- combine proto_tree_add_text() and proto_tree_append_text() calls in the
access mask dissector
- make the specific access bits dissector functions return void instead of
an offset
I think Samba has the create user reply wrong. There is perhaps a uint32
marked as unknown that shouldn't be there. Removing this parses all the
captures I have.
svn path=/trunk/; revision=6057
tcp sequence number analysis flags, such as retransmission , lost-segment, etc
to make it easier to search for all these conditions.
svn path=/trunk/; revision=6056
generic, standard and specific mode bits. A protocol dissector can pass in
it's own function for dissecting the specific mode bits, if known.
svn path=/trunk/; revision=6053
page codes are used in different ways in different devices, e.g. 0x10).
Handle commands and mode pages for media changer devices (and move some
commands from the "sequential device" category to the "media changer"
category, where SSC-2 and SMC-2 put them).
Add some missing SPC commands (not present in SPC-2).
Handle some additional SSC-2 commands.
Fix some other bugs.
svn path=/trunk/; revision=6042
protocol version is OK and reject the packet if it's not, so that we
don't grab all packets on port 8116 even if they're, for example, ONC
RPC packets.
Fix some typos.
Get rid of C++-style comments.
svn path=/trunk/; revision=6038
for the benefit of dissectors such as the NDMP dissector that can at
least supply a reasonable guess for the device type; more than one type
of device can be opened on the same host over NDMP, so the scheme
currently used by the SCSI dissector to remember device types in INQUIRY
replies won't work.
Have the iSCSI dissector supply SCSI_DEV_UNKNOWN, and have the NDMP
dissector supply SCSI_DEV_SMC for NDMP_SCSI_EXECUTE_CDB (under the
assumption that it's operating on a media changer) and supply
SCSI_DEV_SSC for NDMP_TAPE_EXECUTE_CDB (under the assumption that it's
operating on a tape device).
Fix memory leaks in the SCSI dissector.
Fix the dissectors for the SSC READ(6) and WRITE(6) CDBs to dissect the
transfer length as a 24-bit quantity.
svn path=/trunk/; revision=6035
1. Add parsing of group description attribute (donno why it was
missed so far).
2. Enumeration of # of transforms and # of payloads (just makes
it easier to look at).
3. Parsing of Vendor ID:
3.1 Identify several vendors' Vendor ID string (Microsoft,
CyberGuard, SafeNet, Check Point at the moment) - if
anyone has more VendorID strings, I'd be more than
happy to add them.
3.2 Identify Vendor ID string of draft_ietf_ipsec_nat_t_ike_03
(NAT traversal RFC draft).
3.3 Further parsing of Check Point's Vendor ID string, to
include Check Point product and version. If anyone has
other vendors' parsing knowledge, again, I'd be happy
to add it.
svn path=/trunk/; revision=6033
to put a space between the command name and the tag, and we weren't
doing that for all tags, so let's just get rid of the space.
Keep track of the device type and command type separately for commands.
Remember device types when we see an INQUIRY *response*, not a request,
and save the device type bits, rather than saving some random bit from the
INQUIRY *request* as the device type. This means we have to dissect
the INQUIRY response payload even if we're not building a protocol tree;
do so.
Put in a comment noting that the source and destination address are not
sufficient as a key to use for the device type, as a given network-layer
entity may have more than one SCSI device (and connections aren't good
enough, either).
Put the code to dissect MODE SELECT and MODE SENSE block descriptors
into a common routine. Have that routine dissect more than one block
descriptor. Have it take the device type and the "long LBA" flag as
arguments, so that it can correctly dissect the block descriptors.
Handle READ(6) and WRITE(6) on sequential devices.
Get rid of "dissect_scsi()" - it's not used.
svn path=/trunk/; revision=6032
and where the PDU header has a length field that is the length of the
entire PDU, including the header, thou shalt not try to loop doing that
if thou findest a packet with a length of zero, lest thou spin in an
infinite loop.
svn path=/trunk/; revision=6031
following changes:
- Inserted packet-tds.h This is personal taste because of the many
files in the toplevel directory. Whoever works on this next is
free of course to separate it back out again.
- Removed unused includes sys/types.h, snprintf.h, netinet/in.h
- #if-0 unused function
- Removed duplicate define
- Declared all unused parameters as such
- Changed a // comment into /* */
- ifdef-DEBUG a printf statement
svn path=/trunk/; revision=6025
Generalize paths and get rid of sed-dependent ethereal.nsi.in.
Remove ethereal.nsi.in, and re-add ethereal.nsi with Ulf's changes.
Modify Makefile.nmake to use it.
Note: You'll have to add "COMMON_FILES_GNU" path to your config.nmake
that points to a directory with all of Ethereal's required DLLs.
Be obnixious and set "SetShellVarContext all" so that we install for
every user, like most standard Windows apps.
svn path=/trunk/; revision=6020
For unknown mode pages, make the "Unknown Page" tree item not include
the page code and length, as those were put into the tree already - have
it just include the contents of the page.
For MODE SELECT, use the supplied payload length rather than the mode
data length, as the mode data length is reserved in MODE SELECT (it's
implied by the total data length; in MODE SENSE, the CDB contains the
buffer size, but the target can return fewer bytes than that, so the
mode data length is meaningful).
Add additional checks of the remaining data length when parsing MODE
SELECT and MODE SENSE, and fix up the checks that were there already.
The density code comes *before* the number of blocks in a block
descriptor, and the number of blocks and block length are 3 bytes long
for both the 6-byte and 10-byte versions of MODE SELECT and MODE SENSE.
svn path=/trunk/; revision=6019
tag or not - if we haven't, "i" is "session info" and "a" is "session
attribute", and if we have, "i" is "media title" and "a" is "media
attribute".
svn path=/trunk/; revision=6018
parameter and data, so the LANMAN RAP pipe dissector, for example,
doesn't get confused and think there is an auxiliary data descriptor in
the parameters when there isn't.
Note that in at least one Negotiate Protocol reply it looks as if a
Unicode domain name might've been aligned.
svn path=/trunk/; revision=6017
"make install"; even though the resulting files are huge it's probably better
to have the debugging symbols intact. Set file and directory permissions in
/usr/local to match those in /usr.
svn path=/trunk/; revision=6016
Handle the case where "get_unicode_or_ascii_string()" returns a null
pointer (which can be the case if the length supplied is zero, which we
check for as per the above, but can also be the case for a Unicode
string if the length supplied is 1 byte).
Fix a call to "proto_tree_add_uint()" that was presumably supposed to be
a call to "proto_tree_add_item()".
svn path=/trunk/; revision=6015
1. Proper extraction of data from packet (removed bad
tvb_get_ptr() and casting the resulting pointer to a
structure method).
2. Printout of Initator and Responder cookies (per request from
VPNC organization).
svn path=/trunk/; revision=6013
Tim Potter