32-bit integers and 64-bit pointers, so it needs to be handed a guint
(or equivalent type); it doesn't suppress warnings about 8-bit or 16-bit
integers, so those have to be cast up to guint first.
svn path=/trunk/; revision=53630
From Michal Labedzki.
1. Bluetooth: HFP: Fix recognizing roles. There is need to check which side SDP record is, then it is possible to recognize roles.
2. Bluetooth: RFCOMM/HFP: Fix recognizing services and roles. Direction bit means only that device is initiator of connection or not. But need information who is owner of connection (remote device or localhost), so use this information from L2CAP.
3. Bluetooth: HFP: Fix unexpected expert info
4. Bluetooth: HCI: Set addresses to host/controller. Also optimize a little handing of dissectors handles.
svn path=/trunk/; revision=53628
From Michal Labedzki
From me:
Have #defines in packet-usb.c because they are only used in the module.
Break out the value computation so that it can be properly wrapped in GUINT_TO_POINTER without adding more complexity.
svn path=/trunk/; revision=53625
The solution was to move the itlq_nexus_t structure handling from the FC dissector to the FCS dissector since it's actually the one with the LUN field. OXID+LUN makes a unique exchange at FC layer so track that separately. Also needed some additional OXID->LUN mapping at the FC layer to keep LUN correctly persistent.
Not backporting because this was partially made possible by r53569, which won't be backported.
svn path=/trunk/; revision=53620
(sort associated value_string arrays as needed);
- Use new VALUE_STRING_LIST mechanism/macros to
create enums and value_string arrays for:
WERR_errors, DOS_errors, SRV_errors, and HRD_errors;
- Declare certain global value_string arrays as static (local)
and use global extended value_strings to reference same;
(e.g., ms_coiuntry_codes value_string_array)
- Rename SMBE_... defs used in several different value_string arrays
to prevent potential name collisions:
( e.g., for SRV_errors: SMBE_... ==> SMBE_SRV_...)
Done for value_string arrays: DOS_errors, SRV_errors, HRD_errors;
- WERR_errors value_string array:
Note that WERR associated defs no longer exist in the latest samba doserr.h.
(The WERR_errors defs were originally generated from the samba doserr.h).
For now: WERR_errors kept as is.
- ToDo: Fix PIDL-generated dcerpc dissectors to use NT_errors_ext
and WERR_errors_ext extended value_strings.
- Add editor modelines to a few files.
- Make whitespace changes.
svn path=/trunk/; revision=53614
Add QUERY_FS_INFO info level SMB_QUERY_POSIX_WHOAMI
from me
remove unnecessary if(tree) checks
add one check before guint16 *bcp is decremented
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9475
svn path=/trunk/; revision=53598
Comment out an unused variable definition;
Do some whitespace changes & several other minor changes;
Add editor modelines.
svn path=/trunk/; revision=53578
Use 'offset += 1' instead of 'offset++' for consistency;
Replace 32767 (as a mask) with 0x7FFF for clarity;
Remove some unneeded boilerplate comments;
Do whitespace changes.
svn path=/trunk/; revision=53577
and also DT1s. Update the preference text to reflect that.
(Don't change the actual preference name to avoid breaking backward
compatibility.)
svn path=/trunk/; revision=53576
Move value_string array definitions from .h to .c file
(value_string definitions should never be in a .h file);
Add XXX comments re value_string arrays containing
duplicate values [ptp_opcode_names & ptp_respcode_names];
Remove unneeded #includes (stdio.h, stdlib.h & string.h);
Remove some unneeded initializers;
Add editor modelines.
Do some whitespace & long-lines changes;
svn path=/trunk/; revision=53570
Add an XXX comment noting that the 'ndps_error_types' array has a
number of duplicate values; Also note the commenting out of those
dups which would not have been found via a linear search in the
original unsorted array.
svn path=/trunk/; revision=53558
effort to figure out whether they *are* used (and there's no point in it
doing so - might as well just flag them preemptively).
pidl can't handle this, at least not on OS X, as it's not handling the
C++/C99-style dissectors in the IDL for NSPI, so we manually put the
_U_s back.
svn path=/trunk/; revision=53554
the result of pidl on dce.idl.
(We can't just regenerate it, as there are some pidl bugs that cause bad
code to be generated.)
svn path=/trunk/; revision=53541
suggest using our version of pidl, given that its Wireshark
parser generator has changes to support the current internal
Wireshark APIs for dissectors;
suggest using "--includedir ." to make IDL files in
subdirectories of epan/dissectors/pidl work;
update the list of IDL files with issues;
reformat to 80x66 (if it's good enough for Herman Hollerith,
it's good enough for me!).
svn path=/trunk/; revision=53533
again (and some various other improvements):
Rebuild the dissector with the latest xcbproto and mesa.
Subject: [PATCH 01/11] X11 dissector: Support CARD64 and INT64 types
These types are used by the new Present extension.
Subject: [PATCH 02/11] X11 dissector: Un-blacklist a few structures
The xinput structs are used by the latest xcb/proto, and the xkb
struct has been removed.
Subject: [PATCH 03/11] X11 dissector: Add hack for xinput:ChangeProperty
xinput:ChangeProperty should use switch/case, but only switch/bitcase
is supported at the moment. Add (hopefully temporary) hack.
Subject: [PATCH 04/11] X11 dissector: Use namespace for types
In particular, the name of the xsync struct 'INT64' collides with a
basic type of the same name.
Subject: [PATCH 05/11] X11 dissector: Add support for "Generic" events
All new extensions are using the new "Generic" events instead of
traditional events, because there aren't enough traditional event
numbers.
Denoted by <event xge="true"> in xcb/proto.
Subject: [PATCH 06/11] X11 dissector: Blacklist unused structures
Subject: [PATCH 07/11] X11 dissector: Support multiple enumref in a bitcase
XKB is weird.
Subject: [PATCH 08/11] X11 dissector: Support sumof
Subject: [PATCH 09/11] X11 dissector: Stop generating unused-but-set variables
(This patch also reverts r53298/r53299.)
svn path=/trunk/; revision=53532
again (and some various other improvements):
Rebuild the dissector with the latest xcbproto and mesa.
Subject: [PATCH 01/11] X11 dissector: Support CARD64 and INT64 types
These types are used by the new Present extension.
Subject: [PATCH 02/11] X11 dissector: Un-blacklist a few structures
The xinput structs are used by the latest xcb/proto, and the xkb
struct has been removed.
Subject: [PATCH 03/11] X11 dissector: Add hack for xinput:ChangeProperty
xinput:ChangeProperty should use switch/case, but only switch/bitcase
is supported at the moment. Add (hopefully temporary) hack.
Subject: [PATCH 04/11] X11 dissector: Use namespace for types
In particular, the name of the xsync struct 'INT64' collides with a
basic type of the same name.
Subject: [PATCH 05/11] X11 dissector: Add support for "Generic" events
All new extensions are using the new "Generic" events instead of
traditional events, because there aren't enough traditional event
numbers.
Denoted by <event xge="true"> in xcb/proto.
Subject: [PATCH 06/11] X11 dissector: Blacklist unused structures
Subject: [PATCH 07/11] X11 dissector: Support multiple enumref in a bitcase
XKB is weird.
Subject: [PATCH 08/11] X11 dissector: Support sumof
Subject: [PATCH 09/11] X11 dissector: Stop generating unused-but-set variables
(This patch also reverts r53298/r53299.)
svn path=/trunk/; revision=53531
Part of the fix includes having the IPv6 dissector populate as much of a ws_ip structure as possible to pass to subdissectors of the "ip.proto" table, so the ttl value can be picked up.
svn path=/trunk/; revision=53522
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
We presumably want "decode as" behavior to be consistent across UIs so
call load_decode_as_entries() from read_prefs().
svn path=/trunk/; revision=53498
Fix 2 minor bugs wherein an incorrect (NULL) tree was always used;
Remove some unneeded initializers;
Localize some variables;
Use consistent indentation & whitespace formatting
Add editor modelines.
svn path=/trunk/; revision=53497
improve relative offset calculations for Kyoto-Tycoon protocol
from me:
use col_append_sep_str()
set the correct length in dissect_kt()
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9418
svn path=/trunk/; revision=53495
Provide the capability to define a list of value_strings once and
then to expand the list as an enum and/or as a value_string array.
svn path=/trunk/; revision=53487
Create/use value_string_ext_free();
Display certain numbers also as hex in the
"forced to fall back to linear search: ..." value-string warning msg
Add editor-modelines to some files;
Do some whitespace changes.
svn path=/trunk/; revision=53484
Use FT_BOOLEAN instead of FT_UINT16 with 'ptp_bool_vals' value_string array;
Add editor modelines;
Do some whitespace & formatting changes.
svn path=/trunk/; revision=53477
Add menu items for each corresponding item in gtk/main_menubar.c that
calls gtk_stats_tree_cb(). Hopefully that's everything. Note that we use
quite a bit less code than the GTK+ flavor and why we might not want to
do that. Change a few things in ui/qt/CMakeLists.txt to more closely
match the GTK+ version. Add plumbing for tap registrations in
CMakeLists.txt and Makefile.am. Add the ability to copy text as CSV or
YAML.
svn path=/trunk/; revision=53464
Based on attachment #12139 (diff for adding the table) by rtsking117,
but keep original formatting and encoding (ASCII).
svn path=/trunk/; revision=53457
Specifically, proto_tree_add_expert() must take an actual tree node (for example
from proto_item_add_subtree()) and cannot take just any old item node. The
original intent (before the conversion) appeared to be just to put it on the
tree, so do that.
Another assertion gone from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9406
svn path=/trunk/; revision=53456
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog. Any GUI (GTK+/Qt/tshark) can just hook into the "decode as list" to see what can be provided.
This patch includes the GUI portion of the functionality (including packet-dcerpc.[ch] because it had some GUI dependencies that are now removed).
Other notes:
1. Some "GUI text" (UTF8_LEFTWARDS_ARROW and similar) made their way into the dissector code. Not sure how necessary it is and if reformatting the strings to avoid the macros is desired (TCP/UDP use it, SCTP doesn't).
2. I converted the SCTP functionality to have 2 tabs (instead of radio button), currently both are labeled "Transport" which could be confusing to users. Naming suggestions welcome (as well as for naming of tabs from other dissectors).
3. BER and DCERPC have more opportunity to use Decode As now that they are selected based on dissector presense, not packet_info values.
4. Catapult DCT2000 populates pinfo->ipproto, yet under new design will not show up to do Decode As. Should a "decode as item" be created for it?
5. BER dissector doesn't have Clear/Show Current functionality working (never did)
6. Bluetooth (in old design) could have been used "capture wide" instead of single packet (creating tabs of values not present in current packet), which goes against what I believe to be in the intent of Decode As, but I'm willing to hear counter-arguments.
svn path=/trunk/; revision=53446
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog.
This patch includes just the dissector portion of the functionality (minus packet-dcerpc.[ch] because it has hooks to the current GUI)
svn path=/trunk/; revision=53445
The main driving force for this was my new Decode As functionality (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9450) that wants a dissector/subdissector table relationship for all dissectors wanting to use Decode As functionality. The ethertype() function provides the value to the "ethertype" subdissector table, so I think it should be matched to a dissector. Only odd side effect is the display filter of "ethertype" returns no packets because there is no "item" associated with the dissector.
svn path=/trunk/; revision=53443
Add support for new PostgreSQL (9.3) error/notice message fields
Improves the PostgreSQL protocol dissector by adding support for the new error and notice fields which are new in PG 9.3:
http://www.postgresql.org/docs/9.3/interactive/protocol-error-fields.html
In particular, it adds support for the 'p', 'q', 's', 't', 'c', 'd', and 'n' field codes.
From me :
Fix wrong hf name...
svn path=/trunk/; revision=53431
Add RFC6066 CertificateUrl TLS extension
This is not supported by OpenSSL or NSS, the extension itself seems
unsafe, but some implementations seem to support it[1].
Untested, no capture available.
[1]: http://www.ietf.org/mail-archive/web/tls/current/msg02535.html
svn path=/trunk/; revision=53417
Add status_request_v2 TLS extension dissection (RFC6961)
Besides adding status_request_v2 support, this patch moves the
Certificate Status Type from the OCSP Status subtree to its parent
(the extension tree). This is needed because this type applies to all
OCSPResponse fields.
The check for "tree != NULL" seems unnecessary here, it was not
clarified in the original patch so I removed it.
From me
Fix typo
Remove unneeded tvb_ensure_bytes_exist
Use proto_tree_add_item
svn path=/trunk/; revision=53416
Add TLS StatusRequest (RFC6066) ClientHello extension recognition
Only empty Responder ID lists and empty Request Extensions are
implemented. I could not really find existing clients or servers that
populate these.
This status_request extension has a different signature for a
ClientHello and ServerHello, in the latter the extension_data field
must be empty. Therefore an additional parameter is added to
dissect_ssl3_hnd_hello_ext.
From me :
Fix typo
svn path=/trunk/; revision=53415
dissector for Kyoto Tycoon binary protocol
from me:
make port range preference work
highlight the correct bytes for records
remove trailing commas
correct(?) 64->32 cast
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9418
svn path=/trunk/; revision=53383
'localize' some variables;
Remove some unneeded initializers;
Move proto_reg_handoff_...() to the end of the file as per convention;
Add forward declarations for proto_register_...() & proto_reg_hand_off_...();
Reformat some long lines;
Tweak some whitespace;
Add editor modelines.
svn path=/trunk/; revision=53358
'#if 0' variable 'set but never used' & related code;
'localize' some variables;
Remove some unneeded initializers;
Tweak some whitespace;
Add editor modelines.
svn path=/trunk/; revision=53357
Collect packet numbers when following streams so that we can correlate
text positions with packets. Add a FollowStreamText class so that we can
track mouse events. Add a hint label that shows the packet under the
cursor along with packet counts and the number of "turns".
Add the packet number to the C array dump. Note that dumping to YAML
might be useful for Scapy users.
svn path=/trunk/; revision=53314
Alexis La Goutte