Dissector for Stanag 4607 protocol.
From me:
- don't add expert info under if (tree)
- simplify loop and overflow checking
svn path=/trunk/; revision=51131
Currently, Wireshark only dissects one side's Key Exchange Init message,
which, in particular, means that the encryption, MAC and compression
algorithms it infers are bogus.
This patch fixes that.
From me:
Don't use a macro which confused checkhf (it only saved a small amount of
visible code). Fix up some more white space.
Use macros for a couple array indexes.
svn path=/trunk/; revision=51126
This patch makes the SSH dissector able to display multiple messages in the
Info column. As a side effect, it changes the formatting of some messages to
be more uniform.
I've also removed a dubious chunk of code that hardcodes a 16-byte MAC after
a SSH_MSG_KEX_DH_GEX_REPLY message. There can't be a MAC before key exchange
is over, and in my sample capture, this actually eats the second message that
follows.
From me: some white space cleanup.
svn path=/trunk/; revision=51117
if the right-hand merge target was there originally. This brings memory usage
down another ~40% when running the heavy test suite.
This also lets us extract the master-list check out of unfree() since it is now
only relevant at a single caller, and turns unfree into the more understandable
remove_from_recycler().
svn path=/trunk/; revision=51104
Follow-up on 9P dissector enhancement ( https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8589 )
"fid"s, 9P file descriptors, are valid from the moment it's allocated until
when it's freed. My original patch kept a fid hashtable updated everytime a
packet was dissected in full-view (with a non-null tree)
Attached is a patch that builds a tree for each 9P fid and stores the
corresponding path when it becomes valid/marks it as invalid when it no longer
is.
svn path=/trunk/; revision=51092
Original (read from file) comments can be accessed by pkthdr->opt_comment
Keep user comments in seperated BST, add new method for epan session to get it.
svn path=/trunk/; revision=51090
in order to fix the compile error
addr_resolv.c:1250:1: error: 'hash_eth_wka' defined but not used
[-Werror=unused-function]
svn path=/trunk/; revision=51085
Some small improvements to the Modbus Dissector:
- Better detection of query/response w/ serial line Modbus RTU
- Smallest Modbus RTU message can actually be 6 bytes, not 8.
- Only check 16/32-bit register decoding options with appropriate function codes
svn path=/trunk/; revision=51083
r51066 should have also updated the hf_ variable name, comments, and a couple
of data structures.
(I don't know this protocol so these changes are basically a half-educated
global search-n-replace.)
svn path=/trunk/; revision=51080
This patch assumes that wtap_phdr interface_id, pack_flags both from initial read and seek read will contain same values.
Please fix if it's not.
svn path=/trunk/; revision=51041
Michael Mann