS enhancements for parameter dissection;
MTP3 statistics tap.
svn path=/trunk/; revision=10655
own modified Per-VLAN STP, so there's some extra stuff at the end of the
packet that needs to be decoded).
Indicate in a comment in packet-cisco-oui.c what PVSTP is.
svn path=/trunk/; revision=10589
- in decoding of replies: 0 is not an unknown opcode, it means that the
request was unseen or that the opcode of the request is unknown
(e.g. due to unseen / undecoded QueryExtension replies)
- add special processing for QueryExtension requests & replies in order to
store new opcodes in a value_string of opcodes saved per conversation
- try to resynchronize sequence number once at first reply if no initial
connection request was seen
- add decoding of SendEvent request
- add decoding of many replies (AllocColor, GetInputFocus, GetGeometry,
GetPointerControl, GetScreenSaver, GetSelectionOwner, GrabKeyboard,
GrabPointer, InternAtom, ListProperties, LookupColor, QueryBestSize,
QueryKeymap, QueryPointer, TranslateCoordinates)
- fix decoding of EnterNotify / LeaveNotify events
- add decoding of most events (FocusIn, FocusOut, Expose, GraphicsExpose,
NoExpose, VisibilityNotify, CreateNotify, DestroyNotify, UnmapNotify,
MapNotify, MapRequest, ReparentNotify, ConfigureNotify, GravityNotify,
ResizeRequest, CirculateNotify, CirculateRequest, PropertyNotify,
SelectionClear, SelectionRequest, SelectionNotify, ColormapNotify,
ClientMessage)
- miscellaneous changes & code cleaning
svn path=/trunk/; revision=10442
GSM A facility element decoding;
make TCAP dissector export routines for use by various GSM
dissectors;
make GSM MAP dissector use exported TCAP routines/defines;
GSM Supplementary Services support.
svn path=/trunk/; revision=10409
* Correct the version checks (use path expansion
rather than regular expressions, and fail if the
tools are not installed at all).
* Make it possible to specify other names for the
auto* tools to use (e.g., automake-1.6 instead
of automake).
svn path=/trunk/; revision=10383
date/time IE, so support IE lengths of 5 (no seconds) or 6 (includes
seconds).
Merge the two AUTHORS and man page entries for him.
svn path=/trunk/; revision=10089
"congestion" bit for ECN. Show it as a reserved bit.
Put semicolons, not commas, at the end of the calls to put flags field
bits into the protocol tree.
svn path=/trunk/; revision=10087
* Added decoding of Transport type/trigger
* Updated service code's text to match specification
* Added new vendor IDs from ODVA
* Added service etc to info column, formatted info column for
easier overview
* Added actual time out calculation for Forward close,
Unconnected send
* Fixed bug, port not shown for extended addresses
* Added Network Segment to EPATH decode
* NOP packets not decoded as they contain Common data Format
svn path=/trunk/; revision=9979
dissectors for protocols that put non-802.3 packets inside 802.3 frames
can intercept 802.3/Ethernet frames before they're dissected as
802.3/Ethernet packets.
svn path=/trunk/; revision=9976
into "lapd_sapi.h". Use that to register the Q.931 dissector atop LAPD.
From Rolf Fiedler: ISDN TEI management frame support.
svn path=/trunk/; revision=9864
Support for dissection of concatenated SMPP PDUs.
Also:
Add more information to the protocol tree summary.
Clean up the white space so it's in-line with the conventions
of the original author (8-space tabs, 4-space indentations).
svn path=/trunk/; revision=9696
add 3 new vendors;
add 3 non-encapsulated Merit vendor-specific attributes;
display the authenticator in the protocol tree.
svn path=/trunk/; revision=9651
add parsing of message token (Unicode and regular);
add parsing of error token (Unicode only - do not have a non Unicode
sample. Anyone?);
add parsing of done token (only minimal actually);
add parsing of Collation Information structure in Environment
Change token.
svn path=/trunk/; revision=9549
NOTE: I propose to use packet-MIME-TREE for future media types that will be
added to Ethereal (E.g., packet-image-png.c).
svn path=/trunk/; revision=9437
From Anders Broman: patches to various makefiles and configure scripts
to build the V5UA dissector, and patches to make it compile.
From me: .cvsignore file, and NSIS patches.
svn path=/trunk/; revision=9311
we've gone through the trouble of finding the path, we should use it,
and if the user explicitly said where it is, we should *definitely* use
it), and add the output of "$NETSNMPCONFIG --cflags" to CFLAGS and
CPPFLAGS before searching for Net-SNMP headers, so we check the
appropriate directory for them.
svn path=/trunk/; revision=9303
From Michael Lum:
Modified for better TCAP separation, fixed EOC handling (a la
TCAP).
Added parameter parsing (although not dissection or naming).
svn path=/trunk/; revision=9160
correct and enhance support for RSVP FAST_REROUTE and DETOUR
objects (source: draft-ietf-mpls-rsvp-lsp-fastreroute-03.txt);
support an RSVP SESSION_OBJECT object with ctype = 1. This
object contains resource affinities (source: RFC 3209).
svn path=/trunk/; revision=8913
* Use function reference arrays for header parse function lookup
(avoids switch())
* Use macros for the common parts of the header parse functions
* Use macros for identical header dissection functions
* Implement many missing header parse functions
* Automatic header parse error notification
* Some minor edits
* Add HTTP equivalents to WSP status codes
svn path=/trunk/; revision=8865
- Dissector for FICON
- Dissector for FC-SP (Security Protocol for Fibre Channel)
- Patches to correct the reassembly of FC fragments.
- Support for new MDS Port Analyzer Adapters that carry the
frame length for truncated frames.
svn path=/trunk/; revision=8823
any string pointed to by the preference variable - as the value we set
it to is allocated, we should free it after registering the preference.
The register routine is called only once - don't worry about whether
"gbl_diameterDictionary" is null or not.
Get rid of a duplicate credit entry in the man page.
svn path=/trunk/; revision=8813
Add a preference to control whether the "File > Open" dialog box
should start out in the last directory in which it looked - and
save that in the preferences file across invocations - or should
always start out in a user-specified directory, and add another
preference to specify that directory.
Write out section name comments into the preferences file.
Clean up white space a bit.
svn path=/trunk/; revision=8699