While it does make packet-sigcomp.c much bigger, there's no reason for it to be in epan directory.
Change-Id: I2d78c32de1d56e76578e610d4df586b5610d1b49
Reviewed-on: https://code.wireshark.org/review/6682
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Do not make any assumption on the endianness: not all hosts running Wireshark are little endian
Change-Id: I8792904f7000b4f2b9e44ffe41f350ba8b4932d4
Reviewed-on: https://code.wireshark.org/review/6693
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Remove in NEWS by gca174999
Change-Id: I000b7d6421db247dcafacfa73ef049e938d42cc5
Reviewed-on: https://code.wireshark.org/review/6650
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Jeff Morriss <jeff.morriss.ws@gmail.com>
Change-Id: I4d7d1826391b0ac12ef6ad184e7c79d279db5e28
Also: remove some dead initializers.
Reviewed-on: https://code.wireshark.org/review/6688
Reviewed-by: Bill Meier <wmeier@newsguy.com>
(Bugs were introduced in gf5e2b42);
Misc:
Localize a few variables;
Remove some dead initializers.
Change-Id: Ib7493740ecf29ed9f753475f721b47a64f54a278
Reviewed-on: https://code.wireshark.org/review/6687
Reviewed-by: Bill Meier <wmeier@newsguy.com>
When building an application bundle, create wrapper scripts at the top
level instead of symlinking to each executable.
Change-Id: I080e43de545a709b29c1d6b6c6ec416e5a5a8247
Reviewed-on: https://code.wireshark.org/review/6683
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Redefine PLUGIN_DIR similar to DATAFILE_DIR and use it on all
platforms. Add WiresharkPlugin.cmake so that we can start defining common
macros for plugins/*/CMakeLists.txt. Load plugins in out-of-tree builds.
Change-Id: I8c1359ed3cf8a71788b8320ff89dfe2d3969def2
Reviewed-on: https://code.wireshark.org/review/6640
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Only display dissect of Modem Capabilites when sub option = 5
Actually, it is always display when ftype == special (like sub option = 0)
Change-Id: I5b75654b750bae5ae5022adcb5e8dd055ce6b291
Reviewed-on: https://code.wireshark.org/review/6519
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Caught by ASAN (thanks Alexis!)
Change-Id: Ibbe2c405ba1a3ba0d5a5b9ffff9e95282526028b
Reviewed-on: https://code.wireshark.org/review/6652
Reviewed-by: Anders Broman <a.broman58@gmail.com>
We *do* get the absolute path of the executable, so we *could* look for
"run" right before the executable name. The issue is that there's not
the stronger libtool-imposed convention that the executable is in
".libs", so the chances of a false positive or false negative are
higher.
Change-Id: Ib2d5f370d50fee07479c4ffe6f90ba4a91c7f271
Reviewed-on: https://code.wireshark.org/review/6676
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Add a "pdb_zip_package" target similar to the NMake pdb_zip target.
Change-Id: I23d114a63fa05f722ee90b77ea458d9e496e5bf9
Reviewed-on: https://code.wireshark.org/review/6673
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Revert to the older code, but just show the time as "Not representable"
if gmtime() fails.
Change-Id: I435facc042e3ca35fb07292a4b2657ccdfd02abb
Reviewed-on: https://code.wireshark.org/review/6672
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Change-Id: Id5e5efea46e9ff6196607e56f0212fb083e8635c
Reviewed-on: https://code.wireshark.org/review/6670
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
add a length paramenter to the body dissection functions in the apdu table
Change-Id: I4abbd9078fd36385a816963ab042f443e3c26b60
Reviewed-on: https://code.wireshark.org/review/6669
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I3dc0f58b4861a08be687214cae9c6681ebcac286
Reviewed-on: https://code.wireshark.org/review/6668
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
define an apdu table with the direction, minimum length
and a fuction to dissect the apdu payload
set the source and destination address columns depending on the apdu
add some entries to the apdu table
Change-Id: I52bd15bfab7bbe6c97dfe64084e69a51e65a8a6e
Reviewed-on: https://code.wireshark.org/review/6667
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
Change-Id: I520b38ed37b2d16d9a15f57b8e83b0b59c9a528c
Reviewed-on: https://code.wireshark.org/review/6666
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
and not each time prefs are changed.
Also: do minor whitespace changes.
Change-Id: I04bfc212e288473a78113e8b124ce4a13ad74ad1
Reviewed-on: https://code.wireshark.org/review/6663
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Don't do manual conversion of a time-field to UTC using gmtime().
Use the standard Wireshark mechanisms.
Change-Id: I2eaee074a590ecab492336bb6ad794bdd036f699
Reviewed-on: https://code.wireshark.org/review/6661
Reviewed-by: Bill Meier <wmeier@newsguy.com>
For FT_ABSOLUTE_TIME fields:
Instead of calling gmtime()/mktime() to convert a time to UTC time
which is then displayed using proto_tree_add_time(),
Use ABSOLUTE_TIME_UTC as the 'display' value for the field and then
display the field using proto_tree_add_item().
Change-Id: I1926c40de76a86072437902cb7621d3873827b11
Reviewed-on: https://code.wireshark.org/review/6659
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Wrong offset (14 -> 20) to get IP Address Legnth
Issue Reported by Rui
Bug: 10873
Change-Id: Ib7aa80ac78028a2c8d548f4030278166be9ed0cc
Reviewed-on: https://code.wireshark.org/review/6657
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
ProgramFiles(x86)=C:\Program Files (x86)
Add that to the locations where we look for it. I couldn't use
ProgramFiles(x86) as a constant so put the path verbatim.
Change-Id: Ibad9d4e2544e5b3924e10c68f02e072b0012226f
Reviewed-on: https://code.wireshark.org/review/6651
Reviewed-by: Anders Broman <a.broman58@gmail.com>
With this patch we want to enable a better support of POWERLINK
as a protocol for people who have to perform network diagnostics using
analyzing tools. Up until now, the main tool used was Omnipeek.
Now wireshark will be used more and more, due to the new extcap
infrastructure, which supports debug tools to be added as capture
devices.
To better facilitate that change, we have adapted the textual
representation of the Omnipeek dissector for POWERLINK, as it
allows for a faster and simpler diagnosis routine.
Additionally the name of the protocol has been changed to it's
correct name "POWERLINK" as this is the official name used by
EPSG for describing the protocol.
Changelog:
- Add error code definitions and string values.
- Change name for protocol column to POWERLINK which is more commonly
used than EPL.
- Reformat output in info column to look like output the output of
the POWERLINK plugin for Omnipeek. This facilitates the transition
to Wireshark. The added information and changed output improves the
debugging of POWERLINK nerworks.
Change-Id: I795e2487f2ae7af6b90c29366a1843c9fabffa85
Reviewed-on: https://code.wireshark.org/review/5581
Reviewed-by: Roland Knall <rknall@gmail.com>
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
To check if a payload is json, the library libjsmn has been added to the source tree, with its licence (MIT).
TODO: the libjsmn can be used to extract tokens in the standard dissection other than heurisitic part.
HPFEEDS dissector has also been changed in order to leverage the new json dissector.
Bug: 10834
Change-Id: Ib1df2a699982dbdd2b5418e97edbdb5cbd9c8978
Reviewed-on: https://code.wireshark.org/review/6350
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
TCAP permits the changing of the originating address on the first
backwards continue (i.e. the establishment of the dialogue).
See ITU-T Q.771 (06/97) clause 3.1.2.2.2.2 Confirmation of the dialogue.
In practice, a BEGIN replied to with an END can also exhibit this behaviour.
For example, a BEGIN from GT A TID TA -> GT B,
and the reply CONTINUE from GT B2 TID TB -> GT A TID TA.
To support this, only support a single address hash in
tcaphash_begin_info_key_t and tcaphash_end_info_key_t.
The match of the first CONTINUE should find the appropriate
tcaphash_begin and create the appropriate tcaphash_end entries.
Also fix compile warning with DEBUG_TCAPSRT.
Bug: 10841
Change-Id: Ibe75e3940e757727357b20be10f9c195c5888fdd
Reviewed-on: https://code.wireshark.org/review/6446
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Changes: Number of small changes to the xml file:
- some fields being connected to the wrong message version
- some header field naming
Change-Id: I062c31777a4193de3d5c44b0ba733dd9d1702352
Reviewed-on: https://code.wireshark.org/review/6602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
some commercial IPTV streamers send bogus info in the extension headers, add some sanity check to skip the erroneous bytes.
Bug: 10513
Change-Id: I6f20073a00ed0f791fa99701534360d304060053
Reviewed-on: https://code.wireshark.org/review/6606
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
There are a few oid functions that are only called in oids_test.c. I'll presume the APIs are used in proprietary dissectors rather than just remove them.
Change-Id: I4595e00f93bf9ab8cf2493fe0432b91960f55a3f
Reviewed-on: https://code.wireshark.org/review/6592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Also, remove some no-longer-existent functions from checkAPIs.pl.
Change-Id: I2bf11e3ec03a34f9e89d58d560e340d76fd3ddc1
Reviewed-on: https://code.wireshark.org/review/6645
Reviewed-by: Guy Harris <guy@alum.mit.edu>
(The se_ stuff wasn't as contiguous as I thought.)
Also fix some comments to no longer refer to #defines for se_ stuff.
Change-Id: Ibc53e6f0f135bee9795f98550d5242e8e58afb16
Reviewed-on: https://code.wireshark.org/review/6641
Reviewed-by: Guy Harris <guy@alum.mit.edu>
