Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Ie470f6b2ffbdc156a1756466826ef6f42e54b8be
Reviewed-on: https://code.wireshark.org/review/21666
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
All cases of the "original" format_text have been handled to add the
proper wmem allocator scope. Remove the "original" format_text
and replace it with one that has a wmem allocator as a parameter.
Change-Id: I278b93bcb4a17ff396413b75cd332f5fc2666719
Reviewed-on: https://code.wireshark.org/review/19884
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows for a wmem_allocator for users of format_text who want
it (dissectors for wmem_packet_scope()). This lessens the role of
current format_text functionality in hopes that it will eventually
be replaced.
Change-Id: I970557a65e32aa79634a3fcc654ab641b871178e
Reviewed-on: https://code.wireshark.org/review/19855
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
BDAT handling takes the whole packet to add to its count of necessary
bytes, but wasn't updating the offset, so if a BDAT "data packet" had
multiple CRLF segments in it, the BDAT byte counter became inaccurate.
Bug: 13030
Change-Id: Idd44ccb95a8f4710db4546a918661c63a343260c
Reviewed-on: https://code.wireshark.org/review/19343
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
When registering preferences, make sure our titles and descriptions are
valid UTF-8. Make sure our titles are short and only contain printable
characters.
Fix problematic titles and descriptions.
Change-Id: I20d3f93438f2b3c30266f934297feb79897f2ee5
Reviewed-on: https://code.wireshark.org/review/18998
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I8f738b2e01d7f448b21cdc1b488b16b7dd581911
Reviewed-on: https://code.wireshark.org/review/16104
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It's not tied to the frame_data structure any more, so it belongs by
itself.
Clean up some #includes while we're at it; in particular, frame_data.h
doesn't use anything related to tvbuffs, so don't have it gratuitiously
include tvbuff.h.
Change-Id: Ic32922d4a3840bac47007c5d4c546b8842245e0c
Reviewed-on: https://code.wireshark.org/review/13518
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Also add expert info "hint" that base64 decoding may be disabled.
Bug: 11853
Change-Id: Ib2138ae0c70e22f311e1369c66816ff9d6fbdb82
Reviewed-on: https://code.wireshark.org/review/12734
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For now, we don't change the name of the preference, but we *do* change
the description of the preference and the name of the variable.
Change-Id: I1f80b2e7187679dca787fda5f3d06e9d30536ddc
Reviewed-on: https://code.wireshark.org/review/12444
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I28ce51f3c06f78b85792bce4a13ef39eb75d7890
Reviewed-on: https://code.wireshark.org/review/11648
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since ssl_dissector_[add|delete] only take TCP dissectors, remove the parameter and just use it within the "internal" ssl_association_add call.
Change-Id: I0fdf941389934c20cbacf910250e17520614e706
Reviewed-on: https://code.wireshark.org/review/11591
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This patch adds reassembly_table_destroy calls as cleanup function for
dissectors which have a simple init routine that just calls
reassembly_table_init (comments are ignored).
The changes were automatically generated using
https://git.lekensteyn.nl/peter/wireshark-notes/diff/one-off/cleanup-rewrite.py?id=4cc0aec05dc67a51926a045e1955b7a956757b5e
(with the if and assignment parsers disabled).
The only difference from the autogenerated output is that the XXX
comments from the init routines in smb-pipe and tds dissectors are kept.
Change-Id: I64aedf7189877247282b30b0e0f83757be6199e7
Reviewed-on: https://code.wireshark.org/review/9222
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This patch lets a dissector hand over control to the SSL dissector which
simplifies dissector code ("TCP | App | SSL | App" becomes
"TCP | SSL | App").
After this patch, all of the affected dissectors will now be dissected
as SSL with its Application Data being treated as the protocol before
STARTTLS. This was previously not the case because the port was not
registered for dissection via ssl_dissector_add.
The desegmentation issue within the MySQL dissector is now also gone.
Convert some tvb_length[_remaining] users in pop and smtp as well.
Tested against mysql-ssl.pcapng and mysql-ssl-larger.pcapng(*1),
Tested against pop-ssl.pcapng (note: only first stream is decrypted,
either the key after negotiation is wrong or there is a bug),
Tested against smtp-ssl.pcapng and smtp2525-ssl.pcapng (with Decode As)
and smtp-ssl.pcapng with filter "tcp.len>0",
Tested against xmpp-ssl.pcapng,
http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys
*1) mysql-ssl-larger has MySQL dissector errors for the fragmented
SSL packet, but reassembly seems to work. Needs further
investigation.
Bug: 9515
Change-Id: I408ef8ff30d9edc8954dab9b3615900666dfa932
Reviewed-on: https://code.wireshark.org/review/6981
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I234b9dad79e3327637f8cdcd406a49f9e7435f33
Reviewed-on: https://code.wireshark.org/review/6321
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This may not always be necessary, but....
Change-Id: Ib409839dbee0574c516568a1f43793f8b407f611
Reviewed-on: https://code.wireshark.org/review/6232
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
That way, for example, format_text() calls on the decoded result don't
go past the end of the decoded result.
Fix some more indentation while we're at it.
Bug: 10823
Change-Id: Ia7b7b1d9fb06af5df945f19a375bf5bef3277018
Reviewed-on: https://code.wireshark.org/review/6221
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I5b190ee35086664ed053d376def4e21ab9ad9236
Reviewed-on: https://code.wireshark.org/review/6213
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I6d21bda89f8032d302620e21ac393dc345165ac7
Reviewed-on: https://code.wireshark.org/review/6212
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I5aa6cafc6249b3a820b1bbf2eddc2ec1fdc88685
Reviewed-on: https://code.wireshark.org/review/6211
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
This is already done automatically for the hf entries thanks to hfinfo_format_text() function
Bug: 10536
Change-Id: I9ee56b795234a94f0e59c82a96e3e6cedf71c4e6
Reviewed-on: https://code.wireshark.org/review/5459
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
They don't handle values outside the range -1 to 127, and their behavior
is locale-dependent. Use g_ascii_isXXX() and g_ascii_toXXX() instead of
isXXX() and toXXX().
If you're checking for printable ASCII, don't use isascii() and don't
use iscntrl(), use g_ascii_isprint(). If you're checking for graphical
ASCII, i.e. printable ASCII except for a space, use g_ascii_isgraph().
Use ws_xton() to convert a hex digit character to the corresponding
numeric value.
Change-Id: Id3039bc586fbf66d8736c2df248c790c0d7a2330
Reviewed-on: https://code.wireshark.org/review/4851
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Iedeaa411caa0823922dd79c27897a2349d4e6907
Reviewed-on: https://code.wireshark.org/review/4054
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Other minor cleanups while in the area.
Change-Id: I99096ade9c69a4c148962d45bb6b0bd775040ba1
Reviewed-on: https://code.wireshark.org/review/4020
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I63a3704effe3fcab01a193dc39b6a22e9f1cf3fe
Reviewed-on: https://code.wireshark.org/review/2376
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54326
|
|
svn path=/trunk/; revision=53918
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9470)
I'm not sold on the name or module the proto_data functions live in, but I believe the function arguments are solid and gives us the most flexibility for the future. And search/replace of a function name is easy enough to do.
The big driving force for getting this in sooner rather than later is the saved memory on ethernet packets (and IP packets soon), that used to have file_scope() proto data when all it needed was packet_scope() data (technically packet_info->pool scoped), strictly for Decode As.
All dissectors that use p_add_proto_data() only for Decode As functionality have been converted to using packet_scope(). All other dissectors were converted to using file_scope() which was the original scope for "proto" data.
svn path=/trunk/; revision=53520
|
|
svn path=/trunk/; revision=52591
|
|
- ep_tvb_get_bits() -> wmem_packet_tvb_get_bits()
- tvb_g_memdup()/ep_tvb_memdup() -> tvb_memdup()
- tvb_fake_unicode()/tvb_get_ephemeral_faked_unicode() -> tvb_get_faked_unicode()
- tvb_get_g_string()/tvb_get_ephemeral_string()/tvb_get_seasonal_string() -> tvb_get_string()
- tvb_get_g_unicode_string()/tvb_get_ephemeral_unicode_string() -> tvb_get_unicode_string()
- tvb_get_ephemeral_string_enc() -> tvb_get_string_enc()
- update docs accordingly
svn path=/trunk/; revision=52172
|
|
the same structure.
This is begin of work to split fragment head and fragments items.
svn path=/trunk/; revision=50708
|
|
svn path=/trunk/; revision=50640
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8904) by setting conversation structure (smtp_session_state) to all zeros.
svn path=/trunk/; revision=50472
|
|
svn path=/trunk/; revision=49259
|
|
svn path=/trunk/; revision=49157
|
|
to ensure that the return value of strlen is actually used as the length of the
string.
svn path=/trunk/; revision=49142
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8600)
From Uli Heilmeier
svn path=/trunk/; revision=49140
|
|
from Uli Heilmeier, bug 8600 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8600)
svn path=/trunk/; revision=48961
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8591)
From Uli Heilmeier
The current version of the SMTP dissector expects a 'AUTH LOGIN' mechanism without checking the mechanism.
When some other mechanism (like NTLM or PLAIN) is in use the decoding is wrong. Furthermore it is expected that the username is in a seperate packet. When the username is in the AUTH line the password is shown as smtp.auth.username and the username is not decoded.
svn path=/trunk/; revision=48910
|
|
be done on flows from one address to another; reassembly for protocols
running atop TCP should be done on flows from one TCP endpoint to
another.
We do this by:
adding "reassembly table" as a data structure;
associating hash tables for both in-progress reassemblies and
completed reassemblies with that data structure (currently, not
all reassemblies use the latter; they might keep completed
reassemblies in the first table);
having functions to create and destroy keys in that table;
offering standard routines for doing address-based and
address-and-port-based flow processing, so that dissectors not
needing their own specialized flow processing can just use them.
This fixes some mis-reassemblies of NIS YPSERV YPALL responses (where
the second YPALL response is processed as if it were a continuation of
a previous response between different endpoints, even though said
response is already reassembled), and also allows the DCE RPC-specific
stuff to be moved out of epan/reassembly.c into the DCE RPC dissector.
svn path=/trunk/; revision=48491
|