- when processing tap extensions command line options, wait until the
main window has been created before opening the tap window, to avoid
lots of GTK warnings.
svn path=/trunk/; revision=6601
Windows compilers, etc. largely appear to handle files without them,
assuming CVS doesn't just put them in when you check them out).
Also get rid of execute permission on source files.
svn path=/trunk/; revision=6588
message indicates whether the session key or flags are missing in an
AUTH message - and it appears that the session key can be present
without the flags.
For both fields, check whether the offset is after the offset of the
first data chunk and, if so, assume the field is missing.
This means we no longer need to remember the flags for a NEGOTIATE
message, so just remember them for a CHALLENGE message.
svn path=/trunk/; revision=6585
starting and ending frame number, and circuits with the same circuit ID
are sorted by the starting frame number (the last circuit can have 0 as
the ending frame number, meaning "unknown"), and, when looking up a
circuit, we take a frame number as an argument and return the circuit
that includes that frame.
Add a new circuit ID type for X.25 virtual circuits, and use the circuit
mechanism to keep track of the dissector for an X.25 virtual circuit
rather than having a private mechanism.
svn path=/trunk/; revision=6580
the end, although they're empty in all messages I've seen; put in a
comment noting that.
NTLMSSP_CHALLENGE messages sometimes don't appear to have the address
list; it doesn't seem to be indicated by:
any flags in the previous NEGOTIATE message other than the
Negotiation Workstation Supplied, Negotiate Domain Supplied, or
Negotiate UNICODE, but it doesn't make sense for those to affect
it, as they affect unrelated things;
any flags in the CHALLENGE message other than Negotiate OEM or
Negotiate UNICODE, but those don't make sense.
So we just check whether the address list descriptor would be in the
middle of the domain name string and, if so, assume it's absent.
NTLMSSP_AUTH messages sometimes lack both the session key and the
negotiate flags; that appears to be controlled by th Negotiate Key
Exchange flag in the initial NEGOTIATE message - if not set, those
fields are missing. We therefore remember the NEGOTIATE flags in a
conversation, and attach them to frames containing AUTH messages; we
also need those flags to determine whether the strings in the AUTH
message are Unicode or not.
Make lengths, maximum lengths, and offsets unsigned.
Display entries for empty blobs and address lists.
svn path=/trunk/; revision=6575
Make that rule work correctly, by making "ETHEREAL_TAP_SRC" refer to the
*source* files, making "ETHEREAL_TAP_OBJECTS" be the *object* files (as
generated from the list of source files), and adding
"ETHEREAL_TAP_OBJECTS" rather than "ETHEREAL_TAP_SRC" to the list of
objects to link.
svn path=/trunk/; revision=6574
handle to use to dissect GSS-API inner context tokens has to be stored
as per-frame data, not just as conversation data.
svn path=/trunk/; revision=6569
Replace the handling of PPP packets over GTPv1 and also
establish the handling of PPP packet over GTPv0. Additionally
IPv6 packets are handled in GTPv0 and GTPv1.
Explanation:
- old solution: examining the known PPP protocols is a tough
task, because there might be more in the future -> the list
must be extended more and more (the octet 0x00 has already
been added for PPP network layer protocols, but for protocol
field compression a lot of protocols must be inserted for
IPv4(0x21), IPv6(0x57), maybe IPX (0x2b) or AppleTalk (0x29),
...)
- new solution: It is easier the other way: the most significant
nibble of the first octet must be 4 for IPv4 and 6 for IPv6.
All other values are assumed to be PPP packets, including
packets beginning with values 0x40-0x44 (header too short for
IPv4 packet) and value 0x4f (PPP protocol type (IPv6 header
compression protocol) taking precedence over IPv4 packets with
header length of 60 octets).
svn path=/trunk/; revision=6568
header.
Add overflow checks to "BYTES_ARE_IN_FRAME()", and cast all arguments to
unsigned values (negative values should never be passed) to squelch
compiler warnings.
svn path=/trunk/; revision=6567
This adds functions to register the command line arguments to use the API in the same way as is done for tethereal.
Later it may be extended to also register the GUI/Menu entry point to ethereal using this api but that iwll be later since the changes required to menu.c are not as intrusive as the main.c command line parsing ones were.
Some of the latest changes (before this checkin) has made ethereal to produce lots of GTK errors when starting up the extension windows.
They were there before this checking but will be investigated.
svn path=/trunk/; revision=6566
only in bind, bind_ack, alter_context, alter_context_response, and auth3
PDUs; they're a verifier of some sort in other PDUs. The verifier
appears to start with an OID for the real authentication mechanism if
the authentication type is SPNEGO.
svn path=/trunk/; revision=6563
support dissecting of v6 VPN NLRIs;
fix a little bug for displaying v4 nexthops using type 1 RD
style [dissecting started at wrong offset].
svn path=/trunk/; revision=6561
Using this command line option you canb now place any arbitrary display-filter fields on the COL_INFO line.
Assume you want NFS dissector in tethereal to put ALL filehandle hashes (nfs.fh.hash) on COL_INFO.
No worries, just add
-z proto,colinfo,nfs.fh.hash,nfs.fh.hash
as a parameter to tethereal.
Never again do you need to hack tethereal and recompile just because you want some extra info on the COL_INFO line.
svn path=/trunk/; revision=6560
Previous checkin did not make sense. We can not have a union without having the
union case value stored as a separate variable or else the receiving side will
not know how to decode the packet.
Therefore it can not be a union at all. Instead we have a REF pointer to a ulong
holding the number of elements, then a unique pointer to a conformant array
of structures.
Thus, the content of the reply packet for function_24 as well as
dsrolegetprimarydomaininfo can not be
[ref] PRIMARY_DOMAIN_INFO_EX_UNION *pdi;
but instead MUST be
long num_entries;
[unique][size_is(num_entries)] PRIMARY_DOMAIN_INFO_EX *pdi;
svn path=/trunk/; revision=6559
fix the name of the file in the introductory comment.
Get rid of unnecessary include of "prefs.h".
Make the MAC address fields FT_ETHER rather than FT_BYTES.
Get rid of CRs at the ends of lines.
svn path=/trunk/; revision=6553