- Change ugly GLIB version checking statements to GLIB_CHECK_VERSION
- Remove ws_strsplit files because we no longer need to borrow GLIB2's
g_strsplit code for the no longer supported GLIB1 builds
svn path=/trunk/; revision=24829
est. Use g_ascii_strcasecmp() and g_ascii_strncasecmp(), and supply our
own versions if they're missing from GLib (as is the case with GLib
1.x).
In the code to build the list of named fields for Diameter, don't use
g_strdown(); do our own g_ascii_-style upper-case to lower-case mapping
in the hash function and use g_ascii_strcasecmp() in the compare
function.
We do this because there is no guarantee that toupper(), tolower(), and
functions that use them will, for example, map between "I" and "i" in
all locales; in Turkish locales, for example, there are, in both
upper case and lower case, versions of "i" with and without a dot, and
the upper-case version of "i" is "I"-with-a-dot and the lower-case
version of "I" is "i"-without-a-dot. This causes strings that should
match not to match.
This finishes fixing bug 2010 - an earlier checkin prevented the crash
(as there are other ways to produce the same crash, e.g. a bogus
dictionary.xml file), but didn't fix the case-insensitive string matching.
svn path=/trunk/; revision=23623
for the same tvb. This keeps us from freeing the same memory twice and
crashing on some systems.
This might be the same bug Brian Vandenberg was looking for in
http://www.wireshark.org/lists/wireshark-dev/200705/msg00406.html .
svn path=/trunk/; revision=23415
- s/ntohl/g_ntohl
- s/free/g_free
- Change some tvb_get_string()+g_free()'s into tvb_get_ephemeral_string()
- Change some tvb_fake_unicode()+g_free()'s into tvb_get_ephemeral_faked_unicode()
- Change some tvb_get_string() calls that were clearly memory leaks (like
atoi(tvb_get_string(...))) into tvb_get_ephemeral_string()
svn path=/trunk/; revision=22515
While looking into the http-dissector I improved a few things on
how it dissects a proxy CONNECT session. This is what I have changed:
- added the fields hf_http_proxy_connect_host and -port
- changed proto_tree_add_text to proto_tree_add_string and -uint
so that it's possible to filter on them
- make these two fields "PROTO_ITEM_SET_GENERATED"
- removed the alteration of the ports within pinfo, now the
ports in the column info are not changed to the port used to
connect to the backend server. It is now possible to use
follow-tcp-stream again on proxied ssl sessions.
svn path=/trunk/; revision=21618
some warning fixes
packet-http.c
set headers.content_length = 0 before the first potential use of it.
packet-kink.c
"ifdef kerberos" around one function declaration
packet-nbns.c
set headers.{dgm_length|pkt_offset|error_code} = 0
packet-pflog.c
delete capture_pflog and
capture_old_pflog which aren't used anymore in the code.
svn path=/trunk/; revision=21120
The capture file the user supplied had a HTTP chunked response
in it with no actual chunks other than the zero length chunk
indicating the end of the chunks. The fix is to only create
a new_tvb and copy it over the tvb going into the
chunked_encoding_dissector() function if the chunk size is > 0.
svn path=/trunk/; revision=21034
- Split the HTTP tap into two taps: one for the HTTP statistics
and the other for the export object function. This allows the
HTTP statistics to work again (they seem to have been
partially broken since SVN rev 18901).
- Pass the conversation data (conv_data) between functions now
instead of using the global variable stat_info (now only used
for the HTTP stats)
- Pass only pointers from the HTTP dissector to the Export Object
tap, where we'll then copy the values and insert into the slist.
- Make sure we free all memory allocated by this feature when
we're done with it.
- Various other minor improvements
svn path=/trunk/; revision=21021
- Note in the user's guide that export object is not available
in GTK1 builds of Wireshark.
- Make scanning through the slists more efficient
- Use new tap.c function called have_tap_listener() to only save
object payload data when the export object listener is actively
listening for it.
- Save objects in the HTTP dissector with g_malloc() instead of
se_malloc() and free it when we're done with it - when the
export object window is closed (Fixes bug #1412)
- Various minor improvements
svn path=/trunk/; revision=20980
- Add to User's Guide
- Add a help button
- Move a lot of code into the shared export_object.c file and out of
dissector specific file export_object_http.c. This will make adding
additional protocols much easier.
- Change comment in packet-http.c to reflect new name (Export Object)
- Various other minor improvements
svn path=/trunk/; revision=20961
feature lists all of the content found in an HTTP stream (images, http, etc.)
and displays it in a list that allows the user to save each one as a file that
is already reassembled by the dissectors.
svn path=/trunk/; revision=20867
Create two new files (ws_strsplit.[ch]) that use GTK2 code to override
the buggy g_strsplit() function when compiling for GTK1. Include this
work-around function (ws_strsplit) in libwireshark.def. Add notes on usage
to README.developer. Include epan/ws_strsplit.h in all files that use
g_strsplit().
svn path=/trunk/; revision=20804
when it encountered a proxy http connect to port 80. This was caused by
the dissector calling itself over and over. Now if the connect to port is
one of the defined http ports, it calls the data dissector.
svn path=/trunk/; revision=19899
Also, there is still an outstanding issue regarding the default use of
the "media" dissector. The way it is currently coded there is no way to
have a heuristic decoder when a content-type header is specified.
In this way if there is a decoder for a specific content-type then it
will be used, then the heuristic decoders have a chance, and finally the
default of either the media-type decoder of the http_payload decoder.
svn path=/trunk/; revision=19208
verify that stat_info->request_uri is non null before doing string manipulations on it
so that we dont try to dereference a null pointer further down the code
svn path=/trunk/; revision=19153
Attached is a patch to packet-http.c that calls a subdissector for
traffic flowing through a proxy via the HTTP CONNECT method. Most
protocols, especially SSL, can be tunneled through an HTTP proxy.
Wireshark currently says this traffic is "Continuation or non-HTTP
traffic" but this patch turns the payload over to the dissector for the
protocol being tunneled. This is similar to how the Socks dissector
works.
svn path=/trunk/; revision=18901
- Many DCT2000 protocols can be embedded within an IP primitive
message. Add a heuristic to see if we can find the protocol payload
within in IP primitive message, and look for an ethereal dissector
matching the DCT2000 protocol name (this is useful for simple protocol
testing where no physical links are involved)
- Make some more of these protocols (diameter, http, mgcp) findable by name
- Adds protocol 'variant' number to stub and dissector
- Break the duplicated writing of the stub header out into a separate
function
svn path=/trunk/; revision=18212
Here's a tiny patch that will allow for dissecting of chunked coded HTTP
responses when there is an extension or trailing whitespace in the
Transfer-Encoding: header.
svn path=/trunk/; revision=17314