just use "g_free()" to free the buffer in "md5_xor()", as it
doesn't throw exceptions;
temporarily #ifdef out "tacplus_acct_flags" pending the
arrival of code to dissect the TACACS+ accounting stuff.
svn path=/trunk/; revision=8566
non-null, set "*exception" to the appropriate exception - its callers
rely on it.
Now that it does that, there's no need for "check_offset_length()" to
check for a length of -1, as "compute_offset_length()" does so, and
therefore "check_offset_length_no_exception()" does so.
svn path=/trunk/; revision=8562
when reading what could potentially be the maxcount high field
assume that IF it is 0xFFFFFFFF that it is not maxcount high at all but
instead just some padding/reserved bytes.
If this field is 0xFFFFFFFF just ignore it.
svn path=/trunk/; revision=8559
For short packets, we might not have enough of the payload to decode
the transaction info levels and thus that data structure is NULL.
check the pointer to this struct first before we try to dereference it.
svn path=/trunk/; revision=8558
update the CList as you enter/modify options;
give Windows users OS descriptions in the displayed devices
list;
display at least 5 rows in the lists;
get rid of the "extra" CList for storing edited values.
svn path=/trunk/; revision=8552
1) string tables for t35CountryCode, t35Extension and
h221ManufacturerCode were moved into the new file t35.c
because they are common for more dissectors
2) the dissect_h245_NonStandardParameter_with_extension_marker()
was moved from h245 to h225 and renamed to
dissect_h225_NonStandardParameter() because the
NonStandardData type is different for H.225.0 and H.245
3) type of the "h245.nsp.object" dissector table was changed from
FT_UINT32 to FT_STRING, so it can select a dissector based on
an OID rather than the Adler-32 hash of an OID
4) the "h225.nsp.object" and "h225.nsp.h221" dissector tables
were created
svn path=/trunk/; revision=8550
nor a response as continuation data. For SIP-over-everything-else,
reject it.
Parse the headers regardless of whether we're building a protocol tree
or not; if we're not, we just do it to look for a blank line separating
the headers from the body. Do that instead of scanning for the message
body separately.
When scanning for a colon, don't scan past the end of the line.
svn path=/trunk/; revision=8549
look like a SIP packet, so some other dissector gets a chance at it.
When looking for the blank line separating headers from data, use
"tvb_find_line_end()" so we handle CR/LF and LF as end-of-line
indications (RFC 2543 says "senders MUST terminate lines with a CRLF",
but it also says "but receivers MUSTalso interpret CR and LF by
themselves as line terminators"), and return an offset past the end of
the buffer, rather than -1, if we don't find it (not all packets have
one).
When checking whether a header is one we know about, do a
case-insensitive comparison (RFC 2543 says header field names are
case-insensitive).
svn path=/trunk/; revision=8548
handling encrypted request/response PDUs. Instead of having
dissection function pointers which perform both decryption and
dissection, the function pointers now only decrypt the DCERPC fragment
payload. Dissection is handled by the dcerpc_try_handoff() function
(with DCERPC fragment reassembly if necessary).
Details:
- Move the dcerpc_auth_info struct into dcerpc.h as it is now used in
the function prototype for the decryption function handlers.
- decode_encrypted_data() was refactored to take a boolean request
parameter instead of passing the DCERPC PDU packet type.
- A tvbuff_t * data field was added to dcerpc_auth to hold the
verifier. This is passed as an argument to the decryption function
handlers.
- Dissection of verifiers in request and response PDUs was moved to
before the payload.
- The dissect_dcerpc_cn_stub() function was refactored to perform
the decryption process and hand decrypted data to the reassembly
code instead of performing the decryption after reassembly.
- Removed references to decrypted_info_t as it's not necessary
anymore.
Code was tested using encrypted and unencrypted fragmented PDUs.
Before this commit ethereal could not dissect unencrypted (!)
fragmented PDUs correctly.
svn path=/trunk/; revision=8546
in dcerpc_auth_info since auth_level is an unsigned type. Zero is
not a valid authentication level anyway (s13.1.2.1, p611 CAE spec).
Remove two inscrutable debugging comments that don't seem to mean anything.
svn path=/trunk/; revision=8545
- can now handle streams with different payload types
- detects payload changes
- detects comfort noise (PT=13 and 19)
- status line now shows: sequence errors, payload changes,
comfort noise (if any)
- uses colours for lines with status != "Ok"
- new button "next": jumps to next line with status != "Ok"
(starting from selected line)
- fixed: wrong jitter calculation (bug from tap_rtp)
- fixed: marker was not shown on first packet or erroneous
packets (bug from tap_rtp)
- code refactored to improve readability and reuse
svn path=/trunk/; revision=8543
In "dissect_nds_request()", insert the request information into the hash
table the first time we see the packet, regardless of whether we created
a new conversation or not.
svn path=/trunk/; revision=8541
handle 802.1Q frames;
catch the destroy signal on the main Ethereal window and destroy
our windows (avoids a crash).
Get the PPP type value for IP from "ppptypes.h" rather than defining it
ourselves.
svn path=/trunk/; revision=8537
expired *before* writing a packet, rather than *after* writing a packet,
so that if you get no packets for a sufficiently long period that the
timeout expires before you get a new packet, the new packet is in the
beginning of a new file (as you might get more packets right after that,
and want them to be in the new file, rather than have the first packet
at the end of one file and the rest of the packets in another file).
svn path=/trunk/; revision=8536
control field, and have a preference in the LWAPP dissector to specify
whether to use it or the regular 802.11 dissector, as some hardware
sends out LWAPP-encapsulated 802.11 packets with a byte-swapped FC field.
svn path=/trunk/; revision=8534
Remove the internal packet-per.c functions
"dissect_per_length_determinant()" and
"dissect_per_normally_small_nonnegative_whole_number()" from the
plugin API, as they shouldn't be used outside the PER dissector.
Remove the H.225/H.245 functions
"dissect_h225_TransportAddress()" and
"dissect_h245_NonStandardParameter()" from the plugin API until
we really need them in plugins.
Add the string dissector table functions to the plugin API.
svn path=/trunk/; revision=8532
2.x) and transient-for setting that's done for other dialogs, and use it
for dialogs that come from the main window or from children of the main
window.
svn path=/trunk/; revision=8531
- put back the event_button->window == GTK_CLIST(w)->clist_window test
now that we use the correct structure definition for GtkCList (from
the right include file, not from our version of gtkclist.h).
svn path=/trunk/; revision=8528
column, and we need stuff from the protocol tree for the Info column.
Go back to the previous scheme for constructing the Info column; the
previous change fixes the problems for which the Info column changes
were fixes.
svn path=/trunk/; revision=8526
"set_menus_for_selected_packet()" and
"set_menus_for_selected_tree_row()", and have them decide whether to
enable or disable menu items based on whether that structure indicates
that a packet or field is selected and, if one is, on its properties.
Pass to the "selected packet enabled" routine for a menu item the
"frame_data" and "edt" members of the "capture_file" structure, and pass
to the "selected tree row enabled" routine the "field_info" member of
that structure.
Clear "cf->current_frame" if no packet is selected.
svn path=/trunk/; revision=8525
Don't use "bzero()", "bcopy()", or "bcmp()"; instead, use the
ANSI C routines
[memset, memcpy, memcmp] ...
Not all platforms necessarily have "bzero()"/"bcopy()"/"bcmp()",
and those that do might not declare them in the header file on
which they're declared on your platform.
Make it so.
svn path=/trunk/; revision=8522
