stuff from the buffer - extract what you need directly from the tvbuff.
(And definitely don't extract stuff from the buffer if you haven't
copied stuff to it.)
For integral AVP items, check the length of the item before processing
it.
Put time items into the protocol tree as times, not as byte arrays.
svn path=/trunk/; revision=4645
More draft 09 compatibility changes.
Default port number now 3260.
Now prints extra info to COL_INFO for SCSI command and login
responses.
svn path=/trunk/; revision=4641
Digital UNIX, and HP C compilers, and it may not work with other
compilers (due to the GLib problem mentioned in the previous checkin),
so it runs the risk of being an "attractive nuisance", i.e. users may
try it, find it doesn't work, and then send mail to various Ethereal
mailing lists asking about it.
svn path=/trunk/; revision=4640
Include "snprintf.h", when needed, to declare "snprintf()" on platforms
that don't have it.
Fix some formats and arguments to various printing routines.
Fix "diameter_time_to_string()" to properly fetch the time value from
the data buffer handed to it.
svn path=/trunk/; revision=4639
are in the reserved region (which also fixes a bug where we weren't
printing the value for the NO_ADVERTISE community correctly).
svn path=/trunk/; revision=4638
(This isn't as useful for testing purposes as it is in tcpdump and
libpcap, as GLib is configured based on the compiler used to compile it,
so you can't necessarily build an application using GLib with a compiler
different from the one used to compile GLib, but we'll add it anyway.)
svn path=/trunk/; revision=4637
about them being trashed by setjmp/longjmp (does GCC there stuff them
into registers? They're bigger than 64 bits, so they don't even fit
into a single register on Alpha).
svn path=/trunk/; revision=4636
X/Open specs *not* to be defined, so we also have to define
__EXTENSIONS__.
XXX - can we just define __USE_XOPEN, and not define _XOPEN_SOURCE? Is
that sufficient to get "strptime()" declared on all platforms?
svn path=/trunk/; revision=4629
#ifndef _XOPEN_SOURCE
#define _XOPEN_SOURCE 500
#endif
#define __USE_XOPEN
#include <time.h>
to get strptime() declared in time.h on various systems. I hope
this helps more than it hurts.
svn path=/trunk/; revision=4624
the result of "g_hash_table_lookup()" to an integer until you've
determined that it's not a null pointer, i.e. that the lookup
succeeded).
svn path=/trunk/; revision=4623
error message and quit if the user tries to use ring buffering with
another capture file format, and put a note about that in the Tethereal
man page.
svn path=/trunk/; revision=4615
support for the "b" descriptor item in data, for pointers that point to
arrays of bytes - the descriptor item includes a byte count giving the
number of bytes in the array.
Handle the "logon hours" bitmask in that fashion.
Sometimes it appears that -1 means "unknown", and sometimes it appears
that 0 means "unknown", for the last logoff date/time; interpret both of
them as "unknown" (or "never").
svn path=/trunk/; revision=4612
wrong type.
Don't have routines that create subtrees for the data in a RAP reply -
just have a string for the name to give the subtree. Create the subtree
iff the reply has an entry count; if there's no name, use "Entries", and
if there's no ett_ value for it, use a generic one.
If there's no routine to create a subtreee for an entry in a RAP reply,
don't create the subtree - some entries have only one member, so there's
no point in creating a subtree for them. Provide an ett_ value to use
if we don't know what the entry looks like.
Properly terminate "lm_null_list[]".
Fix the tables for the NetUserGetInfo API.
Add tables for the NetUserGetGroups API.
Add #defines and names for all the APIs in the SNIA CIFS spec (but fix
up some of the names to reflect what the actual API names appear to be).
Display the RAP API number in decimal, not hex, for unknown APIs.
Use the right hf_ value when displaying the auxiliary data descriptor.
svn path=/trunk/; revision=4611
"Large Serial Number" as a 64-bit little-endian integer, and dissect the
"NT Date/Time" as a FILETIME by calling "dissect_smb_64bit_time()".
Export "dissect_smb_64bit_time()" so that we can do so.
svn path=/trunk/; revision=4609
NetMon 2.0; I don't have any ATM captures *from* NetMon to try it on, so
I don't know what significance the "destination address" and "source
address" fields have, but we can at least read the captures we ourselves
write out, as can NetMon).
svn path=/trunk/; revision=4606
arguments to "proto_tree_add_text()", and to "proto_tree_add_XXX()" calls
that add FT_NONE or FT_PROTO items to the protocol tree, with -1.
Replace some calls to "tvb_length()" or "tvb_length_remaining()" with
calls to "tvb_reported_length()" and "tvb_reported_length_remaining()",
as those give the actual length of the data in the packet, not just the
data that happened to be captured.
svn path=/trunk/; revision=4605
that EtherPeek for Windows uses the same format as EtherPeek for MacOS,
so the code isn't specific to the MacOS version.
Check the physMedium value in the secondary header, and leave a
placeholder for a value of 1, which is presumably used in AiroPeek
captures.
Treat unknown mediaType and physMedium values as indications that we
don't have a *Peek file, not as unsupported *Peek files - we need all
the heuristics we can get.
svn path=/trunk/; revision=4601
formats we can read; include vendor names.
We should be able to read TokenPeek captures, as well as captures from
the Windows versions of EtherPeek.
Don't list the version numbers for EtherPeek and TokenPeek - those are
file format version numbers, not program version numbers.
svn path=/trunk/; revision=4599
