In the AgentX dissector, make the "flags" arguments guint8, to match
what's passed in.
In the AIM dissector, use val_to_str() in col_add_str() calls - it gives
the same result if there's a match, and puts a note in the Info column
if there isn't, and is less complicated.
In the AJP13 dissector:
update the URL for the protocol documentation;
add #defines for message types, and use them;
for "enumerated data type" fields, make the fields numerical
rather than strings and give them the value_string tables;
get rid of col_check() calls;
make a Boolean item an FT_BOOLEAN.
svn path=/trunk/; revision=39085
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
svn path=/trunk/; revision=39066
strings, and note that, for older AFP clients and servers, we might need
a way to say to use some Mac encoding instead.
Use tvb_strsize() rather than tvb_get_ephemeral_stringz() to just get
the length of a null-terminated string.
Use FT_GUID for UUIDs.
The low-order bit in the MessageBitmap in the FPGetSrvrMsg reply does
not, at least according to the current AFP spec, specify whether there's
a message at all, it specifies whether it's a server message or a login
message. The spec *does* now mention the "message is UTF-8" bit; use
it.
Fix a blurb.
svn path=/trunk/; revision=39063
- Don't use 'l' as a variable name;
- Use 'tvb_strsize();proto_tree_add_item();' iso 'tvb_get_ephemeral_stringz(); proto_tree_add_string();'
- Use ENC_NA/ENC_BIG_ENDIAN iso FALSE as appropriate for proto_tree_add_item().
svn path=/trunk/; revision=39047
proto_tree_add_item() calls.
For strings, add ENC_UTF_8. (Yes, the byte order is irrelevant for
those - but they should arguably be FT_UINT_STRING, as they're counted
strings, and the byte order *is* relevant for FT_UINT_STRING.)
svn path=/trunk/; revision=39041
"The PostgreSQL dissector do not fully support the frontend StartupMessage (see
"StartupMessage" in
http://developer.postgresql.org/pgdocs/postgres/protocol-message-formats.html).
The couples parameter name/parameter value in this kind of message are reported
as a block of text ("name: value") by the dissector whereas reporting them as
parameter name/parameter value would be more appropriate.
I've fixed it, so now the username and the database sent by the frontend can be
handled in, for instance, the CSV output of TShark.
I've also added a "val_count" field to contain the number of values (row
descriptions or row data) included in RowDescription/DataRow messages. This
information is useful when analyzing the CSV of TShark since in a CSV row, many
row descriptions or row data may be packed together."
Patch changes from me:
- No need to fetch ephemeral string anymore so just use tvb_strsize()
to get string length;
- Change field-filtername from pgsql.val.count to pgsql.field.count
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6343
svn path=/trunk/; revision=39030