To check if a payload is json, the library libjsmn has been added to the source tree, with its licence (MIT).
TODO: the libjsmn can be used to extract tokens in the standard dissection other than heurisitic part.
HPFEEDS dissector has also been changed in order to leverage the new json dissector.
Bug: 10834
Change-Id: Ib1df2a699982dbdd2b5418e97edbdb5cbd9c8978
Reviewed-on: https://code.wireshark.org/review/6350
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
this is a protocol between payment terminals and
electronic cash-register systems / vending machines
Change-Id: Ieac87c0af8e15f2dfe8b4a6274f3b56d652a5b1f
Reviewed-on: https://code.wireshark.org/review/6531
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
CMake now generates local copies of .rc files for all the Windows
components and uses the files in the build of the components.
The .rc.in files that include an icon were modified to allow the icon
path to be set by CMake. The path is removed for nmake builds.
Updated build architecture detection, required for wireshark.manifest.in
Change-Id: I7b1ff43050e9b0efb861d1041636fb4aef49a4f8
Reviewed-on: https://code.wireshark.org/review/6482
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Since those command/events are vendor specific and proprietary
not all commands/events are implemented. All implemented commands can be
found in Open Source implementations for Broadcom chip. If you found more,
please let me know.
Change-Id: Ie68d3737c88a8cef39260a9d93192cfc81871d6c
Reviewed-on: https://code.wireshark.org/review/6406
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
The functionality was suiting for address_to_str.c and the #defines belong in packet-atalk.h. Kept the address structure with the "address string conversion", but that can probably be better cleaned up when the address to str as a whole is cleaned up.
Would also consider making AT_ATALK an FT_ type as well.
Change-Id: Ia534096c707e6fb94acdfee0d332beda6571c371
Reviewed-on: https://code.wireshark.org/review/6417
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Move capchild, caputils, codecs and wsutil into a Libs group
Move gtkui into UI group
Move update-sminmpec into tools group
Change-Id: Iaf2bfe4697265af2c3ed9c9d7de2d5d1ef3cafee
Reviewed-on: https://code.wireshark.org/review/6332
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Graham Bloice <graham.bloice@trihedral.com>
Bluetooth dissector is used to add ability to filter all bluetooth
payload from capture files (there are many transport like:
hci_h4, hci_h1, hci_usb, hci_mon, btle). Also it is used to placeholder for
all data tree used to store additional informations like bd_addrs, names, etc.
Finally it is used to be one point for Bluetooth
Endpoints/Conversation filtering what is enabled now.
Also add Master/Slave Role and Connection Mode tracking.
Change-Id: I67048080fb8ee16fa0f4ec429c1257de81ddd737
Reviewed-on: https://code.wireshark.org/review/5771
Petri-Dish: Michal Labedzki <michal.labedzki@tieto.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Removed attrID and cmdID ZCL cluster functions.
Bug in ZCL HVAC attribute registration.
Fixed bug in ZCL command ID field registration.
Update Manufacturer Codes and Profile Ids to ZigBee-053874r26 Oct 2014
Fixed broken fragmented ZigBee packet collection and reassembly
Use protocol fields for Thermostat schedule transitions.
Added support for Key Establishment Cluster (CBKE) at SE 1.2a
Updated Message cluster to SE 1.2a spec
Added attribute reporting status which is common to all SE 1.2a clusters
Added SE 1.2a tunnel cluster support
ZigBee Smart Energy (SE) decryption appears to have been broken for some time. For SE you do not know the Link Key until after successful completion of Key Establishment and then manually enter it into preferences. Entry in preferences was broken such that when the new Link Key was entered all existing link keys would be lost. This lead to the loss of the Network Key as well when the Transport Key message was re-processed without the Pre-Configured Link Key. The Link Key 'key ring' has been moved to the UAT post-update callback so that it will always be updated correctly after changes to the link keys in preferences
The attribute reporting status attribute which is common to all SE clusters was accidentally shared, now each cluster has it's own instance
ZigBee security added key display for decrypted packets
ZigBee Security Preferences fixed UAT type for Label so key label is editable again
Added definition for Retail Service profile
Added dissection for profile-wide (General Command Frame) commands when the profile is unknown
Added zbee-zcl-misc.c to precommit check whitelist as it contains ias and hvac clusters avoiding proliferation of too many small files
Change-Id: I53d85ba9d782db6a0e7e78c51b0bc7cdcdbca3ad
Reviewed-on: https://code.wireshark.org/review/5565
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Use by MACSec
Change-Id: I27eee40ddc476435aecd57711c1b3597c2049901
Reviewed-on: https://code.wireshark.org/review/5751
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Have dissectors register their desire to be part of "color" conversation filters and have the GUI use that registered list. GUI actually using API will come in a separate commit.
Change-Id: I5ffe922d97894fe7bf3182056b76ab5839a9461a
Reviewed-on: https://code.wireshark.org/review/5658
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add Telephony menu items for VoIP Calls and SIP Flows. Put VoIP Calls at
the top, since that seems to be the primary item.
Add configure-time checks for QtMultimediaWidgets in anticipation of
adding a VoIP playback dialog.
Add an icon for the playback button. (Yes, I've been avoiding
GNOME-level gratuitous icons so far but this is one of the rare
occiasions where it makes sense.)
Add a help link define for the VoIP calls dialog.
Change-Id: I5d0799685c598ad9af76fe9667f8ea7d14b66050
Reviewed-on: https://code.wireshark.org/review/5674
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
no ethertype 0x8203-0x8205 support in trunk.
0x8204 is QNX OS VER 6's qnet ethernet protocol number.
Bug:3934
Change-Id: I5f3e910876bb7fb86de2111f856d026fdf220917
Reviewed-on: https://code.wireshark.org/review/2954
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
RFC draft http://www.ietf.org/id/draft-fox-tcpm-shared-memory-rdma-05.txt
used as reference for packet dissection.
A small change was made to packet-infiniband, to add the Queue Number to the
info column. This allows for easy indentification of session traffic for a
particular QP.
Also: infiniband: tvb_length() --> tvb_captured_length()
Bug: 10715
Change-Id: I774ceffaa5c271cb6a28ab4ed21e53cd42f2547b
Reviewed-on: https://code.wireshark.org/review/5386
Petri-Dish: Bill Meier <wmeier@newsguy.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Put the low-level print stream code from epan/print.c into
epan/print_stream.c, leaving the higher-level stuff in print.c
Change-Id: Iae961f168ec655a29f434257b1af0937fca9f025
Reviewed-on: https://code.wireshark.org/review/5436
Reviewed-by: Guy Harris <guy@alum.mit.edu>
The intent is to handle more than just command-line arguments; reflect that.
Change-Id: Ia10efda85a9d11c6579d1bec6f789cee30d9e825
Reviewed-on: https://code.wireshark.org/review/5304
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Provides dissection for the elasticsearch protocol. This includes full
dissection of the multicast discovery protocol, the HTTP query interface
and partial dissection of the binary protocol.
Change-Id: I738fb498976e44fa05168c2bc3a7e842a9e96df9
Reviewed-on: https://code.wireshark.org/review/4948
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
For the moment there is only the lzxpress compression used by DRS
Bug: 10546
Change-Id: Ifc7e1767934224c0198f0b09caa3efbad979ca1f
Reviewed-on: https://code.wireshark.org/review/4600
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Include new Couchbase Server 3.0 DCP support
Change-Id: I38d0edd7d135a92c130a60dab650aef0ab1205be
Reviewed-on: https://code.wireshark.org/review/2956
Reviewed-by: Michael Mann <mmann78@netscape.net>
Previoulsy added "adb_cs" is only for adb client <-> adb daemon communication
by loopback interface (by TCP). But there is also communication between
adb daemon and device (by TCP or USB). This transport protocol is different, but
now support is done.
ADB services are shared between ADB and ADB_CS so put them into "adb_service"
dissector. There is still some services to be added.
Change-Id: I754331d3dc6ccf3c17445f5563d01cf2fe1489c7
Reviewed-on: https://code.wireshark.org/review/4651
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
Bug: 10534
Change-Id: Id56008da0c21a5f3a0309cdf21aff287c7820dcf
Reviewed-on: https://code.wireshark.org/review/4372
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Bug: 8673
Change-Id: I4e8270c76291d6ea0e0187f00a342804275f2c11
Reviewed-on: https://code.wireshark.org/review/4547
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
x11 dissector don't have longer warning !
and fix different between Autotools and CMake (about gsm_a_common dissector)
Change-Id: Id9da62d84b8b0bb4b0ed5d8fc62abba4e2442ed2
Reviewed-on: https://code.wireshark.org/review/4621
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Now mapi and drsuapi build without warning !
Change-Id: Iae19af2fd06fd998a13696ba2adf6cd12d311f58
Reviewed-on: https://code.wireshark.org/review/4619
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
draft-kouvelas-lisp-rloc-membership-00 specifies 9 new LISP control
message types using TCP transport instead of UDP (which is used by all
existing messages). These new messages are related to each other and
are used to exchange RLOC membership information between a tunnel router
and a map server.
Bug: 10494
Change-Id: I129f0d6344693092bd5d0efb06b025e89fd26bf2
Signed-off-by: Lorand Jakab <ljakab@ac.upc.edu>
Reviewed-on: https://code.wireshark.org/review/4253
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Fix -Wunused-function (Add functions to mdssvc.cnf with NOEMIT)
* Remove dissector DCERPC mdssvc from DIRTY list
Change-Id: Ic097b0067a44fcfd9298ace1abeb7ca8f0daf00b
Reviewed-on: https://code.wireshark.org/review/4346
Reviewed-by: Anders Broman <a.broman58@gmail.com>
* Fix -Wunused-function (Add functions to lsa.cnf with NOEMIT)
* Remove also some MANUAL function (no unused too..)
* Remove dissector DCERPC lsa from DIRTY list
Change-Id: I7b7f924f244757207f378b8650b8dd30e739da08
Reviewed-on: https://code.wireshark.org/review/4325
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Fix -Wunused-function (Add functions to eventlog.cnf with NOEMIT)
* Remove dissector DCERPC eventlog from DIRTY list
Change-Id: I29710ce4f548a6e4d9bf1dd6e652acf1eeaddf2c
Reviewed-on: https://code.wireshark.org/review/4324
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Fix -Wunused-function (Add functions to dnsserver.cnf with NOEMIT)
* Remove dissector DCERPC dnsserver from DIRTY list
Change-Id: Id1d4f43784bfbf417156353fd3254375365c35c8
Reviewed-on: https://code.wireshark.org/review/4323
Reviewed-by: Michael Mann <mmann78@netscape.net>
* Fix PIDL generator for NOEMIT Element (fix -Wunused-function for DCERPC winreg dissector)
* Fix indent (use tabs)
* Remove DCERPC winreg dissector from DIRTY list
Change-Id: I5d16cbfe8481a5e5f7e5df9b51735c93ae4375a7
Reviewed-on: https://code.wireshark.org/review/4322
Reviewed-by: Michael Mann <mmann78@netscape.net>
Added a new dissector for the Dynamic Source Routing (DSR) protocol (RFC 4728)
It should correctly dissect all DSR packets, including the "Flow State
Extension" DSR packets.
See Bug #10499 for capture file
Change-Id: Ie33a1a2fe095cab19d5abfbfa8e1c79fec664a35
Reviewed-on: https://code.wireshark.org/review/4251
Reviewed-by: Bill Meier <wmeier@newsguy.com>
If it is used, there is a modified file in git.
Fix this by only including the file if it exists.
Other changes:
- Rename the existing Custom files to CMakeListsCustom.txt.example.
- Move the plugins custom file to the top level (same level as its
including parent).
- Optionally allow a list of custom includes instead of the default one.
Change-Id: I8960eac6222f741c045055d43d1d5a2d4979caf6
Reviewed-on: https://code.wireshark.org/review/4163
Reviewed-by: Jörg Mayer <jmayer@loplof.de>
S7 Communication is a Siemens proprietary protocol that runs between
programmable logic controllers (PLC) of the Siemens S7-300/400 family.
Dissector T.125 has to be disabled to let this dissector work.
Change-Id: I578cf270a4ae567f8e20dbabec1ce1e13fc08e6e
Reviewed-on: https://code.wireshark.org/review/3777
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
All credit for development should go Qiaoyin Yang
CP2179 protocol is a serial based protocol. The 2179 protocol is implemented with minor variations between vendors.
The RTAC implemented the 2179 client supporting a limited function codes and command codes. The RTAC doesn't support
multiple function codes in a single request and the dissector also doesn't support decoding these or corresponding responses.
Bug:10285
Change-Id: I217bf4185c52b0b183f69b3b5aa84613340d3944
Reviewed-on: https://code.wireshark.org/review/3089
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Use it in the MBMS synchronisation protocol dissector, rather than
calling tvb_get_ptr() there.
Change-Id: I7ddb3c6b30547826cb5372352c7c483d8a24dc8e
Reviewed-on: https://code.wireshark.org/review/3514
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Have the wsutil routine just accumulate the stuff from the buffer handed
to us. Have the IUUP dissector deal with the extra stuff. Add a
update_crc10_by_bytes_tvb() routine, which is passed a tvbuff, offset,
and length, and use that rather than using tvb_get_ptr() in dissectors.
Change-Id: Iadd0823c764080e60d1339abb94d2e19150eabfe
Reviewed-on: https://code.wireshark.org/review/3509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Wireshark already supports reading and writing logcat
logs saved in binary files. Binary format, although
better, is used less often than saving those logs to
text files.
This patch extends wireshark's support for android logcat
logs to reading and writing logcat logs in text files.
Features:
* support for tag, brief, process, thread, time, threadtime
and long formats
* saving in original format
* it's generally awesome
Change-Id: I013d6ac2da876d9a2b39b740219eb398d03830f6
Reviewed-on: https://code.wireshark.org/review/1802
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is the first version of a Ceph dissector. It is not complete but
is far enough along to be helpful to many people working with Ceph.
Currently the dissector can fully dissect the Ceph protocol and has
support for full dissection of most common messages. For the other
messages for which full dissection is not available their metadata is
parsed and shown along with the raw data of the different message
sections.
Change-Id: Ic7917a3d01148c6fe2f9ea2c13ecd09ecc06c2d7
Reviewed-on: https://code.wireshark.org/review/1889
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Bug: 10282
Change-Id: Id3e53c53d024a74df0dfb5254e26d4594eb2e9a4
Reviewed-on: https://code.wireshark.org/review/3036
Reviewed-by: Michael Mann <mmann78@netscape.net>
Refactor (non-GUI) conversation table functionality from gtk/Qt to epan. Also refactor "common GUI" conversation table functionality.
The idea is to not have to modify the GUI when a dissector adds a new "conversation type"
Change-Id: I11f08d0d7edd631218663ba4b902c4a4c849acda
Reviewed-on: https://code.wireshark.org/review/3113
Reviewed-by: Gerald Combs <gerald@wireshark.org>
For each displayed packet list row, save a copy of or a pointer to
column strings similar to ui/gtk/packet_list_store.c. This lets us call
epan_dissect_run only once per row.
Bug: 9511
Change-Id: I17e8ebeb5ed70518c9047413c3b2a46f01e904ef
Reviewed-on: https://code.wireshark.org/review/2752
Reviewed-by: Anders Broman <a.broman58@gmail.com>
wsutil contains the only code that uses version.h; make the dependency
explicit, to see whether that fixes the current build issues with Debian
packaging.
Also, get rid of all *other* dependencies on gitversion.
Change-Id: I89fa5e4112633b83a1a7dfa349bc337e3688575f
Reviewed-on: https://code.wireshark.org/review/2823
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Profling SIP shows that gperf generated hashing code, is
3 times faster than using GHashTable & g_str_hash/_equal()
This result in about 1% improve of whole dissection (sip traffic with filter).
Change-Id: Id6bf64bacd872e2d1c30a1b6356db444b25ba326
Reviewed-on: https://code.wireshark.org/review/2116
Reviewed-by: Anders Broman <a.broman58@gmail.com>
bug: 6071
Change-Id: If7b544a762df10ffc13aeaf8886cf74a1757c37c
Reviewed-on: https://code.wireshark.org/review/2512
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
From Masatake YAMATO
changes in patch3 (Masatake YAMATO):
* Fix a typo(s/Sequnce/Sequence/)
* Use variable len instead of a number literal
* Put _U_ marker to length parameter of dissect_corosync_totemsrp_ip_address
* Use tvb_report_length instread of tvb_length
changes in patch5 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Adapt to new dissector_try_heuristic interface
+ pass hdtbl_entry argument to dissector_try_heuristic.
* packet-corosync-totemnet.c: Initialize corosync_totemnet_port to 5405
changes in patch6 (Masatake YAMATO):
* packet-corosync-totemsrp.c: Use tvb_reported_length instead of tvb_length.
* packet-corosync-totemsrp.c: Remove unnecessary trailing space in string literals.
* packet-corosync-totemnet.c: Remove SVN Id tag in a comment.
changes in patch8 (Masatake YAMATO):
* packet-corosync-totemnet.c: Remove SVN Id tag in comment(again).
* packet-corosync-totemsrp.c: Use val_to_str_const instead of val_to_str.
changes in patch9 (Masatake YAMATO):
* wsutil/sober128.[ch]: New files derived from packet-corosync-totemnet.c.
Decryption code is moved here.
* packet-corosync-totemnet.c: Remove all decryption code from this file.
Change-Id: Id832d9c5ce1be1668c857c9bbf39e8a84c31880c
Reviewed-on: https://code.wireshark.org/review/725
Reviewed-by: Evan Huus <eapache@gmail.com>
Added KCS and TMode protocol dissectors.
Request/response logic has been revised.
Saved request data logic has been revised.
Added Get Message command response dissector.
Added missing PICMG command dissectors.
Added new PICMG command dissectors.
Added new PPS OEM command entries.
Added VITA 46.11 command dissectors.
From: Bill Meier:
- refs to value_strings/range_strings in hf[] entries, by convention, should use VALS/RVALS macros;
- refs to true_false_strings should use TFS(&...) macro.
also: true_false_string definitions should not be defined as arrays.
- remove some unneeded #includes (packet-ipmi.c).
- Do some re-indentation.
- Add editor-modelines as needed.
bug: 10004
Change-Id: Ib269b35784c0b70892d1e0111bcfb483ea64092c
Reviewed-on: https://code.wireshark.org/review/1185
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Add a dissector table for the 802.3 "slow protocols" subtype, split the
dissectors for those protocols into separate files, and have them
register in that dissector table.
Remove some unnecessary #includes while we're at it.
Change-Id: Ic36c9c255efdd348055fa4f21fd6cc094f74e378
Reviewed-on: https://code.wireshark.org/review/1891
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: I8e20917ac08e2349caf330ee967d24d7c738bb71
Reviewed-on: https://code.wireshark.org/review/1815
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Add a dissector for pcap-ng file-type-specific blocks; it creates a
dissector table using the block type as the key, attempts to call the
appropriate dissector using that table, and does a minimal dissection if
that fails.
Change-Id: I67e139f06ba88d40faa5b4ab169e8df08f5bfe7b
Reviewed-on: https://code.wireshark.org/review/1784
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This doesn't appears to be "autogenerated", and it certainly isn't the biggest dissector even after the merge. This avoid file pollution, makes less non-static variables/functions and makes the check* scripts job easier.
Change-Id: If94857e4a3e602c3d45201b1aebbf466ba3e1dd1
Reviewed-on: https://code.wireshark.org/review/1597
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Described in:
Robertson, W., and Ross, P., Extending the Wireshark Network Protocol Analyser
to Decode Link 16 Tactical Data Link Messages, Defence Science and Technology
Organisation, January 2014. DSTO-TN-1257.
Change-Id: Ie4b1228ef112e56b3ab975d0c9254fa468b90cc2
Reviewed-on: https://code.wireshark.org/review/1551
Reviewed-by: Michael Mann <mmann78@netscape.net>
Instead of forcing developers to generate sminmpec.c (which will have
different results depending on the presence or absence of a working
Internet connection) add sminmpec.c back to the repository. I'll add
it to the weekly update-numbers script so that it will be updated at
the same time as manuf, services, enterprise-numbers, and usb.c.
Change the Autotools, CMake, and Nmake sminmpec.c target name to
"update-sminmpec".
Remove the mtime check from make-sminmpec.pl. Update enterprise-numbers
and sminmpec.c while we're here.
Tested with an in-tree Autotools build and an out-of-tree CMake build.
Change-Id: Iecc332ce2731e3e98ab0205a56c78807e599a026
Reviewed-on: https://code.wireshark.org/review/1516
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
This dissector dissects MA USB Packets. It is capable of dissecting
Media Agnostic packets both in a TCP stream as well as packets sent
over SNAP (referred to in spec as "Raw Ethernet" mode).
Change-Id: I3ad4e1beb891f9c2835adff320095e7e738241eb
Signed-off-by: Sean O. Stalley <sean.stalley@intel.com>
Reviewed-on: https://code.wireshark.org/review/1252
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
For packet-scope allocation, there's no need to support realloc(), free()
cause memory will be garbage collected after packet dissection.
(and this allocator is much faster than full block allocator).
Change-Id: I73fdf708c3077f48f55bdcc71f4fa859e4ac2335
Reviewed-on: https://code.wireshark.org/review/1428
Reviewed-by: Anders Broman <a.broman58@gmail.com>
See IEEE Standard 802.3-2012 Section 5, Clause 65 and CableLabs DPoE
Security and Certificate Specification 1.0, Section 6.
Currently dissects 1G mode. 10G mode will be added when hardware is
available.
Change-Id: I6232af9bf6807644ef66a120d97e5fa5927988fe
Reviewed-on: https://code.wireshark.org/review/1284
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
it no longer has any warnings
This reverts commit 30c9f421c0.
Change-Id: I5cc71f905ffa4f00ffb44ad7d03b2684c2e44e38
Reviewed-on: https://code.wireshark.org/review/1316
Reviewed-by: Evan Huus <eapache@gmail.com>
As pointed out by David Ameiss, I only did automake the first time round.
Change-Id: Ie72ab5014d8f21d194d15af430c6c0a8a612f5f7
Reviewed-on: https://code.wireshark.org/review/1309
Reviewed-by: Evan Huus <eapache@gmail.com>
This has two expected uses:
- Many current users of wmem_tree don't actually need the predecessor lookup
it provides (the lookup_le function family). A hash map provides straight
insertion and lookup much more efficiently than a wmem_tree when predecessor
lookup isn't needed.
- Many current users of glib's hash table and hash functions use untrusted data
for keys, making them vulnerable to algorithmic complexity attacks. Care has
been taken to make this implementation secure against such attacks, so it
should be used whenever data is untrusted.
In my benchmarks it is measurably slower than GHashTable, but not excessively
so. Given the additional security it provides this seems like a reasonable
trade-off (and it is still faster than a wmem_tree).
Change-Id: I2d67a0d06029f14c153eaa42d5cfc774aefd9918
Reviewed-on: https://code.wireshark.org/review/1272
Reviewed-by: Evan Huus <eapache@gmail.com>
Change-Id: I332bd690be67c908067c12e570f993565de98aed
Reviewed-on: https://code.wireshark.org/review/1159
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: Ia582732ee27ce9c1e4280afef5a6b3e3be959d23
Reviewed-on: https://code.wireshark.org/review/1127
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: If8fcfe1971c8863f370e440f64c36eb7566f6852
Reviewed-on: https://code.wireshark.org/review/113
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I8832c139938e767de71b2cc74ca41208f509e478
Reviewed-on: https://code.wireshark.org/review/959
Reviewed-by: Michael Mann <mmann78@netscape.net>
There is confusion about API usage, and problems on my part concerning whether
keys should be compared signed or unsigned, and how to do that efficiently.
Unsigned keys in particular were behaving oddly.
Change-Id: I075693bbd04c15f79f24f9a24006003a914cc572
Reviewed-on: https://code.wireshark.org/review/924
Reviewed-by: Evan Huus <eapache@gmail.com>
It automatically works for LINKTYPE_PKTAP and, by default, for
LINKTYPE_USER2; if any other dissector is specified for LINKTYPE_USER2,
that dissector overrides PKTAP.
Change-Id: Ic00ac8a81c6101e45d638d337aef42df3920da12
Reviewed-on: https://code.wireshark.org/review/903
Reviewed-by: Evan Huus <eapache@gmail.com>
(Using sed : sed -i '/^\# \$Id\$/,+1 d') (start with dash)
Change-Id: Ia4b5a6c2302f6a531f6a86c1ec3a2f8205c8c2dd
Reviewed-on: https://code.wireshark.org/review/881
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This is a tree implementation intended to replace the current red-black tree in
wmem_tree (which was inherited from emem), assuming there are no regressions.
Splay trees bubble recently accessed keys to the top, and as such have a number
of very nice properties: https://en.wikipedia.org/wiki/Splay_tree
This implementation is a variant known as "independent semi-splaying", which has
better practical performance. It should do about as well as the red-black tree
for random insertions and accesses, but somewhat better for patterned accesses
(such as accessing each key in order, or accessing certain keys very
frequently).
There are a few other changes relative to the red-black tree implementation that
are worth mentioning:
- Instead of requiring complex keys to be split into guint32 chunks and doing
this weird trick with sub-trees, I let the keys be arbitrary pointers and
allowed the user to specify an arbitrary comparison function. If the function
is NULL then the pointers are compared directly for the simple integer-key
case.
- Splay trees do not need to store a red-black colour flag for each node. It is
also much easier to do without the parent pointer in each node. And due to
the simpler system for complex keys, I was able to remove the "is_subtree"
boolean. As such, splay nodes are 12 bytes smaller on 32-bit platforms, and
16 bytes smaller on a 64-bit platform.
All done in about half the lines of code.
Change-Id: I89fb57e07d2bb7e3197190c7c2597b0c5adcc03b
Reviewed-on: https://code.wireshark.org/review/758
Reviewed-by: Evan Huus <eapache@gmail.com>
Commit includes dissector code for lg8979 as well as additions to RTAC Serial code to call dissector when required.
See bug report 9874 for further details and sample pcap files
UPDATE1: L&G 8979 commit for addressing comments from Anders and Alexis and added Cmakelists.txt
UPDATE2: address further comments from Alexis re. proto_item_set_text / proto_item_add_text entries. Also add modelines
UPDATE3: fix compilation error noted by Alexis
UPDATE4: address proto_tree_add_* comments from Michael
Change-Id: I6e69d2b7b7e91e6efa12e4a5fb7dbd140c0540ed
Reviewed-on: https://code.wireshark.org/review/610
Reviewed-by: Michael Mann <mmann78@netscape.net>
Change-Id: I6eee13cda755b1f1d1a61288a6314fcebb681efb
Reviewed-on: https://code.wireshark.org/review/180
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Adds support for BLUETOOTH_LE_LL_WITH_PHDR, dissector integrates with existing
BTLE dissector.
Fixes BTLE dissector to correctly extract packet CRC.
Adds CRC checking to BTLE dissector.
Provides optional context to BTLE dissector that allows RF captures to provide
link-layer hints for dissection details. Significantly, parameters for
determining CRC correctness are provided, as well as Access Address validity
information.
Change-Id: I7d4936b053353a7f9c524021c01f67f5828253fb
Reviewed-on: https://code.wireshark.org/review/310
Reviewed-by: Anders Broman <a.broman58@gmail.com>
ADB Client-Server Protocol is protocol between adbd
(ADB Daemon aka Server) and adb client (aka adb).
Typically you can find it on "lo" interface over TCP protocol.
Change-Id: Iad008560c983f5ede554e1eaa728d703aae95eed
Reviewed-on: https://code.wireshark.org/review/233
Reviewed-by: Evan Huus <eapache@gmail.com>
Rename "SVNPATH" to "GITBRANCH" since that seems more appropriate.
Rename "svnversion.h" to "version.h" as Evan suggested. Update some
URLs. In make-version.pl, make sure we don't set an improper upstream
branch name. Use the number of commits + short hash from `git describe`
for package names by default.
Change-Id: I922bba8d83eabdf49284a119f55b4076bc469b96
Reviewed-on: https://code.wireshark.org/review/139
Reviewed-by: Gerald Combs <gerald@wireshark.org>
There is no public spec, based only on analyze of packet
It is more easy to found the address IP of Intant AP
Change-Id: I3baf205c5e4ad699b954f4a9fbf4b9e65f82cb36
Reviewed-on: https://code.wireshark.org/review/121
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
messages on the Data Display Channel (DDC)
this dissector is available as an option for I2C messages
it handles EDID messages (Extended Display Identification Data)
and passes HDCP messages on to the HDCP dissector
Change-Id: Ia8d8e73c36e2a1ad560b911dd4c1c9f34997b5c2
Reviewed-on: https://code.wireshark.org/review/63
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Tested-by: Martin Kaiser <wireshark@kaiser.cx>
New Dissector For Lightweight Mesh protocol
A dissector for ATMEL Lightweight Mesh protocol (lwm).
The protocol is carried on the top of 802.15.4 frame.
From me:
* Add Modelines info
* Fix indent (use 4 spaces)
* Remove trailing whitespace
svn path=/trunk/; revision=54856
From Michal Labedski
1. add support for new btsnoop "format" introduced by BlueZ team in "btmon" tool
2. Bluetooth: Make EIR, AD and COD more generic
3. Bluetooth: HCI/LL: Update Error Codes to Core 4.1 Specification
4. Ubertooth: Fix response command handling
5. Ubertooth: Update to support firmware version
6. Ubertooth: Dissect by Vendor Id/Product Id
svn path=/trunk/; revision=54699
dissector for Novell's PKIS certificate extensions
from me
clean up the $Id$ tags
remove packet-pkis(-template).h
remove ASN.1 definitions that cause compiler warnings
(OID, SecurityLabelType2)
move the dissector to the clean ASN.1 dissectors
support CMake build
change the name to novell_pkis
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9597
svn path=/trunk/; revision=54508
USB: Add support for Bluetooth Ubertooth with initial version of Low Energy Link Layer protocol and NFC ACR122
NFC: Add ACR122 USB dongle dissector
ACS ACR122 is compatibile with PN532, but has its own API. Dissect it.
svn path=/trunk/; revision=54406
USB: Add support for Bluetooth Ubertooth with initial version of Low Energy Link Layer protocol and NFC ACR122
Bluetooth: Add support for Low Energy Link Layer dissector
svn path=/trunk/; revision=54405
USB: Add support for Bluetooth Ubertooth with initial version of Low Energy Link Layer protocol and NFC ACR122
USB: Add support for Ubertooth dissections
svn path=/trunk/; revision=54402
knowledge of particular types of plugins. Instead, let particular types
of plugins register with the common plugin code, giving a name and a
routine to recognize that type of plugin.
In particular applications, only process the relevant plugin types.
Add a Makefile.common to the codecs directory.
svn path=/trunk/; revision=53710
This may break easy_codec plugins, but it appears a better/more consistent way is needed to register codecs. See Guy's comments in bug 7893 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7893)
svn path=/trunk/; revision=53686
From İbrahim Can Yüce
From me: Update to new tcp_dissect_pdus format, minor whitespace issues noticed in wiretap files.
svn path=/trunk/; revision=53669
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog.
This patch includes just the dissector portion of the functionality (minus packet-dcerpc.[ch] because it has hooks to the current GUI)
svn path=/trunk/; revision=53445
dissector for Kyoto Tycoon binary protocol
from me:
make port range preference work
highlight the correct bytes for records
remove trailing commas
correct(?) 64->32 cast
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9418
svn path=/trunk/; revision=53383
(both using Linux) it's time to be able to play with
the new HFI code.
Run cmake with -DHAVE_HFI_SECTION_INIT and you are good to go.
svn path=/trunk/; revision=53155
data files (diameter/*, COPYING, manuf) when running *shark from the
build directory.
Do this by passing in the top-level source directory as a compile-time
definition (unfortunately this has to be in the top-level Makefile too because
some programs link directly with epan/filesystem.c).
The plugins dir is no longer below the datafile directory but rather the
progfile directory (if we have one). Handle the special case of AUTHORS-SHORT
(a data file but a generated one) by checking the file name before building
the path.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5664
svn path=/trunk/; revision=52940
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9324
From me:
1. Move certain global vars to local storage in dissect_tfp_common()
2. Declare all remaining global vars as static;
3. Fix some bugs:
- base58_encode() needed to be called before call to col_add_fstr()
- display of UID string in tree was being truncated to 4 characters
4. Cleanup whitespace: use consistent indentation (tabs); remove trailing whitespace;
5. Add editor modelines
svn path=/trunk/; revision=52931
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8818
Add support for dissection ELF files. It opens as a "capture" file via wiretap
at the moment for simplicity's sake, but the intention is eventually to have
this (and other file types we dissect) open through some other program sharing
much of the libwireshark infrastructure.
svn path=/trunk/; revision=52775
Didn't integrate
0010-frsrpc-Regenerate-frsrpc-due-to-changes-in-the-pidl-.patch
0016-Regenerate-the-dnserver.patch
due to compilation errors on Windows.
svn path=/trunk/; revision=52744
epan/dissectors/packet-s5066sis.c, to clarify that it's not for STANAG
5066 as a whole, but just for the Subnetwork Interface Sublayer.
There's currently an enhancement to support the Data Transport Sublayer,
which adds a epan/dissectors/packet-s5066dts.c file.
svn path=/trunk/; revision=52348
Substantial enhancements to MQ protocol: all Structure, MSG_REQUEST/ASYNC_RESP,
MQ Multi Segment are decoded until version 7.1/7.5
svn path=/trunk/; revision=52085
TODO :
* Support HTTP Header Compression (draft-ietf-httpbis-header-compression)
* Enhance display of Data
* Reassembling of continuation frame (and other frame)
* Add same tap and ping/pong time response
svn path=/trunk/; revision=51591
Dissector for the Sippy RTPproxy controlling protocol. RTPproxy is a well-known
(among SIP-engineers) application and it operates using its own simple
text-based protocol. There are several competing products but all of them
implements it (sometimes slightly extending).
svn path=/trunk/; revision=51417
Rename packet-cmd.c to packet-cisco-metadata.c .
Assign copyright to the author.
Also add the dissector to cmake (oops, should have been in r51198!).
svn path=/trunk/; revision=51226
Dissector for Stanag 4607 protocol.
From me:
- don't add expert info under if (tree)
- simplify loop and overflow checking
svn path=/trunk/; revision=51131
The overhead is not large, and it makes append much faster (O(1) vs O(n)).
It also will make a queue easy to add, which I need for a dissector I'm
writing...
svn path=/trunk/; revision=50744
there and moving it avoids having to recompile the file for use in editcap
and mergecap (which don't link against libwireshark).
svn path=/trunk/; revision=50650
Before:
user0 - USER 0
user1 - USER 1
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
After:
user0 - USER 0
user1 - USER 1
user2 - USER 2
user3 - USER 3
user4 - USER 4
user5 - USER 5
user6 - USER 6
user7 - USER 7
user8 - USER 8
user9 - USER 9
user10 - USER 10
user11 - USER 11
user12 - USER 12
user13 - USER 13
user14 - USER 14
user15 - USER 15
svn path=/trunk/; revision=50482
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8718
More zigbee dissection, adding the following clusters:
- appliance identification
- meter identification
- appliance statistics
- appliance events and alert
svn path=/trunk/; revision=50202
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8718
Move zbee-on-off to zbee-general in preparation to avoid an enormous number of
small files when adding dissection for more zbee cluster types.
svn path=/trunk/; revision=50078
From Uli Heilmeier
CARP shares the same protocol ID as VRRP (and VRRP's is IANA registered), so heuristics are provided. VRRP and CARP are very similar, so I'm not sure having heuristics for both dissectors will help CARP.
svn path=/trunk/; revision=49931
Some Notes:
1. Converted to "new style" dissectors with data being passed between dissectors
2. Combined header files into one since there wasn't much that should have really been in the header files. Implemented functionality is in c module of respective dissector.
Not sure if LCT preferences should just be in the LCT dissector and not the RMT-ALC "parent", but kept for backwards compatibility.
svn path=/trunk/; revision=49555
Dissector for PTP-over-IP (picture transfer protocol). PTP-over-USB also exists
but is not identical, so some parts of the dissector are shared for future use.
svn path=/trunk/; revision=49221
recurring callbacks, I suspect most other potential uses will be once-only, so
make that possible, and improve the documentation on the remaining issues.
Also separate out the code into its own files and the testing into its own
test case.
svn path=/trunk/; revision=49209
of the binary dir. Fixed that.
NOTE: It fails with and without this patch for out of tree builds:
jmayer@egg:~/work/wireshark/svn/build/qt-gtk3> make dumpabi
[ 1%] Built target wsutil
[ 1%] Generating libwsutil.abi.tar.gz
ERROR: can't find modules
cp: cannot stat `abi_dumps/libwsutil/libwsutil_*': No such file or directory
make[3]: *** [wsutil/libwsutil.abi.tar.gz] Error 1
make[2]: *** [wsutil/CMakeFiles/dumpabi-libwsutil.dir/all] Error 2
make[1]: *** [CMakeFiles/dumpabi.dir/rule] Error 2
make: *** [dumpabi] Error 2
jmayer@egg:~/work/wireshark/svn/build/qt-gtk3>
svn path=/trunk/; revision=49014
------------------------------------------------------------------------
r47064 | cmaynard | 2013-01-14 16:39:38 +0100 (Mo, 14 Jan 2013) | 2 lines
packet-ncp2222.c -> dissectors/packet-ncp2222.c
------------------------------------------------------------------------
r47078 | gerald | 2013-01-14 21:05:24 +0100 (Mo, 14 Jan 2013) | 2 lines
Put packet-ncp2222.c in epan/dissectors. This matches Makefile.am's behavior.
------------------------------------------------------------------------
The first commit tried to make cmake behavior mimic autofoo behavior while
it should be the other way round: out of tree builds fail with packet-ncp2222.c
generation with autofoo.
The second commit just fixed the first one.
svn path=/trunk/; revision=49008
dissector for ISO 10747 Inter Domain Routing Protocol
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8562
from me:
check for negative return value of tvb_reported_length_remaining()
remove unused hf entries
add modelines
don't initialise variables unless it's necessary
make idrp a new-style dissector
svn path=/trunk/; revision=49002
New dissector for PULSE protocol for Linux Virtual Server redundancy
very small dissector for PULSE protocol for Linux Virtual Server redundancy.
About pulse, see http://sourceware.org/piranha.
From me :
Add Modelines info
Replace tab by space
svn path=/trunk/; revision=48773
Merged packet-rtps.c and packet-rtps2.c into a single dissector. It appears packet-rtps2.[ch] "API" needs to be externally available, otherwise I would have rolled (the newly merged) packet-rtps.h into packet-rtps.c as well.
Converted many of the remaining proto_tree_add_text to proto_tree_add_item/expert_info and cleaned up the manual string manipulation so checkAPIs.pl is happy.
Added a "cooked" capture file to the SampleCaptures page on the wiki for future fuzztesting/regression.
svn path=/trunk/; revision=48727
Dissector for NASDAQ's OUCH 4.x protocol.
From me:
- fix svn Id tag
- g_snprintf includes the null-terminator in its len count, so the buffer
only has to be ITEM_LABEL_LENGTH, not (ITEM_LABEL_LENGTH + 1).
svn path=/trunk/; revision=48479
Dissector for NASDAQ's SoupBinTCP protocol (which is non-trivially different
from the old packet-nasdaq-soup dissector).
From me:
- fix CMake entry
- remove C++-style comments
- fix SVN Id tag
svn path=/trunk/; revision=48452
(removed in r48218) which did nothing particularly useful. Also lets us remove
another debugging environment variable.
svn path=/trunk/; revision=48219
New dissector for the honeypot-feeds protocol.
From me: Misc. tweaks to expert info layout and remove a few unneeded initializers.
svn path=/trunk/; revision=47962
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
Support all PDU Type (IPv4/6 Prefix, Serial Notify/Query...)
Not supported the packet with a lot of PDU (fragmentation)
svn path=/trunk/; revision=47470
As part of a semster project in our 3rd semester of
"secure information systems" at the university of
applied sciences upper austria, we built a wireshark
dissector for the OpenVPN protocol.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8240
From me:
Rework reassembly code and tree display of
message fragments and reassembled messages.
Fix various bugs and do some cleanup.
Also: Do minor whitespace changes in AUTHORS.
svn path=/trunk/; revision=47247
Dario Lombardo