> The included patch fixes BFD version detection in the BFD packet
> dissector and extends it to correctly dissect version 1 packets. The
> Authentication Section part of the packet is still not dissected.
>
svn path=/trunk/; revision=17357
IEEE802.3ah-2004 (OAM) Errored Frame Seconds Summary Event TLV is not being
decoded properly. Per IEEE802.3ah-2004 section 57.5.3.4, item g, the Error
Running Total field should be 4-octets however Ethereal is trying to decode this
field as 8-octets which results in incorrect value reported for "Error Running
Total" and "Event Running Total".
svn path=/trunk/; revision=17351
Add the same workaround used in packet-ftam.c for the bad handling of the asn "IMPLICIT SEQUENCE", in the packet-gsm_map-template.c. This patch concerns Map V3 messages, not correctly decoded with the previous workaround "offset=offset+2".
Change a parameter for Provide Roaming Number decoding.
Add a decoding fonction for "Channel needed" parameter to avoid a decoding error for Paging messages
with a change to actually dissct channel needed.
svn path=/trunk/; revision=17350
pinfo->net_src and pinfo->net_dst where used to set up conversation, but
this fields are null on eap stream. use pinfo->src and pinfo->dst
instead.
The patch also enable strict checking in the 'follow ssl stream' dialog.
svn path=/trunk/; revision=17333
The attached patch should fix bug 742.
The issue is (at least, I think so...) in the packet-x509af dissector
A null pointer is passes as parameter of a " %s " format string.
svn path=/trunk/; revision=17317
Here's a tiny patch that will allow for dissecting of chunked coded HTTP
responses when there is an extension or trailing whitespace in the
Transfer-Encoding: header.
svn path=/trunk/; revision=17314
- enable the 'follow SSL stream' menu item only when a ssl packet is selected.
- when 'following' an ssl stream, show ssl decrypted data only for current conversation.
- fix a typo in ssl preference description.
svn path=/trunk/; revision=17301
- Improves ability of dissector to find conversations without seeing
whole stream.
- Fixes some issues with dissection of data which requires reassembly.
- Adds the ability to dissect jxta conversations from SCTP streams.
- Better handling of welcome message.
- Adds direct dissection of compressed SRDI data.
- Has been run through extensive fuzz testing.
- Fixes compiler warnings with previous patch 17141
svn path=/trunk/; revision=17282
the attached patch fix a couple of possible memory leak in the ssl
decryption code, add some indentation fix, more comments and add the
preference to select the debug output (missing in previous patch)
svn path=/trunk/; revision=17281
The attached patch cleanup the debug infrastructure for ssl dissector.
Debug messages are by default off and can be enabled via the ssl
dissector preference. Debug output can be directed to stderr or file.
svn path=/trunk/; revision=17253
The attached patch fix bug 732.
The problem was in the client key dissection. On ssl v3 the encrypted
data is the whole record data, on tls v1 the encrypted data is preceded
by the 2 bytes length of the encrypted data itself.
svn path=/trunk/; revision=17244
the Nettle library and specify a Pluto log file in the preferences.
The Pluto log MUST include the encryption key used in each phase.
Add filters for many fields (and get rid of a lot of
proto_tree_add_text()s in the process).
Fix up whitespace.
Sponsored by CableLabs.
svn path=/trunk/; revision=17229
attached a patch that supports filtering for
Juniper's meta information prepended
before packets (logical encapsulation, ifd index etc.)
Me:
declare juniper_ext_get_tlv_value static
svn path=/trunk/; revision=17226
This is a simple patch to the Netflow v9 dissector, that let it decode
Netflow v9 MPLS-Aware, a feature of Cisco 12000 IOS 12.0.24S and above
on Cisco 12000, 7500 and 7200 that is very useful for MPLS-VPN networks.
svn path=/trunk/; revision=17225
the attached patch clean a bit the ssl decryption related code, removing
a macro I used when the code was still for an external plugin.
svn path=/trunk/; revision=17217
if the secblob starts with 'NTLMSSP' call the ntlmssp handle directly and not the gssapi one
ntlmssp:
dont change offset when dissecting a client_time, offset will be changed properly later outside the switch.
svn path=/trunk/; revision=17215
Packet-g723.c - B0 and B1 should be treated together.
packet-tipc.c - Change desgementation code to handle more than 2 segments.
svn path=/trunk/; revision=17204
>There is still an issue into the HAVE_LIBGNUTLS macro definition. I'm
>fixing it and cleaning a bit the windows side configuration. I hope to
>post soon the fix.
The attached patch should fix the issue. I missed to modify the
config.win32 file and I misstyped a few macros name.
svn path=/trunk/; revision=17200
If the P bit is NOT set, then flag the PID field as "(not valid)"
Sicne the TID might be undefined/0 in the response to a "pending" read
we cant use that solely to determine if a read was for a named/pipe (==dcerpc)
Assume that only NamedPipe reads can be STATUS_PENDING and thus have the P bit set and assume it IS dcerpc if the P bit is set.
svn path=/trunk/; revision=17197
Jaap Keuter