taps, etc., so we at least print the statistics for the packets we
*could* read.
Also, if we're printing packet data, and the standard output and
standard error are going to the same place, before printing the error
message for that error, flush the standard output and print a newline to
the standard error, so the error appears after all the packet data, and
has a newline separating it from the packet data.
This fixes bug 4845.
svn path=/trunk/; revision=33124
wtap_dump_file_write() (it does the right error checking for you, and
returns FALSE on failure and gives you the right error code).
svn path=/trunk/; revision=33117
wtap_dump_file_write(). Replace various wrappers around fwrite() with
wtap_dump_file_write(), or at least make the wrappers call
wtap_dump_file_write().
svn path=/trunk/; revision=33116
done.
Use the wtap_dump_file_ routines to write out capture files, and check
for errors.
Use the phton macros, when available, to translate to big-endian byte
order. Add a new phton24() macro.
Clean up indentation.
svn path=/trunk/; revision=33114
everybody use it; the places using the old wtap_dump_file_write() were
using it in the same way the old wtap_dump_file_write_all() did.
That also lets us get rid of wtap_dump_file_ferror().
Also, have the new wtap_dump_file_write() check for errors from
gzwrite() and fwrite() differently - the former returns 0 on error, the
latter can return a short write on error.
svn path=/trunk/; revision=33113
Remove unneeded "gtk_tree_path_free(path);" from case
"GDK_Return:" in tree_view_key_pressed_cb() that was reverted in r32957 to restore X11 functionality lost in refactored code from r32323.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4847
svn path=/trunk/; revision=33112
ones; it appears that at least one user's -ligemacintegration has both
(see bug 4823), and we should choose the new ones in that case.
Also, always set have_ige_mac if we have the functions.
Fix tpyoes while we're at it.
svn path=/trunk/; revision=33106
When specifying SA keys for AES-CTR, Wireshark expects a key length of 160, 224
or 288 bits, (i.e. 128, 192 or 256 bits, followed by the 32 bit nonce value),
but gcry_cipher_setkey() in packet_ipsec.c fails, as it expects 128, 192 or 256
bits.
Omitting the nonce won't work -- even if Wireshark liked those key lengths,
gcrypt wouldn't be able to decrypt without it.
svn path=/trunk/; revision=33105
Add the data read/write length to the NFS tree so it is filterable.
From me: don't bother incrementing the offset just to decrement it again.
Change the hf info a bit.
(Ideally the RPC dissector would add the length to the tree not as a text
item; that is left for future work.)
svn path=/trunk/; revision=33101
for example, that, if it's a TShark tap, TShark can never be run with
"-w -", as it means that TShark will always have to dissect the packets.
svn path=/trunk/; revision=33098
called GTs (if RI=GT) put in the (pinfo) source and destination (and thus into
the source and destination columns).
This may help (if the PCs change but the GT does not) or hurt (if the GT or RI
change but the PCs do not) TCAP's ability to identify which messages belong to
which TCAP "session."
svn path=/trunk/; revision=33097
destination address PC or GT (depending on the RI) put in the (pinfo) source and
destination (and thus into the source and destination columns).
This may help (if the IP addresses change but the PC or GT do not) or hurt (if
the PC, GT, or RI change but the IP addresses do not) TCAP's ability to identify
which messages belong to which TCAP "session."
svn path=/trunk/; revision=33094
New dissector (plugin) to support decode of the EPCglobal Low-Level Reader
protocol (see llrp.org for more information). This dissector has passed fuzz
testing.
svn path=/trunk/; revision=33088
Add a new dissector for the NexusWare C7 MTP over UDP/TCP protocol. One of
NexusWare's example applications provide a way to forward MTP Level 3 messages
via UDP/TCP. This is a dissector for this protocol (which is lacking an IANA
assigned port).
svn path=/trunk/; revision=33082
"The method used in packet-nfs.c to calculate a 32-bit hash representing the
32-byte filehandle is faulty in that the hash often matches multiple
filehandles."
"This patch uses CRC-32 to calculate the hash.
We (EMC GNS) have tested this patch for the past two years and we have not
found a single case where the hash matched more than one filehandle."
See Bug #4839: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4839
svn path=/trunk/; revision=33079
Avoid triggering a malformed packet error when decoding a simple UE terminated Detach Request when the EMM cause IE is not present:
svn path=/trunk/; revision=33071
Add field 'nfs.ops.count' in the detail pane of NFSv4 calls and replies that
displays the number of operations in NFSv4 COMPOUND requests/replies.
From me: change the blurb wording a bit.
svn path=/trunk/; revision=33069
Display the fsid (filesystem ID) in decimal as well as hex in the "attributes"
section of the header in NFSv3/v4 replies.
svn path=/trunk/; revision=33068