From d979ee5550ea4e5088a2cc739a76bd7bdc3d1bea Mon Sep 17 00:00:00 2001 From: Gerald Combs Date: Sat, 13 Dec 2003 00:55:11 +0000 Subject: Final checkin for 0.10.0. svn path=/trunk/; revision=9255 --- ChangeLog | 4892 +++++++++++++++++++++++++++---------------------------------- 1 file changed, 2145 insertions(+), 2747 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 71d7be0ecb..02ec0e2a82 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4100 +1,3498 @@ -$Id: ChangeLog,v 1.32 2003/11/03 23:28:01 gerald Exp $ +$Id: ChangeLog,v 1.33 2003/12/13 00:55:10 gerald Exp $ -NOTE: The format of this file has changed from previous versions. -2003-09-10 05:35 guy +2003-12-13 00:38 gerald - * pcap-util.c, pcap-util.h, tethereal.c, gtk/Makefile.am, - gtk/Makefile.nmake, gtk/capture_combo_utils.c, - gtk/capture_combo_utils.h, gtk/capture_dlg.c, - gtk/capture_prefs.c, gtk/main.c: + * Makefile.am: - Have "get_interface_list()" return a list of "if_info_t" - structures containing a pointer to an interface name and possibly - a pointer to an interface description (although that pointer - might be null if no description is available), rather than having - the Windows version glue together the name and description into a - single string. + Add packet-isup.h as well. - Supply for the Linux "any" device the same description that - libpcap's "pcap_findalldevs()" returns. +2003-12-13 00:22 gerald -2003-09-10 06:47 guy + * Makefile.am: - * pcap-util.c: + Add packet-ansi_map.h to the distribution. - Fix a compile error on Windows. +2003-12-12 23:47 obiot -2003-09-10 06:48 guy + * packet-smpp.c: - * epan/osi-utils.c: + Always dissect a sm_submit otherwise reassembly of short messages + does not work. - Void functions don't return values. +2003-12-12 23:35 obiot -2003-09-10 06:55 guy + * packet-wbxml.c: - * gtk/: capture_dlg.c, capture_prefs.c: + Move info column update code outside of if (tree). - If we have no interfaces, don't set the popdown list for - interface combo boxes. +2003-12-12 23:23 guy -2003-09-10 07:02 guy + * packet-dns.c: - * gtk/capture_dlg.c: + Add some checks to make sure we're not running past the end of + the RR we're dissecting. (Some RR's still don't do that check, + as they don't maintain an "rr_len" variable, and as + "get_dns_name()" doesn't do any length checking.) - If there's no saved interface name, set the interface name in the - Capture Options dialog box to the first string in the combo box, - not to the first interface name in the list, so we get the - description. + That obviates the need for having "compute_key_id()" check the + length, as we won't even get to calling it if the RR is too + short. Have it still do a check for sanity, but just abort if + the check fails, and have it return -1 if the algorithm is + unsupported. -2003-09-10 07:17 jmayer + Don't bother processing T_CERT RRs if we're not building a + protocol tree, don't fetch data from a T_CERT RR until we put it + into the tree, and fix the bug that change found, namely that we + were using the wrong variable in the "val_to_str()" call for the + certificate type. - * AUTHORS, Makefile.am, configure.in, gtk/Makefile.am: +2003-12-12 22:19 guy - Albert Chin: - AM_PROC_LIBTOOL is just an alias for - AC_PROG_LIBTOOL, which is called earlier. - Use - AM_CPPFLAGS instead of CFLAGS and CPPFLAGS to add inlude - directories + * packet-ses.c, packet-ses.h: -2003-09-10 09:49 sahlberg + From Yuriy Sidelnikov: if the first SPDU in a TSDU has a type of + 1 or 2, treat it specially - a type of 1 means GIVE_TOKENS, not + DATA_TRANSFER, in that case. - * packet-dcerpc-netlogon.c: +2003-12-12 21:17 guy - NETLOGON/DsrDeregisterDNSHostRecords : The dns_host field is a - REF pointer to a unicode string. NOT a Unique pointer. + * packet-pim.c: - Update iethereal so that this packet is dissected properly + From Hannes Gredler: -2003-09-10 19:23 guy + display the PIM hello option values in brackets after the + option + name; - * packet-teredo.c: + in the LAN prune delay option dissector: - From Albert Chin: fix yet another C++-comment problem. + put the top-level item for the option into the + PIM + options tree rather than the PIM main tree; -2003-09-10 19:27 guy + calculate the correct LAN prune delay and display + it in + units of milliseconds; - * packet-gprs-ns.c: + calculate the correct override interval and + display it + in units of milliseconds; - Use the *correct* value_string for the IE Type field. + fix the offset and length calculation. -2003-09-10 20:07 guy +2003-12-12 19:55 guy - * packet-lwapp.c: + * AUTHORS, packet-ansi_a.c, packet-ansi_a.h, packet-ansi_map.c, + packet-ansi_map.h, packet-isup.c, packet-isup.h, gtk/Makefile.am, + gtk/Makefile.nmake, gtk/ansi_map_stat.c, gtk/isup_stat.c: - Don't use "alloca()", and don't use "match_strval()", just use - "val_to_str()". + From Michael Lum: -2003-09-10 21:19 gerald + Fix point code display. - * epan/tvbuff.c: + Add taps for ANSI MAP and ISUP statistics. - Make tvb_find_tvb() return -1 if either tvb length is 0. - Otherwise, an assertion happens 'xxxx contains ""'. +2003-12-12 16:06 gerald -2003-09-10 22:23 guy + * README.win32: - * file.c, print.h, tethereal.c, gtk/print_dlg.c: + Switch from gettext 0.13 to 0.12.1. - When saving packets, we have a "Save only marked packets" option; - label the option to print only marked packets similarly, rather - than as "Suppress unmarked packets" (for consistency, and because - the latter isn't unlike a double negative). +2003-12-12 02:50 gerald -2003-09-10 22:33 guy + * gtk/: dlg_utils.c, main.c: - * doc/ethereal.pod.template: + In "dlg_window_new()" check to see if "top_level" has been + initialized, as is the case for the spawned capture process. - Document the "Print only marked packets" option in the "Print" - dialog, and document that you can now search for packets with - particular text in the Info column or protocol tree. +2003-12-11 21:23 ulfl -2003-09-10 23:55 guy + * packet-afp.c, packet-bssap.c, packet-cops.c, packet-esis.c, + packet-gsm_sms.c, packet-isakmp.c, packet-osi-options.c, + gtk/dcerpc_stat.c, plugins/docsis/packet-tlv.c, + plugins/docsis/packet-vendor.c, wiretap/erf.c, + wiretap/lanalyzer.c: - * prefs.c, prefs.h: + prevent MSVC warning: "warning C4761: Größenkonflikt im Argument. + Konvertierung vorgenommen" -> size conflict in argument, + conversion done - Don't export MAX_VAR_LEN - nobody uses it. +2003-12-11 18:38 guy -2003-09-11 00:08 guy + * packet-dns.c: - * AUTHORS, packet-isup.c, doc/ethereal.pod.template: + Have "compute_key_id()" return different values for different + errors, and have its caller put an entry into the tree for "we + don't support the algorithm" (the "RR too short" error is a + "can't happen"). - From Anders Broman: add support for BICC dissection. +2003-12-11 18:37 guy - Change his e-mail address. + * epan/configure.in: -2003-09-11 10:31 sahlberg + Add "/usr/local/include" in case the PCRE header file is there. - * packet-dcerpc.c: +2003-12-11 08:54 ulfl - Do not take the pointer to a stack object and pass it to the tap - system. The tap listener will try to parse this pointer at a - much later stage where the stack frame where this object lived - will have dissapeared and possible got overwritten. + * packet-dns.c: - best that can happen is that service response times for dcerpc - interfaces is screwed up more probable is that we get a coredump + replaced type u_int32_t by glib's guint32 (to satisfy MSVC) -2003-09-11 13:24 sahlberg +2003-12-11 01:13 guy - * AUTHORS, packet-dcerpc-netlogon.c: + * tethereal.c: - From Jean-Baptiste Marchand + Fix a typo. - update of the type of pointer used for DsrGetSiteName reply - packets +2003-12-10 23:21 gerald -2003-09-11 13:36 sahlberg + * README.win32, packaging/nsis/ethereal.nsi: - * AUTHORS, Makefile.am, Makefile.nmake, packet-t38.c: + Update the Windows environment to GLib 2.2.3 and GTK+ + 1.3.0-20030717. This requires replacing libintl-1.dll from the + libintl package (which is no longer used) with intl.dll from + intl.dll from the gettext package. - From Hans Viens : T38 dissector +2003-12-10 22:52 gram -2003-09-11 13:37 sahlberg + * print.c: - * doc/ethereal.pod.template: + Analyzer's PDML will be changed to start the packet offset (the + "pos" field) at 0 instead of 1. This works better for Ethereal, + as our offsets start at 0. Change the "geninfo" pseudo-protocol + to use pos="0" instead of pos="1". - From hans Viens: T38 dissector +2003-12-10 22:38 obiot -2003-09-12 02:48 sahlberg + * epan/dfilter/Makefile.nmake: - * file.c, file.h, packet-frame.c, doc/ethereal.pod.template, - epan/column-utils.c, epan/frame_data.h, gtk/main.c, gtk/main.h, - gtk/menu.c: + PCRE support requires $(PCRE_CFLAGS) in CFLAGS. - Added TimeReference frames. +2003-12-10 22:27 obiot - One can now select a packet and mark it as a TimeReference packet - using the menu. A TimeReference packet will be indicated by - having all timestamp related column entries replaced by the - string *REF* A TimeReference packet will always be displayed in - the packet pane, and overrides any display filters. + * tap-wspstat.c: - When a frame is a TimeReference frame, all later frames will - calculate the TimeRelativeToFirstPacket relative to the - timestamp of the TimeReference frame instead of the first frame - of the capture. + WSP status code is hexadecimal. - You can have any number of TimeReference frames you like. +2003-12-10 21:50 gerald -2003-09-12 04:52 sahlberg + * config.nmake, configure.in, epan/configure.in: - * packet-frame.c: + Bump the version to 0.10.0. It could be (and has been) argued + that the last release should have been 0.10.0. - Attempt to prettify frame.time_relative and some other fields +2003-12-10 21:21 guy -2003-09-12 05:52 sahlberg + * gtk/gsm_a_stat.c: - * packet-tcp.c, packet-tcp.h: + Oops, I checked the wrong tap into CVS somehow. - Enhancement to the TCP dissector: Track window scaling and - display the window field after it has been scaled to its real - value +2003-12-10 21:12 gerald - If we have seen a SYN packet with a WindowScalingOption then if - the option to use RelativeSequence numbers has been enabled, then - ethereal will change the presented window field to be the window - after it has been scaled to the real value. + * epan/ftypes/: ftypes-int.h, ftypes.h: - This obviously only works if we have seen the SYN packet and if - the SYN packet contained a window scaling option + Make the _pcre_tuple_t struct internal. -2003-09-12 10:32 sahlberg +2003-12-10 19:35 guy - * AUTHORS, packet-dcerpc-netlogon.c, packet-dcerpc-netlogon.h: + * packet-dns.c: - upadtes to NETLOGON + From David Fort: compute and display the key ID in a DNS KEY RR, + if possible. -2003-09-12 11:13 sahlberg +2003-12-10 19:26 guy - * packet-dcerpc-netlogon.c: + * packet-isup.c: - Update to netlogon + From Anders Broman: add CIC to Info column. - make it decode DsrGetDCSiteCoverage replies properly +2003-12-10 19:21 guy -2003-09-12 19:40 guy + * AUTHORS, Makefile.am, Makefile.nmake, packet-igap.c, + packet-igap.h, packet-igmp.c: - * packet-cops.c: + From Akira Endoh: IGAP support. - From Kari Tiirikainen: +2003-12-10 19:21 guy - Updated the COPS dissector to print the names of the - Prefix - PRIDs correctly. The last fix to PRID OID printout - caused this - minor problem for PPRIDs. + * packet-isakmp.c: - Rename a few variables to make the code more logical to - read. + Squelch a compiler warning. -2003-09-12 22:52 guy +2003-12-10 19:05 ulfl - * packet-aodv.c: + * packaging/nsis/ethereal.nsi: - According to draft-ietf-manet-aodv-13, "the only changes to the - protocol are that the address fields are enlarged", so presumably - that supercedes the now-expired draft-perkins-aodv6-01 which - gives different type numbers for V6. We support both - the - draft-ietf-manet-aodv-13 messages are dissected based on the - address type of the source address, while the - draft-perkins-aodv6-01 messages are dissected as V6. + added some more uninstall info and offering only removal of + program (instead of modify/repair) - Handle the Route Reply Acknowledgment message. +2003-12-10 10:47 guy -2003-09-13 00:57 guy + * packet-isakmp.c: - * packet-aodv.c: + Check whether the packet length is less than the length of the + packet header, and give up if it is. - According to draft-ietf-manet-aodv-13, the only differences - between V4 and V6 AODV messages is the addresses in the message. +2003-12-09 23:45 obiot - According to the now-expired draft-perkins-aodv6-01, some of the - messages differ in the order of the fields as well. + * gtk/tcp_graph.c: - Dissect the draft-ietf-manet-aodv-13 messages correctly. + Mark parameter data as unused in callback_create_help(). -2003-09-14 20:59 jmayer +2003-12-09 23:15 obiot - * packet-gtp.c: + * epan/ftypes/Makefile.nmake: - Fix warning: guint8 is always <= 255 + Internal PCRE field type for efficient RE parsing in dfilters. -2003-09-14 21:28 gerald +2003-12-09 23:02 obiot - * packet-gtp.c: + * epan/: ftypes/Makefile.am, ftypes/ftype-pcre.c, + ftypes/ftype-string.c, ftypes/ftypes.c, ftypes/ftypes.h, + dfilter/semcheck.c: - Fix a buffer overflow in msisdn_to_str(). Clean up string - pointer handling in it, imsi_to_str(), and id_to_str() a bit. + Internal PCRE field type for efficient RE parsing in dfilters. -2003-09-15 18:31 guy +2003-12-09 22:41 ulfl - * packet-gtp.c: + * file.c, gtk/main.h, gtk/menu.c: - Use "int"s as array indices - it squelches a - signed-vs-unsigned-comparison complaint in one case, and it's a - generally good habit. + print system enhanced, more print ranges and expanded states -2003-09-15 18:40 guy +2003-12-09 22:27 ulfl - * AUTHORS, packet-ieee80211.c, doc/ethereal.pod.template: + * print.c: - From Ritchie: dissect country information tag. + print system enhanced, more print ranges and expanded states -2003-09-15 18:49 guy +2003-12-09 22:21 ulfl - * packet-bssgp.c: + * print.h, tethereal.c, gtk/print_dlg.c: - From Josef Korelus: call the data dissector on the contents of - the LLC PDU information element. + print system enhanced, more print ranges and expanded states -2003-09-15 19:04 guy +2003-12-09 22:04 ulfl - * epan/filesystem.c, gtk/dcerpc_stat.c, - gtk/endpoint_talkers_table.c, gtk/fc_stat.c, gtk/io_stat.c, - gtk/mgcp_stat.c, gtk/rpc_stat.c, gtk/smb_stat.c: + * print.h: - From Graeme Hewson: + print system enhanced, more print ranges and expanded states - Don't crash if "-z" is used on the command line when a - live - capture is being done (e.g., with "-k -S" - in that case, - "cfile.filename" is null when the window is created), - just don't - display the file name in the title. +2003-12-09 18:49 guy - Don't set the title of a non-existent window - create the - window - first. + * Makefile.am, Makefile.nmake, packet-gsm_a.c, packet-gsm_a.h, + tap-ansi_astat.c, tap-gsm_astat.c, gtk/Makefile.am, + gtk/Makefile.nmake, gtk/ansi_a_stat.c, gtk/gsm_a_stat.c: -2003-09-15 19:08 guy + From Michael Lum: - * packet-isakmp.c: + new taps for GSM A-interface; - From Yaniv Kaul: add AES-XCBC-MAC to the list of authentication - methods, per RFC 3566. + fixes for ANSI A-interface taps. -2003-09-15 20:37 guy +2003-12-09 06:48 guy - * cfile.h, file.c, gtk/dcerpc_stat.c, gtk/endpoint_talkers_table.c, - gtk/fc_stat.c, gtk/io_stat.c, gtk/mgcp_stat.c, gtk/rpc_stat.c, - gtk/smb_stat.c: + * column.c, column.h, file.c, ui_util.h, epan/column-utils.c, + epan/column_info.h, gtk/main.c, gtk/packet_list.c: - Keep a "display name" as part of a capture_file structure; for - live capture temporary files, it's "hfinfo->type != FT_PROTOCOL && fi->length > + 0)" stuff to show the raw value into the previous "if". -2003-09-16 20:41 guy +2003-12-08 21:36 guy - * gtk/tcp_graph.c: + * AUTHORS, packet-mtp3.c, packet-mtp3.h, packet-sccp.c, + epan/packet_info.h, epan/to_str.c: - Handle PPP with a pseudo-header. + From Michael Lum: support an AT_SS7PC address type for SS7 point + codes, and set the direction in pinfo for SS7 packets based on + source and destination addresses. -2003-09-17 15:58 jfoster +2003-12-08 20:58 guy - * packet-socks.c: + * packet-dcerpc.c: - Fix recursive heap overflow problem. When a socks connection was - used to create a second socks connection the socks dissector - would be called recursively until a heap overflow occurred. + From Jamie Fournier: don't show UNKUUID information for fragments + for known dissectors. -2003-09-17 19:39 guy +2003-12-08 20:50 guy - * gtk/: bootp_stat.c, dcerpc_stat.c, endpoint_talkers_eth.c, - endpoint_talkers_fc.c, endpoint_talkers_fddi.c, - endpoint_talkers_ip.c, endpoint_talkers_ipx.c, - endpoint_talkers_tcpip.c, endpoint_talkers_tr.c, - endpoint_talkers_udpip.c, fc_stat.c, http_stat.c, io_stat.c, - menu.c, mgcp_stat.c, rpc_progs.c, rpc_stat.c, smb_stat.c, - tap_rtp.c, wsp_stat.c: + * packet-srvloc.c: - Have "register_tap_menu_item()" put the item under Tools, not - Tools/Statistics; change the taps to put things under Statistics - themselves. That allows taps to go elsewhere if appropriate. + From Greg Morris: ecode the attribute structure instead of + reporting a really long undecoded string. -2003-09-17 20:24 guy +2003-12-08 20:43 guy - * packet-smpp.c: + * packaging/nsis/ethereal.nsi: - From Olivier Biot: put a summary into the top-level SMPP item in - the protocol tree. + From Lars Roland: fix a typo. -2003-09-18 19:19 guy +2003-12-08 20:42 guy - * packet-tcp.c: + * packaging/nsis/Makefile.nmake: - Don't store the setting of the window scale option unless the - "Relative sequence numbers and window scaling" option is set, as - that option says it controls whether we attempt to display the - real post-scaling window size. + From Lars Roland: fix the NSIS Makefile to handle PCRE. - Also, don't store it unless the "Analyze TCP sequence numbers" - option is set, as "Relative sequence numbers and window scaling" - requires it, because, unless "Analyze TCP sequence numbers" is - set, we don't set up conversations for TCP connections and don't - have a pool of data structures for per-connection information - into which to store the window scale option value. +2003-12-08 20:40 guy -2003-09-18 21:38 gerald + * packet-isis-clv.c, packet-isis-clv.h, packet-isis-hello.c, + packet-isis-hello.h, packet-isis-lsp.c, packet-isis-lsp.h, + packet-isis-snp.c, packet-isis-snp.h: - * packet-gtp.c: + From Hannes Gredler: - From Michal Melerowicz: Properly terminate the return string in - msisdn_to_str(). + - unify the IS-IS CLV space IS-IS uses a unified CLV space + across all Level and PDU Types there is no need to define PDU- + and Level- Specific CLV Types; - Do the same for imsi_to_str(). + - clean up Authentication CLV TLV #10 is the official supported + TLV for carrying authentication information- todays code + displays TLV #10 as non-standard which is wrong; also the + notion of "Domain" "Authentication" and "Link" password has + disappeared from contemporary routing SW; -2003-09-18 21:42 gerald + - add IP Authentication CLV dissector this CLV is depreciated - + however it is using different semantics than TLV #10 so we need + a dedicated dissector; - * packet-gtp.c: + - add Checksum CLV dissector add support for RFC 3358 Checksum + CLVs majority of code re-used from the LSP checksum + verification dissector. - Make the string variables in the *_to_str() functions non-static. +2003-12-08 20:37 obiot -2003-09-19 04:08 guy + * packet-wsp.c, packet-mmse.c, packet-wbxml.c: - * wiretap/erf.c: + Get rid of the integer media type dissector table in WSP, WBXML + and MMSE. - From Jesper Peterson: add support for AAL5 records in ERF files, - treating them as PDUs with an AAL5 trailer. +2003-12-08 20:36 guy -2003-09-19 04:16 guy + * packet-dsi.c: - * AUTHORS, Makefile.am, Makefile.nmake, packet-rtp-events.c, - packet-rtp-events.h, doc/ethereal.pod.template: + From Didier Gautheron: check packet format in get_dsi_pdu_len. - From Kevin A. Noll: RFC 2833 RTP Events support. +2003-12-08 20:36 guy -2003-09-19 04:27 guy + * packet-afp.c: - * packet-rtp-events.c: + From Didier Gautheron: add offset and size parameters in info + colum for read and write commands. - Use bitfields for the end-of-event, reserved, and volume fields. +2003-12-08 20:25 guy - Don't fetch fields until you need them, so you don't throw an - early exception. + * packet-sip.c: - Give the fields names starting with the name of the protocol. + From Anders Broman: -2003-09-19 04:52 guy + Call subdissectors regardless of whether we're building a + protocol tree or not. - * file.c, tethereal.c: + Use the "media_type" dissector table to hand off to + subdissectors, rather than wiring in SDP. - From Lars Roland: initialize the flags.ref_time field of a - frame_data structure. + Put the message body into a subtree of the SIP tree + rather than + at the top level. -2003-09-19 05:30 tpot +2003-12-08 19:25 ulfl - * packet-dcerpc.c: + * gtk/menu.c: - Put the presentation context list and transfer syntax list of a - dcerpc bind request into some subtrees to make things look a bit - nicer. + moved "File->Save Highlighted Data" to "File->Export->Raw Packet + Data" -2003-09-19 07:24 guy +2003-12-08 17:54 ulfl - * gtk/: bootp_stat.c, dcerpc_stat.c, endpoint_talkers_eth.c, - endpoint_talkers_fc.c, endpoint_talkers_fddi.c, - endpoint_talkers_ip.c, endpoint_talkers_ipx.c, - endpoint_talkers_tcpip.c, endpoint_talkers_tr.c, - endpoint_talkers_udpip.c, fc_stat.c, http_stat.c, io_stat.c, - menu.c, menu.h, mgcp_stat.c, rpc_progs.c, rpc_stat.c, smb_stat.c, - tap_rtp.c, wsp_stat.c: + * doc/ethereal.pod: - Provide a mechanism by which a tap can arrange to have its menu - enabled or disabled based on a currently-selected packet (or lack - of same) or a currently-selected protocol tree item (or lack of - same). Not currently used, but necessary if we ever make the TCP - graph stuff a tap. API is tentative and subject to change. + updated to reflect the menu redesign changes - Also, enable and disable taps based on whether we have any - packets to process. +2003-12-08 17:49 ulfl -2003-09-20 03:20 guy + * gtk/menu.c: - * packet-ieee80211.c: + removed seperator between the two print menuitems - Give the tag number a value_string table, and have common code, - rather than tag-specific code, put it, and the tag length, into - the protocol tree. Make those fields FT_UINT8, as they're one - byte long. +2003-12-07 19:09 obiot - Don't pass to "dissect_vendor_specific_ie()" variables whose - names and values are the same as global variables. + * AUTHORS: -2003-09-20 03:31 guy + Update address of Johan Feyaerts. Dfilter matches operator. - * packet-osi.c: +2003-12-07 18:32 obiot - From Akira Endoh: handle the NLPID for PPP. + * doc/ethereal-filter.pod.template: -2003-09-20 03:48 guy + Clarify dfilter syntax (mainly the implicit exists operator), add + subsections in syntax section, add description of new "contains" + operator (and inform that it is only available if libpcre has + been linked in). - * packet-ieee80211.c: +2003-12-07 18:09 obiot - From Richie: + * packet-mmse.c, packet-wbxml.c, packet-wsp.c: - the units for output power are dBm, not dbi; + Remove the literal WSP content type dissector table, and replace + it with the "media_type" table defined in the HTTP dissector. - decode multiple start channel/number of channels/output - power - combinations; +2003-12-07 09:43 oabad - display the output power as a signed value. + * gtk/main.c: - Additional change from Martijn Schipper to fix the display of the - output power. + Update various set_menu_object_data() calls to reflect recent + menu hierarchy changes. This avoids a crash when selecting "Folow + TCP stream" from the "Analyze" menu. - Pass the tagged data value pointer to - "dissect_vendor_specific_ie()". +2003-12-07 03:46 guy - Don't special-case unknown tag values - use "val_to_str()" even - for unknown tag values, and handle the value in the "default:" - case. + * packet-sdp.c: -2003-09-20 04:25 guy + Register the SDP dissector with the media_type dissector table + with its media type. - * packet-ncp-int.h, packet-ncp2222.inc: +2003-12-07 03:34 guy - From Greg Morris: update the Info column even if we're not - building a protocol tree. + * packet-http.c: -2003-09-20 04:59 guy + Use a cleanup handler to free the Content-Type header value, so + it gets freed even if we throw an exception after processing the + Content-Type header but before we call a subdissector. - * gtk/: dlg_utils.c, file_dlg.c: +2003-12-07 03:21 guy - From Giles Scott: + * packet-http.c: - in GTK+ 2.x, center dialogs on the parent; + Change the name of the variable holding the dissector table + pointer to match the previous checkin. - make the file selection dialogs transient for the main - window, - just as other dialogs are. +2003-12-07 03:17 guy - Update Gerald's e-mail address. + * packet-http.c, packet-mmse.c: -2003-09-20 08:56 guy + Rename the "http.content_type" dissector table to "media_type", + as it's for use in any dissector that uses Internet media types. - * packet-gtp.c: +2003-12-07 02:42 guy - You can't safely return from a routine a pointer to an automatic - variable. + * packet-nt-sonmp.c: -2003-09-20 08:56 guy + Only check the destination address if it's AT_ETHER; otherwise, + there's no guarantee that "data[5]" exists or can be interpreted + in that fashion. - * AUTHORS, Makefile.am, Makefile.nmake, packet-dcerpc-drsuapi.c, - packet-dcerpc-drsuapi.h: +2003-12-07 02:26 guy - From Jean-Baptiste Marchand: initial DRSUAPI (Active Directory - directory replication) support. + * packet-ssl.c: -2003-09-20 09:41 guy + From Devin Heitmueller: include the AES ciphersuites from RFC + 3268. - * AUTHORS, Makefile.am, packet-tacacs.c, packet-tacacs.h, - doc/ethereal.pod.template: +2003-12-07 02:23 guy - From Emanuele Caratti: full TACACS+ dissection. + * doc/tethereal.pod: -2003-09-20 09:54 guy + Put the "-V" flag in boldface, so pod2man doesn't whine. - * packet-tacacs.c: +2003-12-07 00:04 gerald - Arrange to free the buffer allocated for the decrypted tvbuff. + * Makefile.nmake, README.win32, config.h.win32, config.nmake, + epan/Makefile.nmake, epan/config.h.win32, + epan/ftypes/Makefile.nmake, packaging/nsis/ethereal.nsi: -2003-09-20 10:06 guy + Add PCRE support to the Windows build. - * configure.in: +2003-12-06 19:26 oabad - Put back the AM_PROG_LIBTOOL call, as some older versions of the - auto* tools and/or libtool require it. + * packet-nt-sonmp.c: -2003-09-21 20:05 gerald + Check if pinfo->dl_dst.data is not NULL before accessing the data + (it was NULL in one of my "linux cooked" captures which contains + no destination address). - * packet-atalk.c, packet-bpdu.c, packet-gtp.c, packet-q931.c, - packet-quake2.c, packet-quake3.c, packet-quakeworld.c, - packet-rx.c, packet-sctp.c, packet-x11.c, gtk/mgcp_stat.c: +2003-12-06 19:14 jmayer - Remove a bunch of duplicate semicolons. + * packet-mtp3mg.c: -2003-09-22 00:59 tpot + Declaration included the line above - * packet-dcerpc-netlogon.c: +2003-12-06 16:35 gram - A bunch of fixups for the NETLOGON sam database synchronisation - dissector: + * Makefile.am, acinclude.m4, configure.in, util.c, + epan/acinclude.m4, epan/configure.in, epan/dfilter/dfvm.c, + epan/dfilter/dfvm.h, epan/dfilter/gencode.c, + epan/dfilter/grammar.lemon, epan/dfilter/scanner.l, + epan/dfilter/semcheck.c, epan/dfilter/sttype-test.c, + epan/dfilter/sttype-test.h, epan/ftypes/ftype-bytes.c, + epan/ftypes/ftype-double.c, epan/ftypes/ftype-integer.c, + epan/ftypes/ftype-ipv4.c, epan/ftypes/ftype-none.c, + epan/ftypes/ftype-string.c, epan/ftypes/ftype-time.c, + epan/ftypes/ftype-tvbuff.c, epan/ftypes/ftypes.c, + epan/ftypes/ftypes.h: - - some rids marked as user are actually groups + From Olivier Biot - - decorate some strings higher up in the tree + New "matches" operater in display filter language. Uses PCRE. - - dissect the delta id as such and add value string text item + If a "matches" operator is found in a dfilter while libpcre has + not been used to build the binary, then an exception is thrown + after using dfilter_fail() to set an apporporiate error message. -2003-09-22 09:06 sahlberg +2003-12-06 06:22 gram - * packet-frame.c: + * epan/Makefile.am: - Add filterable field for REF TIME frames so it is easy to search - for them + slab.h needs to be in libethereal_a_SOURCES -2003-09-22 09:08 sahlberg +2003-12-06 06:09 gram - * gtk/menu.c: + * Makefile.am, packet-frame.c, packet-frame.h, print.c, print.h, + tethereal.c, doc/README.xml-output, doc/tethereal.pod, + epan/proto.c, epan/proto.h, tools/EtherealXML.py, + tools/Makefile.am, tools/msnchat: - Update the menu text for Time Reference and give it a hot-key : - ctrl-T + Add the ability to print packet dissections in PDML (an XML-based + format) to tethereal. It could be added to Ethereal, but the GUI + changes to allow the user to select PDML as a print format have + not been added. -2003-09-23 02:35 guy + Provide a python module (EtherealXML.py) to help parse PDML. - * packet-eapol.c, packet-ieee80211.c, packet-ieee80211.h: + Provide a sample app (msnchat) which uses tethereal and + EtherealXML.py to reconstruct MSN Chat sessions from packet + capture files. It produces a nice HTML report of the chat + sessions. - Get rid of some unnecessary includes. + Document tethereal's PDML and EtherealXML.py usage in + doc/README.xml-output - Instead of using "dissect_vendor_specific_ie()" to dissect the - WPA key data, turn the code to dissect a collection of 802.11 - tagged parameters into a routine, use that routine when - dissecting 802.11 management frames, and also use it to dissect - the key data. + Update tethereal's manpage to reflect the new [-T pdml|ps|text] + option -2003-09-23 03:18 guy +2003-12-06 04:05 guy - * packet-tacacs.c: + * file.c, ui_util.h, gtk/packet_list.c: - From Emanuele Caratti: fix a leak in md5_xor. + From Jeff Morriss: avoid at least some N^2 behavior when changing + the time stamp format. -2003-09-23 06:25 oabad +2003-12-05 22:33 guy - * gtk/main.c: + * packet-ccsds.c: - Temporary patch for the packet_list column resize problem in - gtk2. + "hf_ccsds_secheader" is an FT_BOOLEAN; use + "proto_tree_add_boolean()" for it. - We should use the same test (event_button->window == - GTK_CLIST(w)->clist_window) we already use in gtk v1.2 code but - in doesn't seem to work in gtk2. +2003-12-05 16:00 gerald -2003-09-23 12:06 sahlberg + * Makefile.nmake, README.win32, config.nmake: - * packet-dcerpc-lsa.c, packet-dcerpc-lsa.h, packet-dcerpc-samr.c, - packet-dcerpc-samr.h: + Switch over to Net-SNMP 5.1. A ZIP file of the Net-SNMP 5.1 + sources plus a static Windows library (netsnmp.lib) has been + placed at - From JBM Update all names for SAMR and LSA functions so they - match the function names in the API + http://www.ethereal.com/distribution/win32/development/ -2003-09-23 18:09 guy + The Net-SNMP documentation recommends against using a DLL at the + present time. - * gtk/dfilter_expr_dlg.c: +2003-12-05 09:34 guy - The relation list is always displayed (that's been true for a - while) - we don't need to support making it visible or not - depending on the selected field. + * packet-sdp.c: -2003-09-23 18:22 guy + We have to parse the SDP packet even if we're not building a + protocol tree, as we might be setting up a conversation. - * packet-ncp2222.inc: +2003-12-05 09:33 guy - From Greg Morris: properly initialize request_value->info_string - using "strcpy()", not "strcat()". + * packet-isup.c: -2003-09-23 18:36 guy + Subdissectors must be called regardless of whether a protocol + tree is being built. - * packet-per.c: +2003-12-05 09:25 guy - From Graeme Reid: modified PER choice dissector to correctly - handle numbered choices starting with non-zero values (eg X.880 - ROS). + * plugins/mgcp/packet-mgcp.c: -2003-09-23 18:40 guy + Subdissectors must be called regardless of whether a protocol + tree is being built. - * AUTHORS, Makefile.am, Makefile.nmake, packet-h225.c, - packet-h225.h, doc/ethereal.pod.template: +2003-12-04 22:37 guy - From Graeme Reid: H.450 support. + * plugins/asn1/Makefile.am: -2003-09-23 18:59 guy + From some reason, at least on Mac OS X 10.3, the change to have + the protocol tree stuff not use GNodes means that the ASN.1 + plugin now needs to be explicitly linked against GLib in order to + get access to the GNode routines, otherwise you get errors from + the run-time linker. - * packet-h450.c: +2003-12-04 19:53 guy - From Graeme Reid: H.450 support. + * epan/: proto.c, proto.h: -2003-09-23 21:37 guy + It turns out the protocol tree parent link was used, so we need + it in our new scheme. - * packet-tacacs.c: +2003-12-04 10:59 guy - As doc/README.developer's "Portability" section says: + * file.c, print.c, proto_hier_stats.c, tap-protohierstat.c, + epan/proto.c, epan/proto.h, gtk/proto_draw.c, gtk/rtp_analysis.c: - Don't use "bzero()", "bcopy()", or "bcmp()"; instead, use - the - ANSI C routines + Don't use GNodes for the protocol tree, put the sibling pointer, + and pointers to the first *and* last child, in the "proto_node" + structure itself. That saves us one level of indirection and + memory allocation, and lets us append to a tree by appending to + the last child directly, rather than having to scan through the + list of siblings of the first child to find the end of that list. - [memset, memcpy, memcmp] ... +2003-12-04 08:15 sahlberg - Not all platforms necessarily have - "bzero()"/"bcopy()"/"bcmp()", - and those that do might not declare them in the header - file on - which they're declared on your platform. + * packet-kerberos.c: - Make it so. + update to kerberos -2003-09-23 22:04 guy + if the kerberos blob contains a krb error, print the error string + to COL_INFO - * packet-ncp2222.inc: +2003-12-04 08:13 sahlberg - From Greg Morris: get the request data before using it, if we - don't already have it. + * packet-ldap.c: -2003-09-24 00:47 guy + update to ldap. - * cfile.h, file.c, file.h, globals.h, gtk/main.c, gtk/menu.c, - gtk/prefs_dlg.c, gtk/proto_draw.c: + some implementations specify GSSAPI in the bind call. the + encapsulation seems to be the same as GSS-SPNEGO so handle it the + same way - Make "finfo_selected" a member of a "capture_file" structure - rather than an independent global variable. +2003-12-04 06:02 gram -2003-09-24 02:36 guy + * packet-wsp.c: - * file.c, menu.h, gtk/bootp_stat.c, gtk/dcerpc_stat.c, - gtk/endpoint_talkers_eth.c, gtk/endpoint_talkers_fc.c, - gtk/endpoint_talkers_fddi.c, gtk/endpoint_talkers_ip.c, - gtk/endpoint_talkers_ipx.c, gtk/endpoint_talkers_tcpip.c, - gtk/endpoint_talkers_tr.c, gtk/endpoint_talkers_udpip.c, - gtk/fc_stat.c, gtk/http_stat.c, gtk/io_stat.c, gtk/main.c, - gtk/menu.c, gtk/menu.h, gtk/mgcp_stat.c, gtk/rpc_progs.c, - gtk/rpc_stat.c, gtk/smb_stat.c, gtk/wsp_stat.c: + Add {0, NULL} to the vals_wsp_reason_codes value_string array. - Pass a pointer to a "capture_file" structure to - "set_menus_for_selected_packet()" and - "set_menus_for_selected_tree_row()", and have them decide whether - to enable or disable menu items based on whether that structure - indicates that a packet or field is selected and, if one is, on - its properties. +2003-12-04 05:59 gram - Pass to the "selected packet enabled" routine for a menu item the - "frame_data" and "edt" members of the "capture_file" structure, - and pass to the "selected tree row enabled" routine the - "field_info" member of that structure. + * packet-wlancap.c: - Clear "cf->current_frame" if no packet is selected. + Add {0, NULL} to all the value_string arrays. -2003-09-24 03:34 guy +2003-12-04 05:57 gram - * packet-ncp-int.h, packet-ncp2222.inc: + * packet-socks.c: - Create a protocol tree if we don't have one, we're constructing - the Info column, and we need stuff from the protocol tree for the - Info column. + Add {0, NULL} to the reply_table_v5 value_string array. - Go back to the previous scheme for constructing the Info column; - the previous change fixes the problems for which the Info column - changes were fixes. +2003-12-04 05:55 gram -2003-09-24 06:15 oabad + * packet-ldp.c: - * gtk/: Makefile.am, gtkclist.c, gtkclist.h, gtkclist_v12.c, - gtkclist_v12.h: + ldp.msg.tlv.returned.msg.ubit needs to be an FT_BOOLEAN field, + not an FT_UINT8, since it is using a true_false_string struct to + print its values. Add {0, NULL} to the fec_vc_interfaceparm + value_string array. - Renamed gktclist.[ch] to gtkclist_v12.[ch] to avoid conflicts - with the real gtkclist.h file when building the gtk+ v2 gui. +2003-12-04 05:47 gram -2003-09-24 06:18 oabad + * packet-isup.c: - * gtk/main.c: + Add {0, NULL} to the isup_Pass_on_not_possible_indicator_vals and + ISUP_Broadband_narrowband_interworking_indicator_vals + value_string arrays. - In packet_list_button_pressed_cb (gtk2 version) : - put back the - event_button->window == GTK_CLIST(w)->clist_window test now - that we use the correct structure definition for GtkCList (from - the right include file, not from our version of gtkclist.h). +2003-12-04 05:40 gram -2003-09-24 07:48 guy + * packet-fcswils.c: - * AUTHORS, doc/ethereal.pod.template, gtk/Makefile.am, - gtk/Makefile.nmake, gtk/rtp_analysis.c, gtk/rtp_analysis.h, - gtk/rtp_stream.c, gtk/rtp_stream.h, gtk/rtp_stream_dlg.c, - gtk/rtp_stream_dlg.h, gtk/tap_rtp.c: + Add {0, NULL} to end of fc_swils_rscn_addrfmt_val value_string + array. - From Lars Ruoff: rewritten RTP analysis module. +2003-12-04 05:38 gram -2003-09-24 08:05 guy + * packet-fcip.c: - * AUTHORS, Makefile.am, packet-dcerpc-dcom.h, packet-dcerpc-oxid.c: + Add {0, NULL} to end of fcencap_proto_vals value_string array. - From Yaniv Kaul: DCERPC OXID operation #5 dissection. +2003-12-04 00:45 guy -2003-09-24 08:43 guy + * filters.c, filters.h, gtk/dcerpc_stat.c, + gtk/endpoint_talkers_table.c, gtk/fc_stat.c, gtk/filter_prefs.c, + gtk/find_dlg.c, gtk/h225_counter.c, gtk/h225_ras_srt.c, + gtk/ldap_stat.c, gtk/mgcp_stat.c, gtk/prefs_dlg.c, + gtk/rpc_stat.c, gtk/service_response_time_table.c, + gtk/smb_stat.c: - * gtk/: capture_dlg.c, dlg_utils.c, dlg_utils.h, file_dlg.c, - print_dlg.c: + In GTK+ 2.x, "gtk_entry_get_text()" returns a "const gchar *"; + assign its value to pointer-to-const variables. - Add a "file_selection_new()" routine that does all the - positioning (GTK+ 2.x) and transient-for setting that's done for - other dialogs, and use it for dialogs that come from the main - window or from children of the main window. +2003-12-03 23:54 guy -2003-09-24 18:35 guy + * AUTHORS, Makefile.am, Makefile.nmake, packet-gsm_map.c, + doc/ethereal.pod: - * epan/plugins.c, plugins/plugin_api.h, plugins/plugin_api_list.c, - plugins/Xass-list, plugins/Xplugin_api.c, plugins/Xplugin_api.h, - plugins/Xplugin_api_decls.h, plugins/Xplugin_table.h: + From Felix Fei: GSM MAP support. - From Tomas Kukosa: + From Michael Lum: - Remove the internal packet-per.c functions - "dissect_per_length_determinant()" and - "dissect_per_normally_small_nonnegative_whole_number()" - from the - plugin API, as they shouldn't be used outside the PER - dissector. + Modified for better TCAP separation, fixed EOC handling + (a la + TCAP). - Remove the H.225/H.245 functions - "dissect_h225_TransportAddress()" and - "dissect_h245_NonStandardParameter()" from the plugin API - until - we really need them in plugins. + Added parameter parsing (although not dissection or + naming). - Add the string dissector table functions to the plugin - API. +2003-12-03 23:46 guy -2003-09-24 18:41 guy + * AUTHORS, packet-ansi_a.c, packet-ansi_a.h, tap-ansi_astat.c, + gtk/Makefile.am, gtk/Makefile.nmake, gtk/ansi_a_stat.c: - * plugins/megaco/packet-megaco.c: + From Michael Lum: Ethereal tap for ANSI A-interface. - From Anders Broman: fix a crash, and fix trailing whitespace on - Transaction ID. + Tweak some Makefile.nmake whitespace. -2003-09-24 23:35 guy +2003-12-03 22:50 guy - * packet-ieee80211.c, packet-lwapp.c: + * packet-mtp2.c, packet-mtp3.c: - From David Frascone: have an 802.11 dissector that byte-swaps the - frame control field, and have a preference in the LWAPP dissector - to specify whether to use it or the regular 802.11 dissector, as - some hardware sends out LWAPP-encapsulated 802.11 packets with a - byte-swapped FC field. + From Jeff Morriss: add support for WTAP_ENCAP_MTP2 and + WTAP_ENCAP_MTP3. -2003-09-24 23:53 guy +2003-12-03 22:40 guy - * wiretap/README.developer: + * wiretap/: AUTHORS, libpcap.c, wtap.c, wtap.h: - From packet steve: update to give the correct name for - "file_access.c", and add a discussion of how data_offset works. + From Jeff Morriss: add support for libpcap MTP2 and MTP3 + captures. -2003-09-25 00:08 guy + Add a missing entry in "encap_table[]" for Bluetooth H4, and fix + some comments. - * tethereal.c: +2003-12-03 20:01 guy - From Matthijs Melchior: check whether the ring buffer timeout has - expired *before* writing a packet, rather than *after* writing a - packet, so that if you get no packets for a sufficiently long - period that the timeout expires before you get a new packet, the - new packet is in the beginning of a new file (as you might get - more packets right after that, and want them to be in the new - file, rather than have the first packet at the end of one file - and the rest of the packets in another file). + * packet-bootp.c: -2003-09-25 00:37 guy + From Greg Morris: handle the backwards compatibility flag for + options 78 and 79. - * gtk/tcp_graph.c: +2003-12-03 19:59 guy - From Laurent Rabret: + * gtk/menu.c: - handle 802.1Q frames; + From Greg Morris: the "File->Save Highlighted" menu item has no + icon, so don't use "ITEM_FACTORY_STOCK_ENTRY()" for it. - catch the destroy signal on the main Ethereal window and - destroy - our windows (avoids a crash). +2003-12-03 19:47 guy - Get the PPP type value for IP from "ppptypes.h" rather than - defining it ourselves. + * wiretap/airopeek9.c: -2003-09-25 01:50 tpot + "strtoul()" returns a "long", not a "long long". - * reassemble.c: +2003-12-03 10:14 sahlberg - When showing a fragment subtree, put spaces after colons to make - things look a bit nicer. Also separate frame and payload data by - a comma. + * epan/tvbuff.c: -2003-09-25 08:20 guy + Replace two expensive macros with a much simpler mechanism to + prevent memory leaks due to exceptions. - * file.c: + makes my tethereal testcase ~1% faster. - If the currently selected frame doesn't pass the display filter, - select the closest frame to that frame that did pass the display - filter, if any did. +2003-12-03 09:50 sahlberg -2003-09-25 08:31 guy + * epan/: proto.c, tvbuff.c, tvbuff.h: - * file.c: + performance update - Correctly handle the case where the selected frame doesn't pass - the filter and no frames after it pass the filter either. + replace tvb_raw_offset() which is essentially a simple assignment + and which is called a lot with a macro. -2003-09-25 11:27 guy + this makes my tethereal testcase 2-3% faster. - * packet-ncp2222.inc: +2003-12-03 09:28 guy - In "nds_defrag()", handle "request_value->ncp_rec" being null. + * packet-ncp2222.inc, print.c, proto_hier_stats.c, + tap-protohierstat.c, epan/proto.c, epan/proto.h, + epan/ftypes/ftypes.c, epan/ftypes/ftypes.h, gtk/main.c, + gtk/menu.c, gtk/prefs_dlg.c, gtk/rtp_analysis.c: - In "dissect_nds_request()", insert the request information into - the hash table the first time we see the packet, regardless of - whether we created a new conversation or not. + The "ptr_u" unions no longer have a "next" pointer - they now + just have one member - or have one that's not used, so get rid of + those unions. -2003-09-25 19:35 guy +2003-12-03 08:53 guy - * rtp_pt.h: + * epan/: proto.c, proto.h, slab.h, ftypes/ftypes.c, + ftypes/ftypes.h: - Add PT_CN_OLD, so the RTP analysis code can get the RTP payload - types it needs from this header. + Instead of requiring slab-allocated structures to have a "next" + pointer, when adding them to the free list, cast the pointer to + the structure to a pointer to a "freed_item_t" which contains the + "next" pointer. -2003-09-25 19:35 guy + This reduces the memory requirement for some of those structures, + and leaves us free to slab-allocate structures that have a "next" + pointer for other reasons. - * gtk/: rtp_analysis.c, rtp_stream.c: +2003-12-03 08:43 sahlberg - RTP analysis updates from Lars Ruoff: + * packet-smb.c: - - can now handle streams with different payload types - - detects payload changes - - detects comfort noise (PT=13 and 19) - - status line now shows: sequence errors, payload - changes, - comfort noise (if any) - - uses colours for lines with status != "Ok" - - new button "next": jumps to next line with status != - "Ok" - (starting from selected line) - - fixed: wrong jitter calculation (bug from tap_rtp) - - fixed: marker was not shown on first packet or - erroneous - packets (bug from tap_rtp) - - code refactored to improve readability and reuse + Update to SMB ReadAndX replies. -2003-09-26 02:09 guy + There might be a 4 (not 2) byte datalen high field. If there is + no such field (due to an early dialect being used) these bytes + are often 0xff. If these four bytes are all 0xff dont display + them in the tree. - * gtk/: bootp_stat.c, dcerpc_stat.c, fc_stat.c, http_stat.c, - io_stat.c, mgcp_stat.c, rpc_stat.c, rtp_analysis.c, - rtp_stream_dlg.c, smb_stat.c, wsp_stat.c: +2003-12-03 07:46 guy - Assorted GUI cleanups. + * README.linux: -2003-09-26 04:43 tpot + Bring it up to date. - * packet-dcerpc.c: +2003-12-02 23:14 guy - Use zero to mean we haven't seen any authentication level - information in dcerpc_auth_info since auth_level is an unsigned - type. Zero is not a valid authentication level anyway - (s13.1.2.1, p611 CAE spec). + * file.c, tethereal.c, epan/column-utils.c, epan/column_info.h, + gtk/main.c: - Remove two inscrutable debugging comments that don't seem to mean - anything. + From Didier Gautheron: for each column format type, save the + first and last columns, if any, with that format, and use that to + speed up processing of columns with a particular format and + checking whether we're displaying a column with a particular + format. -2003-09-26 06:30 tpot +2003-12-02 21:15 guy - * packet-dcerpc.c, packet-dcerpc.h, packet-ntlmssp.c: + * packet-ncp2222.inc, packet-smb-sidsnooping.c, tap-iostat.c, + epan/proto.c, epan/proto.h, epan/dfilter/dfvm.c, + epan/ftypes/ftypes.c, epan/ftypes/ftypes.h, gtk/io_stat.c, + gtk/main.c, gtk/rtp_analysis.c: - This commit refactors the dcerpc authentication subdissectors for - handling encrypted request/response PDUs. Instead of having - dissection function pointers which perform both decryption and - dissection, the function pointers now only decrypt the DCERPC - fragment payload. Dissection is handled by the - dcerpc_try_handoff() function (with DCERPC fragment reassembly if - necessary). + From Didier Gautheron: put an "fvalue_t" structure into a + "field_info" structure, rather than separately allocating + "fvalue_t"s and having the "field_info" structure point to them - + this appears to speed up protocol tree construction a bit. - Details: +2003-12-02 20:27 guy - - Move the dcerpc_auth_info struct into dcerpc.h as it is now - used in - the function prototype for the decryption function handlers. + * wiretap/airopeek9.c: - - decode_encrypted_data() was refactored to take a boolean - request - parameter instead of passing the DCERPC PDU packet type. + Check for errors and EOF, and handle them appropriately; don't + treat all errors when reading the header as indications that the + file isn't an AiroPeek V9 file. - - A tvbuff_t * data field was added to dcerpc_auth to hold the - verifier. This is passed as an argument to the decryption - function - handlers. + Put in comments nothing some additional checks we should do. - - Dissection of verifiers in request and response PDUs was moved - to - before the payload. +2003-12-02 19:37 guy - - The dissect_dcerpc_cn_stub() function was refactored to - perform - the decryption process and hand decrypted data to the - reassembly - code instead of performing the decryption after reassembly. + * AUTHORS, doc/ethereal.pod, wiretap/AUTHORS, wiretap/Makefile.am, + wiretap/Makefile.nmake, wiretap/airopeek9.c, wiretap/airopeek9.h, + wiretap/file_access.c, wiretap/wtap.h: - - Removed references to decrypted_info_t as it's not necessary - anymore. + From Martijn Schipper: support for reading AiroPeek files in V9 + capture file format (AiroPeek 2.x). - Code was tested using encrypted and unencrypted fragmented PDUs. - Before this commit ethereal could not dissect unencrypted (!) - fragmented PDUs correctly. +2003-12-02 18:50 guy -2003-09-26 08:19 guy + * packet-tpkt.c: - * packet-lapb.c: + Tomas Kukosa noted that the TPKT dissector spends a significant + amount of time in "find_protocol_by_id()"; the protocol_t pointer + for a protocol doesn't change over time, so get that pointer when + the protocol is registered and save it. - The LAPB dissector can be called from the Ethernet dissector; - don't assume we have an X.25 pseudo-header. +2003-12-02 18:35 guy -2003-09-26 20:00 guy + * packet-isakmp.c: - * packet-sip.c: + From Yaniv Kaul: - Make the non-heuristic SIP dissector reject the packet if it - doesn't look like a SIP packet, so some other dissector gets a - chance at it. + 1) fix description of Check Point version 5004; - When looking for the blank line separating headers from data, use - "tvb_find_line_end()" so we handle CR/LF and LF as end-of-line - indications (RFC 2543 says "senders MUST terminate lines with a - CRLF", but it also says "but receivers MUSTalso interpret CR and - LF by themselves as line terminators"), and return an offset past - the end of the buffer, rather than -1, if we don't find it (not - all packets have one). + 2) add description of Check Point version 5005. - When checking whether a header is one we know about, do a - case-insensitive comparison (RFC 2543 says header field names are - case-insensitive). +2003-12-02 10:23 sahlberg -2003-09-26 21:32 guy + * epan/: proto.c, tvbuff.c, tvbuff.h: - * packet-sip.c: + Move the definition of the tvbuff_t structure and friends to + tvbuff.h so that we can change tvb_get_ds_tvb() into a macro. - For (non-heuristic) SIP-over-TCP, dissect stuff that's neither a - request nor a response as continuation data. For - SIP-over-everything-else, reject it. + This function was a single line assignment and was called a lot. - Parse the headers regardless of whether we're building a protocol - tree or not; if we're not, we just do it to look for a blank line - separating the headers from the body. Do that instead of - scanning for the message body separately. + This made tethereal ~2.5% faster in one testcase I use. - When scanning for a colon, don't scan past the end of the line. +2003-12-02 09:47 sahlberg -2003-09-26 22:20 guy + * epan/: proto.c, ftypes/ftypes.c, ftypes/ftypes.h: - * Makefile.am, Makefile.nmake, packet-h225.c, packet-h225.h, - packet-h245.c, packet-h245.h, packet-h450.c, t35.c, t35.h: + Use the LSAB_ALLOC and SLAB_FREE macros to allocate/free fvalue_t + data - From Tomas Kukosa: +2003-12-02 09:11 sahlberg - 1) string tables for t35CountryCode, t35Extension and - h221ManufacturerCode were moved into the new file - t35.c - because they are common for more dissectors + * epan/: proto.c, slab.h: - 2) the - dissect_h245_NonStandardParameter_with_extension_marker() - was moved from h245 to h225 and renamed to - dissect_h225_NonStandardParameter() because the - NonStandardData type is different for H.225.0 and - H.245 + Moving SLAB_ALLOC and SLAB_FREE to its own header file - 3) type of the "h245.nsp.object" dissector table was - changed from - FT_UINT32 to FT_STRING, so it can select a dissector - based on - an OID rather than the Adler-32 hash of an OID +2003-12-02 09:05 guy - 4) the "h225.nsp.object" and "h225.nsp.h221" dissector - tables - were created + * AUTHORS, packet-isakmp.c, doc/ethereal.pod: -2003-09-26 22:29 guy + From Arnaud Jacques: fix a typo, and handle another CheckPoint + version number. - * gtk/rtp_stream_dlg.c: +2003-12-02 06:06 guy - Get the RTP payload types from rtp_pt.h rather than defining them - ourselves. + * packet-fcfzs.c: -2003-09-26 23:11 guy + From Dave Sclarsky: - * gtk/: capture_combo_utils.c, capture_prefs.c: + Correct several problems with zoneset decodes (e.g. the + zoneset + and zone name lengths do *not* include the pad bytes, so + the + offset calculation needed to be fixed). - From Nathan Jennings: + Move the decode of zoneset name into the routine + "dissect_fcfzs_zoneset", so that it is done in only one + place. - update the CList as you enter/modify options; +2003-12-02 05:53 guy - give Windows users OS descriptions in the displayed - devices - list; + * packet-ses.c: - display at least 5 rows in the lists; + Don't call the presentation layer dissector if we don't have a + handle for it. - get rid of the "extra" CList for storing edited values. +2003-12-02 02:58 guy -2003-09-27 23:34 guy + * packet-bssap.c, packet-tcap.c: - * packet-dcerpc-srvsvc.c, packet-dcerpc-srvsvc.h: + From Michael Lum: don't register the handoff routine for + dissectors as a preference change callback if the ports they + register on aren't preferences. - From Jean-Baptiste Marchand: add names of DFS-related operations - in SRVSVC. +2003-12-01 23:41 guy -2003-09-27 23:43 guy + * epan/value_string.c, epan/value_string.h, + plugins/plugin_api_list.c, plugins/Xass-list, + plugins/Xplugin_api.c, plugins/Xplugin_api.h, + plugins/Xplugin_api_decls.h, plugins/Xplugin_table.h: - * packet-dcerpc-wkssvc.c, packet-dcerpc-wkssvc.h: + From Tomas Kukosa: add "decode_enumerated_bitfield_shifted()", + which is like "decode_enumerated_bitfield()" but handles + value_string tables containing values as they appear in the + bitfield rather than as they appear in the item containing the + bitfield. - From Jean-Baptiste Marchand: add names of operations in WKSSVC. +2003-12-01 23:26 guy -2003-09-27 23:45 sahlberg + * packet-m2ua.c: - * packet-dcerpc-messenger.c: + From Michael Lum: add a preference setting to specify the + parameter tag for "Protocol Data 1", as it changed between draft + 7 and RFC 3331. - From JBM update the function names for Messenger +2003-12-01 23:05 guy -2003-09-27 23:48 sahlberg + * Makefile.am, Makefile.nmake, packet-ansi_a.c, packet-ansi_a.h, + packet-bssap.c, tap-ansi_astat.c: - * packet-dcerpc-netlogon.c, packet-dcerpc-netlogon.h: + From Michael Lum: - From JBM update some function names in Netlogon + add a message statistics tap for ANSI A interface for + Tethereal; -2003-09-27 23:51 guy + fix the BSSAP, BSMAP, and DTAP interface dissectors to + call + subdissectors even if no protocol tree is being built. - * packet-isup.c: +2003-12-01 22:25 guy - From Anders Broman: further dissect APM messages containing BICC - stuff, and fix a bug in the "upgraded parameter code". + * packet-ranap.c: -2003-09-28 00:00 sahlberg + From Michael Lum: add a heuristic RANAP dissector, for use atop + SCCP, as the SCCP dissector currently doesn't support + conversations to be given dissectors. - * tap-smbstat.c, gtk/smb_stat.c: +2003-12-01 20:27 gerald - Update to SMB service response time stats. For short packets, we - might not have enough of the payload to decode the transaction - info levels and thus that data structure is NULL. + * util.c: - check the pointer to this struct first before we try to - dereference it. + Don't automatically fill in a capture filter if CLIENTNAME is set + to "Console". -2003-09-28 00:11 sahlberg +2003-12-01 17:25 gerald - * packet-smb.c: + * README.win32: - in ReadAndX when reading what could potentially be the maxcount - high field assume that IF it is 0xFFFFFFFF that it is not - maxcount high at all but instead just some padding/reserved - bytes. + Updates for new zlib. - If this field is 0xFFFFFFFF just ignore it. +2003-12-01 17:19 gerald -2003-09-28 01:52 sahlberg + * packaging/nsis/ethereal.nsi: - * packet-mount.c, packet-nfs.c, packet-nfs.h, packet-nfsacl.c: + Switch from zlib.dll to zlib1.dll. - Prettify NFSv2 decorate COL_INFO and the tree pane as has - already been done for v3 +2003-12-01 17:17 gerald -2003-09-28 11:35 tpot + * config.nmake: - * packet-dcerpc-reg.c, packet-dcerpc-reg.h: + Switch to the new (and official) zlib DLL from www.gzip.org. - Operation name updates for winreg pipe from Jean-Baptiste - Marchand. +2003-12-01 06:59 sharpe -2003-09-28 21:39 guy + * wiretap/file_access.c: - * epan/tvbuff.c: + It's RedHat, not Red Hat. - "compute_offset_length()" must, if it returns FALSE, and - "exception" is non-null, set "*exception" to the appropriate - exception - its callers rely on it. +2003-12-01 02:01 guy - Now that it does that, there's no need for - "check_offset_length()" to check for a length of -1, as - "compute_offset_length()" does so, and therefore - "check_offset_length_no_exception()" does so. + * gtk/: file_dlg.c, file_dlg.h, print_dlg.c, proto_draw.c: -2003-09-28 23:15 guy + "select_file_cb()" only needs a title, not a "construct_args_t" - + "construct_args_t" is for use with filter dialogs, and the + members other than the title apply only to filter dialogs. - * wiretap/netxray.c: + Have "select_file_cb()" actually use the title supplied to it. - It appears that, at least for gigabit pod captures, there are - time stamp differences between versions 002.001 and 002.002. +2003-12-01 01:57 sharpe -2003-09-29 00:01 tpot + * gtk/menu.c: - * packet-dcerpc-lsa.c, packet-dcerpc-lsa.h, packet-dcerpc-samr.c, - packet-dcerpc-samr.h: + Fix the accelerator issue ... - More operation names updates from Jean-Baptiste Marchand. +2003-11-30 23:05 guy -2003-09-29 06:41 oabad + * gtk/proto_draw.c: - * gtk/dfilter_expr_dlg.c: + Not all platforms have - in particular, Windows + doesn't. - - in show_relations() : select the first row of the relation_list - when using gtk+ v2. - get rid of some unused variables. + If you're using "open()", "close()", "read()", "write()", etc., + you should include on Windows. -2003-09-29 18:50 guy +2003-11-30 18:01 sharpe - * packet-tacacs.c, packet-tacacs.h: + * gtk/proto_draw.c: - From Emanuele Caratti: + Fix some warnings in proto_draw.c - just use "g_free()" to free the buffer in "md5_xor()", as - it - doesn't throw exceptions; +2003-11-30 04:40 sharpe - temporarily #ifdef out "tacplus_acct_flags" pending the - arrival of code to dissect the TACACS+ accounting stuff. + * gtk/menu.c: -2003-09-29 19:17 jmayer + Rename that to Save Highlighted with Ctl-H as the accellerator. - * packet-smb.c: +2003-11-30 04:37 sharpe - Added comment: XXX Argh maxcnt_high is guint16 and thus 16 bit -> - always false + * gtk/menu.c: -2003-09-29 19:18 jmayer + Add Save Selected as a menu item in the File Menu. - * tap-httpstat.c, gtk/http_stat.c: + This still has a way to go, though, because the menu item should + be greyed out until something is Highlighted. - Whitespace changes in order to make diff produce more readable - results +2003-11-30 04:21 sharpe -2003-09-29 19:20 jmayer + * gtk/: color_dlg.c, file_dlg.c, file_dlg.h, menu.c, print_dlg.c, + proto_draw.c, toolbar.c: - * gtk/rtp_analysis.c: + Move print_file_cb out of gtk/print_dlg.c and into gtk/file_dlg.c + and rename it to select_file_cb to reflect its function. - use mkstemp instead of tmpnam + While this cleans things up a bit, I am still not happy because + now filter_prefs.h must be included before file_dlg.h just to get + construct_args_t. -2003-09-29 19:32 jmayer +2003-11-29 12:34 jmayer - * plugins/.cvsignore: + * doc/README.tapping: - xyzzy + Fix two small typos -2003-09-29 21:12 guy +2003-11-29 06:15 sharpe - * packet-isup.c: + * gtk/menu.c: - From Michael Lum: fix some val_to_str calls to have a non-null - format string for unknown values. + Properly capitalize the string for the menu item. -2003-09-29 21:50 guy +2003-11-29 06:09 sharpe - * packet-isup.c: + * gtk/: file_dlg.h, menu.c, print_dlg.c, proto_draw.c: - Clean up a bunch of length processing - use the reported length - rather than the captured length, and fix up some other stuff. + Add an entry in the byte_view pane that allows the user to save + the highlighted data to a file. This allows the user to select + some stuff, and analyse it with external tools, and is very + useful for quickly prototying dissectors etc. -2003-09-30 20:51 guy + This works by retrieving the info that is needed to define where + the selected region is. - * packet-nt-sonmp.c: + It puts up a dialog box that asks for the file to save in. - From Giles Scott: add some new hardware types. + However, it is an ugly hack, because it reuses print_file_cb, + while print_file_cb should be moved into file_dlg.c. -2003-10-01 07:11 guy + It also needs to have some warning dialogs put up in error cases. - * packet-eth.c, packet-eth.h, packet-ethertype.c, packet-fw1.c, - packet-ieee8023.c, packet-ieee8023.h, packet-llc.c, - packet-null.c, packet-sll.c, packet-vlan.c, epan/packet.h, - wiretap/5views.c, wiretap/erf.c, wiretap/etherpeek.c, - wiretap/file_access.c, wiretap/iptrace.c, wiretap/lanalyzer.c, - wiretap/libpcap.c, wiretap/netmon.c, wiretap/nettl.c, - wiretap/netxray.c, wiretap/ngsniffer.c, wiretap/radcom.c, - wiretap/snoop.c, wiretap/toshiba.c, wiretap/visual.c, - wiretap/wtap-int.h, wiretap/wtap.h: + Finally, it would be good to be able to select a region in the + byte_view, which you can do with click and drag, and then have a + menu item to save the selected bytes. - Have a pseudo-header for Ethernet packets, giving the size of the - FCS - 0 means "there is no FCS in the packet data", 4 means - "there is an FCS in the packet data", -1 means "I don't know - whether there's an FCS in the packet data, guess based on the - packet size". +2003-11-29 03:55 guy - Assume that Ethernet encapsulated inside other protocols has no - FCS, by having the "eth" dissector assume that (and not check for - an Ethernet pseudo-header). + * AUTHORS, packet-gtp.c, doc/ethereal.pod: - Have "ethertype()" take an argument giving the FCS size; pass 0 - when appropriate. + From melerski [AT] poczta.onet.pl: fix a problem with unknown + IEs. - Fix up Wiretap routines to set the pseudo-header. This means we - no longer use the "generic" seek-and-read routine, so get rid of - it. +2003-11-28 19:13 ulfl -2003-10-01 08:53 guy + * gtk/menu.c: - * packet-smb.c: + renamed frame to packet in all GUI elements moved "Enabled + Protocols" and such from "View" to "Analyze" toplevel menu - The max count high field is 32 bits, and, in order to compare it - against 0xffffffff, it has to be extracted into a 32-bit - variable. +2003-11-28 19:02 ulfl -2003-10-01 14:59 jmayer + * gtk/goto_dlg.c: - * doc/: .cvsignore, Makefile.am, ethereal-filter.pod.template, - ethereal.pod, ethereal.pod.template, tethereal.pod, - tethereal.pod.template: + renamed frame to packet in all GUI elements - Put the display-filter elements into it's own manpage - (ethereal-filter.4) +2003-11-28 19:00 ulfl -2003-10-01 15:09 jmayer + * gtk/capture_info_dlg.c: - * Makefile.am, configure.in: + use dlg_window_new instead of gtk_window_new - Put the display-filter elements into it's own manpage - (ethereal-filter.4) +2003-11-28 18:59 ulfl -2003-10-01 18:19 guy + * gtk/: toolbar.c, find_dlg.c: - * wiretap/wtap.def: + renamed frame to packet in all GUI elements - Have a pseudo-header for Ethernet packets, giving the size of the - FCS - 0 means "there is no FCS in the packet data", 4 means - "there is an FCS in the packet data", -1 means "I don't know - whether there's an FCS in the packet data, guess based on the - packet size". +2003-11-28 00:44 ulfl - Assume that Ethernet encapsulated inside other protocols has no - FCS, by having the "eth" dissector assume that (and not check for - an Ethernet pseudo-header). + * gtk/capture_info_dlg.c: - Have "ethertype()" take an argument giving the FCS size; pass 0 - when appropriate. + label changed from "Portions" to "% of total" as suggested by Guy - Fix up Wiretap routines to set the pseudo-header. This means we - no longer use the "generic" seek-and-read routine, so get rid of - it. +2003-11-28 00:13 ulfl -2003-10-01 19:41 guy + * gtk/main.c: - * doc/Makefile.am: + using dlg_utils.c functions to catch the ESC key to close the + dialog - dfilter2pod.pl and ethereal-filter.pod.template are in $(srcdir) - (which defauls to the current directory), not in the parent - directory. +2003-11-28 00:07 ulfl -2003-10-01 19:44 guy + * gtk/: supported_protos_dlg.c, plugins_dlg.c: - * doc/Makefile.nmake: + using dlg_utils.c functions to catch the ESC key to close the + dialog - Update for the new ethereal-filter man page. +2003-11-27 23:25 ulfl -2003-10-01 20:26 guy + * gtk/help_dlg.c: - * doc/Makefile.am: + using dlg_utils.c functions to catch the ESC key to close the + dialog - Put in some missing $(srcdir)/. +2003-11-27 22:29 guy - Get rid of redundant "../{t}ethereal.1" in CLEANFILES (they were - already there). + * print.c: -2003-10-01 20:27 guy + "representation", in an "item_label_t", is now an array, not a + pointer, so "fi->rep->representation" can't be null. - * .cvsignore: +2003-11-27 22:15 guy - Add ethereal-filter.4. + * tap-rpcstat.c, tap-wspstat.c: -2003-10-01 20:36 guy + Fix comments to correctly refer to the "-z" option. - * doc/ethereal.pod: +2003-11-27 22:14 guy - Filters in Ethereal are usually display filters, not read - filters; go back to describing them as such. + * tap-rpcstat.c: -2003-10-01 21:15 guy + From Michael Lum: fix the usage message to refer to "-z", not + "-Z". - * packet-srvloc.c: +2003-11-27 22:12 guy - The PDU length is 3 bytes long in SLPv2. + * gtk/main.c: - The minimum number of bytes of SLP we have to reassemble is 5 - - it's nominally 4 for SLPv1, but we don't have a way of asking for - 1 byte (the version) and then saying "I need N bytes of header to - get the PDU length, and an SLPv1 packet less than 12 bytes long - is bogus anyway. + Show the -z flag in the usage message. -2003-10-01 21:51 guy +2003-11-27 22:04 guy - * packet-enip.c: + * tethereal.c: - Reject frames with no command (too short) or an invalid command. + From Michael Lum: fix the usage message to say "-z", not "-Z". - Clean up white space somewhat. +2003-11-27 21:20 guy -2003-10-02 06:13 guy + * AUTHORS, packet-rtp-events.c, doc/ethereal.pod: - * AUTHORS, Makefile.am, Makefile.nmake, asn1.c, asn1.h, - packet-tcap.c, packet-tcap.h, doc/ethereal.pod: + From Arsen Chaloyan: fix offsets in "proto_tree_add" calls. - From Samuel Qu, Michael Lum, and Jeff Morriss: TCAP support, and - "asn_id_decode1()" variant of "asn_id_decode()". +2003-11-27 21:09 guy -2003-10-02 14:03 gerald + * etypes.h, packet-ethertype.c, plugins/rtnet/packet-rtnet.c: - * doc/ethereal-filter.pod.template: + From Erwin Rol: RTCFG support. - Fix a malformed "=head1" tag. + Add in a URL to the RTNET home page. -2003-10-02 19:22 gerald +2003-11-27 21:02 guy - * doc/tethereal.pod: + * packet-dns.c: - Add an example for "-d". + From David Fort: fix to previous patch. -2003-10-02 21:04 guy +2003-11-27 20:34 ulfl - * plugins/rtnet/packet-rtnet.c: + * gtk/menu.c: - RTNET has no preferences, so don't register a preferences module - for it. + Redesign of the whole menu structure, to be more intuitive to the + user and conforms somewhat better to the Gnome Human Interface + Guideline -2003-10-02 21:06 guy +2003-11-27 17:18 ulfl - * prefs.c, prefs.h, gtk/prefs_dlg.c: + * print.c: - Don't put an entry for a protocol into the Preferences dialog if - it doesn't have any settable preferences (for example, if it has - only obsolete preferences). + bugfix: removed access violation when using "File/Print Packet". + The label_ptr could be NULL, when calling function print_line -2003-10-02 21:18 guy +2003-11-27 00:22 ulfl - * gtk/prefs_dlg.c: + * gtk/help_dlg.c: - From Tomas Kukosa: radio button groups are GSLists, which means - that the radio button group for a button changes when new buttons - are added to it (adding to the beginning of a singly-linked list - takes constant time, adding to the end takes time linear in the - length of the list, and a GSList * points to the beginning of the - list). Re-fetch the radio button group each time through the - loop that adds new radio buttons to a radio button group for a - preference. + using text files from help dir, to display the help texts. the + "dynamic protocol fields" are already moved to + gtk/supported_protos_dlg.c -2003-10-02 21:37 guy +2003-11-27 00:17 ulfl - * packet-dcerpc-dnsserver.c, packet-dcerpc-dnsserver.h: + * help/: capture_filters.h, display_filters.h, faq.h, overview.h, + well_known.h: - From Jean-Baptiste Marchand: add names for new dnsserver - operations for W2K3. + Added this intermediate files, until a Makfile.am is available + for unix systems -2003-10-02 21:40 guy +2003-11-26 23:23 guy - * packet-dcerpc-svcctl.c, packet-dcerpc-svcctl.h: + * AUTHORS, packet-dns.c, doc/ethereal.pod: - From Jean-Baptiste Marchand: add/update names for svcctl - operations. + From David Fort: DNS DSS RR support. -2003-10-02 21:45 guy +2003-11-26 12:22 sahlberg - * packet-dcerpc-dfs.c, packet-dcerpc-dfs.h: + * epan/: proto.c, proto.h: - From Jean-Baptiste Marchand: add additional operation names for - dfssvc. + Speed updates -2003-10-02 21:48 guy + create generic macros for allocating/freeing structures. - * packet-dcerpc-browser.c, packet-dcerpc-browser.h: + remove one more slow GMemChunk and replace it with a simple + linked list - From Jean-Baptiste Marchand: add operation names for browser - service. + ~4% speed improvement in my tests. -2003-10-02 22:28 gerald + the allocated data is never freed. this may be a problem if + ethereal is ever supported on a platform lacking resource + tracking but makes the implementation faster and simpler. - * doc/Makefile.nmake, packaging/nsis/Makefile.nmake, - packaging/nsis/ethereal.nsi: +2003-11-26 02:58 guy - Fix document creation under Windows, add ethereal-filter.html to - the NSIS package. + * AUTHORS, packet-giop.c, doc/ethereal.pod: -2003-10-02 22:40 guy + From Patrick Kursawe: rename "getline()" so it doesn't collide + with the "getline()" declared in with recent versions + of glibc. - * t35.c, t35.h: + Fix a typo in the AUTHORS file. - Add RCS IDs. +2003-11-26 02:54 guy -2003-10-02 22:44 guy + * pcap-util.c: - * adler32.c, adler32.h, packet-etherip.c, packet-h450.c, - packet-ipsec-udp.c, packet-isns.c: + From Jaime Fournier: fix a typo. - Add RCS IDs. +2003-11-25 20:26 guy -2003-10-03 04:41 guy + * AUTHORS, packet-ucp.c, doc/ethereal.pod: - * doc/tethereal.pod: + From Reinhard Speyerer: handle 10-digit UCP dates, which lack a + seconds value. - Fix a typo. +2003-11-25 20:02 guy -2003-10-03 09:09 sahlberg + * epan/proto.c: - * packet-ipx.c, gtk/endpoint_talkers_table.c: + As with fvalue_t, so with field_info and item_label - the + individual items aren't individually g_mallocated and can't be + g_freed, only the chunks can. - Update ipx and conversation list to make it possible to select - and filter for ipx conversations from the conversation list popup - menu +2003-11-25 19:25 guy -2003-10-03 20:18 tuexen + * epan/ftypes/ftypes.c: - * packet-sctp.c: + Individual fvalue_t's aren't individually allocated with + "g_malloc()", so they can't be freed with "g_free()"; keep a list + of the chunks of "fvalue_t"s, which are whare are allocated with + "g_malloc()", so we can free them all. - - Fixed a typo. - Changed the default checksum algorithm from - Adler32 to CRC32C. +2003-11-25 18:02 guy -2003-10-03 20:58 guy + * packet-sip.c: - * packet-isup.c: + From Anders Broman: add more SIP headers, and the PUBLISH method. - From Anders Broman: +2003-11-25 14:16 sahlberg - fix some cut and paste errors in "upgraded parameter" - routine; + * epan/proto.c: - more BICC work. + replace free_node_field_info with a macro since it is only called + from one other place in the code and this reduces one unnecessary + function call overhead. and it makes ethereal ~1% faster. -2003-10-03 21:03 guy +2003-11-25 14:11 sahlberg - * wiretap/ascend-scanner.l: + * epan/proto.c: - From Graham Bloice: define YY_NO_UNISTD_H on Win32, so that if - Flex was a UNIX version generating code that, by default, assumes - you have (as might be the case with recent versions of - Cygwin, which I assume *does* supply ), but you're - building on a platform that lacks (e.g., building with - MSVC++ or MinGW), you can still compile. + rename FREE_FIELD_INFO to FIELD_INFO_FREE for consistency -2003-10-03 21:12 jmayer +2003-11-25 14:10 sahlberg - * wiretap/ascend-scanner.l: + * epan/proto.c: - Use #ifndef HAVE_UNISTD_H instead of #ifdef _WIN32 + create a FIELD_INFO_NEW for consistency -2003-10-03 21:19 jmayer +2003-11-25 14:07 sahlberg - * gtk/rtp_analysis.c: + * file.c, print.c, epan/proto.c, epan/proto.h, gtk/proto_draw.c: - Graham Bloice: Add missing #include mkstemp.h + remove another slow GMemChunk from ethereal making ethereal a + little bit faster -2003-10-03 22:38 guy +2003-11-25 13:23 sahlberg - * gtk/rtp_analysis.c: + * epan/proto.c: - Include "mkstemp.h" only if we're including our own "mkstemp()". + change free_field_info to FREE_FIELD_INFO to indicate it is a + macro and not a function -2003-10-03 23:09 guy +2003-11-25 13:20 sahlberg - * AUTHORS, Makefile.am, Makefile.nmake, packet-ansi_map.c: + * epan/proto.c, epan/dfilter/dfvm.c, epan/ftypes/ftype-ipv4.c, + epan/ftypes/ftype-string.c, epan/ftypes/ftypes-int.h, + epan/ftypes/ftypes.c, epan/ftypes/ftypes.h, + gtk/dfilter_expr_dlg.c: - From Michael Lum: ANSI MAP support. + fvalue_free() is one of the most called functions. This function + is also very small, so small that teh overhead for the actual + function call and return is likely to be a significant part of + its execution time. -2003-10-03 23:22 guy + change it into a macro and make it thus slightly faster by + eliminating the function call overhead. - * plugins/gryphon/: NEWS, packet-gryphon.c, packet-gryphon.h: +2003-11-25 08:50 sahlberg - From Steve Limkemann: + * epan/ftypes/: ftypes.c, ftypes.h: - Added two new "well known destinations": SD_IOPWR AND - SD_UTIL. + Change the handling of temporary allocation of fvalue_t + structures to be faster. Use a similar technique as was used in + epan/proto.c to speed up the field_info allocation/deallocation + routines - Added logic to dissect the CMD_SET_TIME command. +2003-11-25 08:19 guy - Added an alterate destination for the CMD_PGM_START command. + * packet-dcerpc.c: - Added logic to dissect the CMD_SCHED_MSG_REPLACE command. + From Jaime Fournier: show the RPC version of the unknown + interface in the Info column. - Added logic to dissect the CMD_USDT_REGISTER command. +2003-11-25 08:10 guy - Added logic to dissect the CMD_USDT_SET_FUNCTIONAL command. + * AUTHORS, Makefile.am, Makefile.nmake, packet-dcerpc-budb.c, + packet-dcerpc-epm4.c, packet-dcerpc-icl_rpc.c, + packet-dcerpc-rs_prop_acct.c: - Added logic to dissect the following commands - CMD_IOPWR_GETINP - CMD_IOPWR_GETLATCH - CMD_IOPWR_CLRLATCH - CMD_IOPWR_GETOUT - CMD_IOPWR_SETOUT - CMD_IOPWR_SETBIT - CMD_IOPWR_CLRBIT - CMD_IOPWR_GETPOWER - CMD_UTIL_SET_INIT_STRATEGY - CMD_UTIL_GET_INIT_STRATEGY + From Jamie Fournier: DCE RPC EPM version 4 support, and stub + support for BUDB, ICL RPC, and RS_PROP_ACCT DCE RPC-based + protocols. - Added the ability to recongnize more IOCTLS. (For the - SJA1000 driver, LIN - and power drivers.) +2003-11-25 05:58 guy - Added the ability to recognize more card types. + * wiretap/cosine.c: - Added dissection of more fields for CMD_SCHED_TX command. + "file_seek()" sets "*err" - we don't have to set it ourselves. - Bug fixes and general updating. + The same is true of "parse_cosine_rec_hdr()". -2003-10-03 23:31 guy +2003-11-25 05:56 guy - * packet-ranap.c: + * wiretap/network_instruments.c: - From Michael Lum: + "file_seek()" sets "*err" - there's no need to set it ourselves. + It returns -1 on errors, so just check for that. - support for Global RNC ID; +2003-11-25 00:21 guy - fixed some typos + * ipproto.h: - added push of 'NAS PDU' so that a GSM 24.008 (DTAP) - dissector - can be added. + Fix a typo. -2003-10-04 03:10 sahlberg +2003-11-24 23:46 guy - * gtk/io_stat.c: + * packet-ccsds.c: - Fix to IO-Stat. + Eliminate compiler warnings. - IO-Stat failed to produce Advanced/COUNT(*) statistics for fields - of type FT_NONE. Fixed. +2003-11-24 22:11 guy - Now it is possible to do : Advanced/COUNT(*) - Filter:tcp.analysis.retransmission - Field:tcp.analysis.retransmission Advanced/COUNT(*) - Filter:tcp.analysis.duplicate_ack - Field:tcp.analysis.duplicate_ack + * packet-ncp2222.inc, print.c, proto_hier_stats.c, + tap-protohierstat.c, epan/proto.c, epan/proto.h, gtk/main.c, + gtk/menu.c, gtk/prefs_dlg.c, gtk/rtp_analysis.c: - And it will plot the number of Retransmissions and Duplicate ACKs - seen in each time interval. + Make the recent epan/proto.{c,h} change compile. -2003-10-04 16:44 guy +2003-11-24 21:42 guy - * packet-isakmp.c: + * ipproto.c, ipproto.h, packet-mip6.c: - If a payload type doesn't have a dissector function, don't crash - by calling through the null dissector pointer, just dissect it as - "Payload". + Preserve 62 as an (old) IP protocol type for mobility headers. -2003-10-05 05:04 sharpe +2003-11-24 21:12 sahlberg - * mkcap.c: + * epan/: proto.c, proto.h: - Add mkcap.c, a little utility to generate reasonable looking TCP - capture files for pedagogic use. + performance enhancement to proto.c -2003-10-05 14:58 sharpe + Removed the GMemChunk used to allocate/free field_info structures + and used a free list to store the freed structs until they are + allocated again. - * mkcap.c: + Ethereal will allocate more field_info structs as it needs to but + never free them. Instead the are just placed in a cheap and fast + free list so that if we want to use the struct again, this will + be fast. - Further updates on mkcap.c + This affects the speed of the two functions alloc_field_info() + that should be slightly faster now free_field_info() that was + replaced with a 2 line macro. -2003-10-05 21:57 jmayer + All in all my testing suggests that ethereal is 2-3% faster with + this patch. - * packet-dns.c: +2003-11-24 17:41 ulfl - Fix warning about strict-aliasing + * Makefile.nmake: -2003-10-05 22:38 jmayer + bugfix: corrected clean and distclean targets - * plugins/docsis/packet-tlv.c: +2003-11-24 00:34 guy - Get rid of another strict-aliasing warning: verify_tfs is a - true-false-string : dereference it accordingly + * AUTHORS, Makefile.am, Makefile.nmake, packet-ccsds.c, + doc/ethereal.pod: -2003-10-05 22:44 jmayer + From Scott Hovis :CCSDS (Consultative Committee for Space Data + Systems) support. - * packet-tzsp.c: +2003-11-24 00:05 guy - Fix 3 strict-aliasing warnings: Use TFS(&var) instead of - VALS(&var) in case var is a true-false-string + * packet-isup.c: -2003-10-05 23:09 jmayer + From Anders Broman: fix dissection of GRS/GRA messages. - * packet-cops.c: +2003-11-23 23:42 guy - variable.type is of type u_char, so use 0 instead of NULL + * Makefile.nmake: -2003-10-05 23:27 jmayer + Include the BFD dissector when building with MSVC++. - * packet-bssgp.c: +2003-11-23 22:00 gerald - Another strict-aliasing warning fix - I hope I got this right :) + * AUTHORS, Makefile.am, packet-bfd.c: -2003-10-06 02:01 jmayer + From Hannes Gredler: Add support for Bi-directional Fault + Detection (BFD). - * plugins/gryphon/packet-gryphon.c: +2003-11-22 12:02 jmayer - Fix 4 warnings in case of strict-aliasing by declaring timestamp - as time_t instead of int. + * packet-radius.c: -2003-10-06 07:26 guy + - Bugfix: Passworddecoding should only be done for attribute 2, + but not for VSA 2 - Fixme comment about length handling + added - Cleanup: Setting a variable to the right type removes the + necessity for casts. - * packet-lmi.c: +2003-11-22 11:12 sahlberg - Update a URL. + * packet-h245.c: -2003-10-06 08:10 guy + Change the way signalType is dissected to be compatible with and + dissect the packets from Martin R and Paul H. - * packet-enip.c: + I still think ethereal was correct before this patch and that + this patch is not compatible with teh standard. Anyway, that + doesnt matter much. With this patch ethereal will dissect the + packets properly. Time to study x691 again. - Fix the handling of padding bytes. +2003-11-22 08:35 guy -2003-10-06 08:35 guy + * ipproto.h, packet-ipv6.h: - * packet-dcerpc-rpriv.c, packet-dcerpc-spoolss.c, packet-isup.c, - packet-nlsp.c, packet-ranap.c, packet-sua.c: + From Martti Kuparinen: use correct values for Mobile IPv6. - From packet steve: get rid of some duplicate field definitions - (some aren't exactly duplicates, but they both set the same hf_ - variable). +2003-11-22 04:41 sahlberg -2003-10-06 08:58 guy + * epan/proto.c: - * gtk/rtp_stream_dlg.c: + As per Guys suggestion, continue optimizing proto.c to macroize + it and make it even faster - (Based on a patch from Lars Roland.) +2003-11-21 22:18 guy - Use "gtk_dialog_new()" to create the window - that doesn't create - a "dialog box" in the sense of a transient-for window, but it - does create a window with a button vbox that the code expects to - be present. + * packet-smpp.c: -2003-10-06 09:08 guy + From Olivier Biot: fix up the description of the + "port_number_udh_means_wsp" preference. - * packet-ansi_map.c: +2003-11-21 22:00 guy - From Lars Roland: not all compilers like static const arrays with - unknown size, so don't use them. + * packet-wsp.c: -2003-10-06 09:18 guy + From Olivier Biot: - * AUTHORS, Makefile.am, Makefile.nmake, packet-alcap.c: + * Fix the WSP dissector so a Quoted-string with + extraneous + trailing quote is displayed without duplicated final + quote, and + issue a warning in the protocol tree. + * Remove the Openwave x-up-proxy-client-id header + decoding as it + was incorrectly decoded as a text string, and process + it with + the default Openwave header parser. + * Fix byte highlighting of some WSP parameters. + * Rename the WSP parameter filter names so they don't all + refer to + content_type. + +2003-11-21 21:58 guy + + * packet-wbxml.c, epan/packet.c, epan/packet_info.h: - From Michael Lum: ALCAP (Q.2630.1) support. + From Olivier Biot: -2003-10-06 14:48 jmayer + * Add a "match_string" field to the "packet_info" + structure, + saving the string value that matched in a string + dissector + lookup, by analogy to "match_port" - this was required + for + dissection with token rendering of WBXML content when + no public + ID was given (e.g. Nokia/Ericsson OTA provisioning + data). + * Add support for textual content type based WBXML token + mapping. + * Add extra WBXML public identifiers. + * Add the Nokia/Ericsson OTA provisioning (version 7) + token + definitions. + * Inform the user when a content-type based token match + is found. - * packet-alcap.c: +2003-11-21 21:33 guy - Replace the forward declaration of msg_parm_strings by moving the - real declaration from the middle of the file to the place of the - forward declaration. This should make MSVC happy. + * AUTHORS, packet-dcerpc-srvsvc.c, doc/ethereal.pod: - Spotted and proposed fix by Ulf Lamping. + From Eric Wedel: fix dissection of NetServerDiskEnum reply. -2003-10-06 15:41 jmayer +2003-11-21 19:24 guy - * plugins/gryphon/packet-gryphon.c: + * gtk/rtp_stream.c: - check in the following comment: /* XXX This code is neither - Endianess independent, nor will it work * on platforms that - do not support the *optional* guin64 type */ + From Lars Ruoff: use the pointer to the RTP payload, rather than + extracting the data from the frame directly. -2003-10-06 19:11 guy +2003-11-21 14:58 sahlberg - * doc/README.developer: + * epan/: proto.c, proto.h: - Add One More Item to the list of things not all compilers can - handle. + Performance fix -2003-10-06 19:25 guy + In the GPROF logs proto_registrar_get_nth() used to take anything + between 2.5 and 5.5% of the time. - * AUTHORS, Makefile.am, Makefile.nmake, packet-alcap.c, - packet-ansi_637.c, packet-ansi_683.c, packet-ansi_map.c: + Replace the GLIB array with a handroleld one for one of the + private structures. - From Michael Lum: + the function should now be virtually zero cost and thus ethereal + should be 2.5-5.5% faster on those traces. - IS-637-A (SMS) support - IS-683-A (OTA) support - ANSI MAP updates + anyone that wants to, please rerun GPROF with this fix and see + what has changed. - Fix a typo in the previous checkin. +2003-11-21 08:40 guy -2003-10-06 20:46 guy + * packet-dcerpc-epm.c: - * packet-afs-register-info.h, packet-clnp.c, packet-fcdns.c, - packet-isup.c, packet-lmi.c, packet-lmp.c, packet-m3ua.c, - packet-nfsacl.c, packet-rsvp.c, epan/proto.c: + A "handle_t" as the first argument to a call doesn't seem to be + sent over the wire, at least in the DCE RPC 1.1 code. - When registering a field, make sure its ID is -1 or 0 - if it's - not, that probably means you've registered two fields with the - same field ID variable, which is an error. + That suggests that the first 24 bytes of a Map request are the + UUID pointer that the EPM IDL says should be there, not a context + handle. - Fix the bugs doing so found. +2003-11-21 08:33 guy -2003-10-06 22:10 guy + * pcap-util.c: - * gtk/io_stat.c: + Maybe the problem is that the compilers used on AIX weren't + defining "AIX", and that code was never compiled. Libpcap uses + "_AIX" to conditionally compile in the extra AIX BPF support; + we'll do the same. - Make the "needs_redraw" flag a gboolean, as it's a Boolean flag. +2003-11-21 08:30 guy - Rename "max_count_types and "max_calc_types" to - "count_type_names" and "calc_type_names", to make it clearer what - they are. + * pcap-util.c: - For the advanced statistics, give different error messages for - the case where no field name was specified and where an invalid - field name was specified. + Pass "strncmp()" the right number of arguments. (Why hasn't + anybody reported this as a problem when compiling on AIX? + Doesn't any compiler complain that "strncmp()" isn't being passed + enough arguments? GCC sure did in a test program I built on + FreeBSD 3.4....) - Give better error messages for the cases where the calculation - type isn't supported for a particular field. +2003-11-21 04:01 guy - Initialize the calculation type for a given field. + * packet-dcerpc.c: -2003-10-06 22:13 guy + From Jamie Fournier: add the UUID to the Info column for datagram + calls. - * gtk/io_stat.c: +2003-11-21 02:57 guy - Rename "max_tick_values" to "tick_interval_values", to make it - clearer what it is. + * AUTHORS, Makefile.am, Makefile.nmake, packet-dcerpc-rs_plcy.c: -2003-10-07 03:09 guy + From Jamie Fournier: DCERPC RS_PLCY support. - * gtk/print_mswin.c: +2003-11-21 02:48 guy - From Gisle Vanem: if WIN32_LEAN_AND_MEAN is defined, - doesn't include , but "print_mswin.c" needs it, so - include it explicitly. + * packet-dcerpc-ndr.c, packet-dcerpc.h: -2003-10-07 03:35 guy + The 32-bit integer at the beginning of a context_handle is called + "context_handle_attributes" in the DCE RPC 1.1 "nbase.idl". + Rename our structure member accordingly. - * packet-ftp.c: + Note in a comment that we should perhaps display a context_handle + as the attributes and UUID. - From Giles Scott: put the IP address and port number in PORT - requests and PASV responses into the protocol tree, and, for PASV - responses, create a conversation for the future FTP data - conversation and make the FTP data dissector be the dissector for - it. + Use "proto_tree_add_item()", not "proto_tree_add_bytes()", to put + the context handle raw data into the protocol tree. -2003-10-07 04:36 guy +2003-11-20 23:34 guy - * gtk/main.c: + * packet-rtp.c, packet-rtp.h, gtk/Makefile.am, gtk/Makefile.nmake, + gtk/rtp_stream.c, gtk/rtp_stream.h, gtk/rtp_stream_dlg.c: - Make the window geometry information static - it's not used - outside this file. + From Lars Roland: - Fetch the geometry information whenever we get a configure_notify - event, i.e. if it actually changes, rather than doing so when we - get asked to delete the main window or we exit. Don't save the - geometry if we've never gotten such an event, as it presumably - means the size and position haven't changed. + - added a pointer to raw rtp data to _rtp_info that can + be used by + taps; -2003-10-07 09:30 sahlberg + - RTP packets are passed to the tap queue only if they + are not + error packets (so that you don't need to filter out + ICMP + packets) - * gtk/: endpoint_talkers_table.c, find_dlg.c, find_dlg.h: + - use that pointer in rtp_stream, so it handles packets + with + padding, and should handle RTP packets fragmented + across + lower-level packets - Add Find Next/Find Previous submenu to conversation lists. + - moved rtp_stream from tap sources to normal files + (prevents on-start-up registration of the rtp_stream + tap + listener) - By using Find Next/Previous you will jump to the next/previous - matching packet in the ethereal main window. + - rtp_stream tap gets registered/unregistered with the + "RTP + Streams" dialog box + i.e. the tap is registered as long as the dialog box is + open. + Alternatively, it is de-/registered on demand if RTP + Analysis is + called directly on a packet. - I could not get CTRL-N / CTRL-B to work and was too lazy to - research. It would be nice if CTRL-N / CTRL-P would invoke the - same thing as selecting /Find Frame/Find Next/EP1 <-> EP2 or - /Find Frame/Find Previous/EP1 <-> EP2 from the menu. I could not - figure out how to get gtk to do this. The person that adds - CTRL-N/CTRL-B here will be a hero. + - rtp_stream tap listener no longer uses a filter in + dissection + ` and does not need to have a proto tree being built. + (performance increase) -2003-10-07 09:50 sahlberg + - fixed: RTP Streams list will get updated in real time + if the + dialog box is open while a redissection takes place. - * gtk/find_dlg.h: +2003-11-20 23:21 guy - Forgot to update a prototype in previous patch + * packet-dcerpc-srvsvc.c: -2003-10-07 10:07 sahlberg + #if 0-out some no-longer-used routines. - * gtk/: color_dlg.c, color_dlg.h, endpoint_talkers_table.c: + Use #if 0/#endif rather than comments to remove the code that + used to refer to those routines - it's a bit more robust in the + presence of comments (there aren't currently any, but, just in + case somebody adds them...). - Update to endpoint talkers, endpoint talkers now have an extra - submenu on the popup where one can select : Colorize - Conversation. This opens up the create color filter dialog with - the filter preset to the selected conversation. +2003-11-20 22:50 guy -2003-10-07 17:21 guy + * packet-wbxml.c: - * t35.c: + From Olivier Biot: add support for media type + "application/x-prov.syncset+wbxml". - From Hans Viens: add an H.221 manufacturer code for Mediatrix, - and tweak white space. +2003-11-20 22:38 guy -2003-10-07 17:29 guy + * packet-sip.c: - * gtk/endpoint_talkers_table.c: + From Martin Mathieson: - Include "gtk/color_dlg.h" to declare - "color_display_with_filter()", and include "color.h" to declare - "color_filter_t", which "gtk/color_dlg.h" requires. + - Add some summary info to REGISTER requests and + responses + - Tidy up whitespace a little -2003-10-07 17:36 guy +2003-11-20 22:24 guy - * packet-ospf.c: + * packet-wbxml.c: - From Taisuke Sasaki: put in missing {} in an "if". + From Olivier Biot: -2003-10-07 17:43 guy + * Fix an incorrectly #ifdef'ed return introduced by the + previous + patch + * Remove the parsed_length parameter from the function + signature + of the tag and attribute dissectors - have it return + the + parsed length, instead + * Throw ReportedBoundsError exceptions if we run past the + end of + the tvbuff, rather than putting a special entry in + * Produce consistent and extensive debug logging (enabled + by + defining DEBUG_wbxml) + * Get rid of the dozens of "#ifdef DEBUG ... #endif" + constructs + for debug logging + +2003-11-20 19:05 guy - * packet-isup.c: + * epan/osi-utils.c: - From Anders Broman: + From Hannes Gredler: "print_system_id()" should call + "print_system_id_buf()", not "print_nsap_net_buf()". (What idiot + made *that* mistake? :-)) - change some variable names to conform to abbreviations - used in - the specs; +2003-11-20 14:29 nneul - added+dissection of some more BAT ASE elements; + * AUTHORS: - fixed some minor bugs. + update proto list -2003-10-07 18:19 oabad +2003-11-20 06:43 sharpe - * packet-x25.c: + * packet-dcerpc-srvsvc.c: - Put the "X.264 protocol identifier" and "X.264 sharing strategy" - fields in the "User data" subtree. + Clean up some IDL and remove some structures that Windows of all + flavors does not understand. SHARE_INFO_1004, 1005, 1006, 1007, + and 1501 seem not to be understood by any, and it can screw up + dissections. -2003-10-07 21:15 guy +2003-11-20 05:20 guy - * epan/to_str.c: + * epan/proto.c: - Get rid of an out-of-date comment. + Use "tvb_get_string()" in "proto_tree_set_string_tvb()" - it + won't leak memory if it throws an exception, as it checks whether + the entire string is in the tvbuff *before* allocating a buffer + for it, and that also means that if the length is absurdly large, + an exception will be thrown, rather than the memory allocation + failing. -2003-10-08 05:36 guy +2003-11-20 05:04 guy - * packet-isakmp.c: + * epan/resolv.c: - Dissect NAT-Discovery and NAT-Original Address payloads, and just - use the version-independent part of the draft ID for "Negotiation - of NAT-Traversal in the IKE" rather than giving a URL for the - draft (the URL in question was out-of-date, and a future one runs - the risk of becoming out of date, given that the -07 draft - expired a few days ago...). + On Mac OS X, disable the alarm/longjmp stuff for timing out name + resolution queries - it runs a significant risk of crashing + applications that do that. -2003-10-08 06:44 guy +2003-11-20 04:28 gerald - * etypes.h, packet-ethertype.c: + * AUTHORS, doc/ethereal.pod: - 0x81fd and 0x81ff appear to be for the Cabletron Interswitch - Message Protocol, although the packets I've seen with 0x81fd - don't look like the ISMP packets described in RFC 2641/2642/2643. + Update Jakob Schlyter's address. -2003-10-08 11:33 jmayer +2003-11-19 22:55 guy - * packet-ftp.c: + * packet-wbxml.c: - use g_htonl instead of htonl + From Olivier Biot: fix the WBXML dissector in cases where + dissection is interrupted because of a short frame or packets not + being reassembled, and provide additional debug logging. -2003-10-08 12:29 sahlberg +2003-11-19 22:13 nneul - * packet-dcerpc.c: + * Makefile.am, Makefile.nmake, packet-sebek.c: - Change dissect_deferred_pointer() from being Ordo(n^2) into being - Ordo(n) + Add dissector for the SEBEK kernel read() data capture and/or + rootkit tool used as part of the HoneyNet project. - Makes it slightly faster when n (the number of pointers) is - >10.000 + Info at: http://project.honeynet.org/tools/sebek/ - The mother of all dcerpc packets (containing one array of >10.000 - pointers) was a bit slow. +2003-11-19 21:24 guy - It is still slow but at least completes in out lifetime. + * packet-wsp.c: -2003-10-09 18:54 guy + From Olivier Biot: - * packet-mmse.c, packet-wbxml.c, packet-wsp.c: + correct (and document) the offset computation in the + parameter() + and parameter_value_q() functions. - From Biot Olivier: + From Loïc Minier: - Rename WSP defines to avoid collisions with Windows - defines. + - a copy-paste with a missing replacement; + - content-disposition uses parameters not q-values; + - missing "+" for the calculation of parameter-offsets; + - white-space cleanup; + - comment fixes. - Rename WSP dissector table for integer-value content - types. +2003-11-19 09:58 guy - Add WSP dissector table for literal content types. + * packet-isis-lsp.c, packet-isis-lsp.h: - Add WSP dissection registration for literal content - types. + Fix the ATT bit definitions. - Register literal and extra WBXML content types to WSP - dissector. +2003-11-19 09:49 guy - Register textual MMS content type to WSP dissector. + * packet-cpfi.c: -2003-10-09 18:57 guy + Get rid of unused variables. - * doc/README.developer: +2003-11-19 09:43 guy - Add an item about prefixing #define names and enum names with a - prefix to avoid name collisions. + * packet-wsp.c: -2003-10-09 20:52 guy + From Olivier Biot: get rid of no-longer-used routines. - * packet-h225.c, packet-h245.c, packet-h450.c, packet-per.c, - packet-per.h, packet-t38.c: +2003-11-19 09:32 sahlberg - Prefix OPTIONAL and NOT_OPTIONAL with ASN1_, to avoid collisions - with other definitions of OPTIONAL (such as the one in Windows). + * packet-tcp.c: -2003-10-09 21:18 guy + Update to TCP, when we see a SYN|ACK packetm reset base_ack to + the current ACK-1 so that it looks right when doing relative + sequence numbers. I.e. SEQ : seq==0 ack==0 SEQ|ACK + seq==0 ack==1 ACK seq==1 ack==1 - * doc/README.developer: + This looks much more correct. - From Loïc Minier: information on how to do reassembly of PDUs - atop TCP. + This change also fixes the problem reported to ethereal-dev + recently with "Follow TCP Stream" dropping the first character of + the stream. -2003-10-09 22:29 jmayer +2003-11-19 07:13 sharpe - * tethereal.c: + * packet-dcerpc-wkssvc.c: - In case of a parse error in the capture syntax, check whether it - is valid display filter syntax. In case it is, warn about a - possbile confusion of the two filter types. + Fix some IDL ... -2003-10-09 22:35 guy +2003-11-19 04:30 guy - * packet-h225.c, packet-h245.c, packet-h450.c, packet-per.c, - packet-per.h, packet-t38.c: + * packet-fcswils.c: - Prefix the EXTENSION #defines with ASN1_ as well. + From Dave Sclarsky: fix the offset for the Node WWN. -2003-10-09 22:40 guy +2003-11-19 04:26 guy - * AUTHORS, packet-isakmp.c, doc/ethereal.pod: + * packet-cpfi.c: - From Aki Immonen: add a numbre of vendor IDs. + Get rid of some unused arguments and variables. -2003-10-10 03:00 guy + Clean up the handling of the footer, so that it works even with + short frames. - * Makefile.am, acinclude.m4, capture-wpcap.c, configure.in, - pcap-util-unix.c, pcap-util.c: +2003-11-19 04:05 guy - Use "pcap_findalldevs()" if present. + * packet-cpfi.c: -2003-10-10 03:04 guy + "uint" preferences should be "guint"s, not "int"s. - * pcap-util-int.h: +2003-11-19 04:02 guy - Use "pcap_findalldevs()" if present. + * packet-cpfi.c: -2003-10-10 06:05 guy + Fix a typo. - * acinclude.m4, capture-wpcap.c, pcap-util-unix.c, pcap-util.h, - util.c: +2003-11-19 04:00 guy - Get the version number of the libpcap/WinPcap with which we're - running with "pcap_lib_version()", if available. + * AUTHORS, Makefile.am, Makefile.nmake, packet-cpfi.c, + doc/ethereal.pod: -2003-10-10 08:39 sahlberg + From Dave Sclarsky: CPFI support. - * gtk/: main.c, main.h, menu.c: +2003-11-19 03:53 guy - Updates to TimeReference Frames + * packet-smb-browse.c, packet-smb-logon.c, packet-smb-mailslot.c: - Add a Goto Next/Previous time reference menu option + "dissect_mailslot_browse()", "dissect_mailslot_lanman()", and + "dissect_smb_logon()" always return TRUE, so just get rid of + their return value. -2003-10-10 08:52 sahlberg + "call_dissector()" automatically calls the data dissector if the + protocol for the dissector being called is disabled, so we don't + have to check its result and call the data dissector if it + returns 0. - * gtk/service_response_time_table.c: +2003-11-19 02:58 guy - Add a Find Next/Previous menu option to the - ServiceResponseTimeStatistics dialog + * packet-mmse.c: -2003-10-10 08:59 sahlberg + Register the MMSE dissector with the "http.content_type" + dissector table, rathe than as a heuristic subdissector of HTTP. - * gtk/service_response_time_table.c: +2003-11-19 01:50 guy - Add a ColorizeProcedure menu option to the ServiceResponseTime - statistics dialog + * gtk/supported_protos_dlg.c: -2003-10-10 09:48 guy + Use "OK" for the "OK" button, as we do elsewhere. - * Makefile.nmake, capture-wpcap.c, config.h.win32, config.nmake: +2003-11-19 01:45 guy - Configure whether we have WinPcap based on whether - WINPCAP_VERSION is set in the config.nmake file. + * packet-wsp.c: - Configure whether we have pcap_findalldevs() based on whether - WINPCAP_VERSION is 2.3 (if so, we don't) or 3.0 or 3.1 (if so, we - do). + From Olivier Biot: - WinPcap 3.0 has the new libpcap declarations of - "pcap_lookupnet()" and "pcap_open_live()" in which the first - argument is a "const char *" rather than a "char *"; declare the - functions and pointers to them appropriately based on the version - of WinPcap. + Implement quoted-string parsing by appending the closing + quote + to the string value. If the quoted-string value does not + start + with a quote, dissection resumes but a warning is + displayed. + Textual headers are assumed to be 0x00 terminated + (otherwise we + have a malformed packet or a short frame). - If we don't have pcap_findalldevs(), don't declare a pointer to - it, as we don't have a declaration of pcap_if_t. + The Trailer header is also dissected now, and the charset + parameter dissection has been rewritten. - We also need to refer to "pcap_freealldevs()", so make a pointer - for it. + The Content-ID header dissector was registered at the + place of + the Trailer dissector; this has also been fixed. - "symbols[]" is a const array; make the pointer to elements in it - a const pointer. +2003-11-19 01:39 guy - Fix some typoes. + * packet-ansi_map.c: -2003-10-10 10:02 guy + From Michael Lum: fix param_digits() subtree for "Nature of + Number". - * t35.c: +2003-11-19 00:10 ulfl - From Tomas Kukosa: updates from Annex to ITU Operational Bulletin - No. 766 - 15.VI.2002), plus other fixes. + * gtk/gui_prefs.c: -2003-10-10 10:04 guy + redraw supported_protos dialog, if GUI prefs changed - * packet-isup.c: +2003-11-19 00:04 ulfl - Fix a typo. + * gtk/menu.c: -2003-10-10 10:12 guy + added supported_protos menu item - * acinclude.m4, configure.in: +2003-11-19 00:02 ulfl - From Brad Hards: fix two problems: + * gtk/Makefile.am: - 1. the --without-adns case wasn't handled correctly; + added supported_protos_dlg - 2. the reporting at the end of the configure didn't deal - with - the case were the configure check failed (as in my - example, - where I only had the libadns package installed, not - libadns-devel) - it reported that ADNS would be used. +2003-11-19 00:01 ulfl -2003-10-10 10:16 guy + * gtk/Makefile.nmake: - * gtk/rtp_analysis.c: + added supported_protos_dlg.obj - Use PT_ values rather than raw numbers when checking for u-law - and A-law payload. +2003-11-18 23:56 ulfl -2003-10-10 10:25 guy + * gtk/: supported_protos_dlg.c, supported_protos_dlg.h: - * packet-gtp.c: + seperated "supported protocols and protocol fields" dialog, + coming from help_dlg.c/.h - From Michal Melerowicz: remove obsolete GTP'v0 CDR dissection. +2003-11-18 23:40 ulfl -2003-10-10 10:54 sahlberg + * Makefile.nmake: - * packet-h245.c: + generate "static" help content - From Martin Regner, bugfix for H245. +2003-11-18 23:11 ulfl - The restricted character string for signalType is 1 character, - not 1 to 128 characters. + * help/: capture_filters.txt, convert-include.sh, Makefile.nmake, + display_filters.txt, faq.txt, overview.txt, well_known.txt: -2003-10-10 11:11 sahlberg + "static content" and make environment of redesigned online help - * packet-dcerpc.c, packet-dcerpc.h, gtk/dcerpc_stat.c: +2003-11-18 19:56 guy - Updated the DCERPC service response time to also offer the menu - to Filter, Find and Colorize selected procedures in the same way - as SMB and ONC-RPC already does. + * packet-bootp.c: -2003-10-10 11:24 sahlberg + From Greg Morris: - * gtk/dcerpc_stat.c: + dissect the RFC 2610 DHCP options for SLP; - Fix a bug for the DCERPC stats window where it forgot to print - the title inside the window as it were supposed to. + dissect Novell-specific options 85, 86, and 87. -2003-10-10 13:33 jmayer +2003-11-18 19:46 guy - * tethereal.c: + * packet-tcp.c: - Part two of different-filter-syntax-hackaround: Warn in case of - capture filter usage where display filter syntax is required. + From Lars Roland: the window size passed to + "tcp_analyze_sequence_number()" is a "guint32", as it might be + scaled - make the arugment a "guint32" as well. -2003-10-10 21:13 guy +2003-11-18 19:36 guy - * acinclude.m4, tethereal.c: + * plugins/: Xass-list, Xplugin_api.c, Xplugin_api.h, + Xplugin_api_decls.h, Xplugin_table.h: - Not all versions of libpcap have "pcap_compile_nopcap()"; use it - only if we have it. + Get rid of the second "col_set_fence()" entry. - Not all versions of libpcap have DLT_LINUX_SLL, either; use - DLT_EN10MB instead. +2003-11-18 19:34 guy -2003-10-10 21:16 guy + * plugins/plugin_api_list.c: - * AUTHORS, Makefile.am, Makefile.nmake, - packet-diffserv-mpls-common.c, packet-diffserv-mpls-common.h, - packet-ldp.c, packet-rsvp.c: + The second of the "col_set_fence()" entries is the one that + should've been removed; that way, the ordinals of existing + entries in the function vector is preserved. - From Akira Endoh: Diffserv MPLS signaling protocol support. +2003-11-18 19:31 guy -2003-10-10 21:31 guy + * plugins/Makefile.nmake: - * Makefile.nmake, doc/Makefile.nmake, epan/Makefile.nmake, - epan/dfilter/Makefile.nmake, epan/ftypes/Makefile.nmake, - gtk/Makefile.nmake, image/Makefile.nmake, - packaging/nsis/Makefile.nmake, plugins/Makefile.nmake, - plugins/artnet/Makefile.nmake, plugins/docsis/Makefile.nmake, - plugins/giop/Makefile.nmake, plugins/gryphon/Makefile.nmake, - plugins/lwres/Makefile.nmake, plugins/megaco/Makefile.nmake, - plugins/mgcp/Makefile.nmake, plugins/pcli/Makefile.nmake, - plugins/rtnet/Makefile.nmake, tools/Makefile.nmake, - tools/lemon/Makefile.nmake, wiretap/Makefile.nmake: + From Lars Roland: put missing "enttec" into "all" list. - Give every Makefile.nmake file a "distclean" rule, and have - "distclean" recurse into subdirectories doing "nmake -f - Makefile.nmake distclean". +2003-11-18 19:29 ulfl - Have "nmake -f Makefile.nmake clean" not remove stuff that "make - clean" doesn't remove (such as Flex/Bison output and config.h - files) - and have "nmake -f Makefile.nmake distclean" remove - stuff that "make distclean" removes, including - "tethereal-tap-register.c" and "ethereal-tap-register.c". + * gtk/capture_dlg.c: -2003-10-10 21:35 guy + removed MSVC compiler warnings - * README.win32: +2003-11-18 19:28 guy - Mention gtk/ethereal-tap-register.c. + * packet-ntp.c: -2003-10-10 22:52 sahlberg + From Matthias Drochner: - * packet-tcp.c: + extensions need only be a multiple of 4 bytes in length, + not 8 + bytes; - From Matthijs Melchior Small change to the TCP sequence number - analysis and relative sequence number code so that it plays a bit - nicer with captures generated by text2pcap. + put in a missing increment of "offset". - Change the criterion used to initialize the base sequence and ack - numbers to set these base offsets where it detects that the - bookkeeping structures are NULL (as in no previous packet seen - for this session) instead of using a hardcoded magic number 0, - which might actually occur in normal captures. +2003-11-18 19:27 ulfl -2003-10-11 00:10 guy + * gtk/print_dlg.c: - * packet-wsp.c: + removed unused vars - "add_content_type()" returns either a numerical content type and - a null content type pointer or a 0 numerical content type and a - non-null content type pointer; if the content type is numerical, - we cannot match on the string content type (as we'd dereference a - null pointer) and, if the content type is a string, we should not - match on the numerical content type (as the value is bogus). +2003-11-18 19:26 ulfl - We also have to call "add_content_type()" to get the content type - regardless of whether we're building a protocol tree, as we need - to call subdissectors regardless of whether we're building a - protocol tree. + * plugins/plugin_api_list.c: - We also need to set the columns regardless of whether we're - building a protocol tree. + col_set_fence occurs twice, removed one appearance -2003-10-11 11:23 sahlberg +2003-11-18 19:20 guy - * gtk/io_stat.c: + * epan/filesystem.h: - Massive update of the _draw() routine in iostat in preparation of - more features. + From Tomas Kukosa: add "extern"s so that the plugin API stuff + works. - The most visible changes are graps drawn as sawtoots instead of - bars. relative times (mainly used for response times - FT_RELATIVE_TIME) will be plotted as time measured in "s" "ms" or - "us" on the y axis +2003-11-18 19:20 ulfl - future updates may be smoothed graphs and better relative time - support + * packet-sdp.c: -2003-10-11 21:49 jmayer + includes changed, to be working with MSVC also - * capture.c: +2003-11-18 19:18 ulfl - Part 3 of display vs. capture syntax confusion patches: Detect - probable use of display filter syntax where capture filter syntax - need to be used in Ethereal. + * plugins/rdm/Makefile.nmake: -2003-10-11 23:17 sahlberg + corrected cut and paste errors, makefile was unchanged copied + from rtnet - * gtk/io_stat.c: +2003-11-18 08:59 guy - minor cleanup and update for printing the y scale as time in - units of s,ms and us + * plugins/: Xass-list, Xplugin_api.c, Xplugin_api.h, + Xplugin_api_decls.h, Xplugin_table.h: -2003-10-12 04:20 sahlberg + Add "col_get_writable()", "col_set_writable()", and + "col_set_fence()" to the plugin API list. - * gtk/io_stat.c: +2003-11-18 08:58 guy - Further updates/rewrite of iostat + * plugins/Xplugin_table.h: - getting closer to add useful features + Export "protocol_t" as an opaque type. -2003-10-12 12:29 tpot + Make "proto_is_protocol_enabled()" and + "proto_get_protocol_short_name()" take a "protocol_t *" as an + argument, so they don't have to look up the "protocol_t" - this + will probably speed them up considerably, and they're called on + almost every dissector handoff. - * packet-dcerpc-oxid.c: + Get rid of a number of "proto_is_protocol_enabled()" calls that + aren't necessary (dissectors called through handles, including + those called through dissector tables, or called as heuristic + dissectors, aren't even called if their protocol isn't enabled). - Subdissector name updates from Jean-Baptiste Marchand. + Change some direct dissector calls to go through handles. -2003-10-12 16:03 sharpe +2003-11-18 08:55 guy - * packet-dcerpc-oxid.c: + * plugins/plugin_api_list.c: - Fix some C++ comments ... + Add "col_get_writable()", "col_set_writable()", and + "col_set_fence()" to the plugin API list. -2003-10-13 19:04 guy +2003-11-18 08:13 guy - * epan/Makefile.nmake, tools/Makefile.nmake: + * configure.in, epan/configure.in, wiretap/configure.in: - From Ulf Lamping: add some missing "cd .."s. (I guess the - current directory in nmake files persists across targets; - presumably all commands, or, at least, all "cd" commands, are run - in the same process.) + From Olivier Biot: add a "--enable-profile-build" flag to request + that "-pg" binaries be built. -2003-10-13 20:53 guy +2003-11-18 08:04 guy - * packet-diffserv-mpls-common.c, packet-diffserv-mpls-common.h: + * packet-http.c: - Define "phbit_bit{14,15}_vals" in packet-diffserv-mpls-common.c, - not in the header file; just declare it in the header file - that - way, there's one shared version of both tables, and we don't get - compiler warnings because they're not actually used in - packet-diffserv-mpls-common.c. + Content-Type values are case-insensitive; force them to lower + case (subdissectors must register their Content-Type values as + all-lower-case). -2003-10-14 00:40 guy + Don't include parameters in the value we look up in the + Content-Type subdissector table. - * epan/resolv.c: +2003-11-18 07:49 guy - From Matthias Melchior: parenthesize check for RESOLV_CONCURRENT. + * packet-http.c: - Get rid of "!= 0" check - other tests for a bit being on in - g_resolv_flags don't do that. + Add an "http.content_type" dissector table, -2003-10-14 00:45 guy + Process the Content-Type header, and, if one is found, look up + its value in the aforementioned dissector table. - * packet-dcerpc.c: +2003-11-18 07:08 guy - "dce_try_handoff()" isn't necessarily passed a non-null - "auth_info" argument - don't dereference it if it's null. + * packet-ses.c: -2003-10-14 01:18 guy + Handle concatenated SPDUs. - * AUTHORS, Makefile.am, configure.in, - packaging/nsis/Makefile.nmake, packaging/nsis/ethereal.nsi, - plugins/Makefile.am, plugins/Makefile.nmake, plugins/acn/AUTHORS, - plugins/acn/COPYING, plugins/acn/ChangeLog, plugins/acn/INSTALL, - plugins/acn/Makefile.am, plugins/acn/Makefile.nmake, - plugins/acn/NEWS, plugins/acn/acn.h, plugins/acn/moduleinfo.h, - plugins/acn/packet-acn.c: + Handle the Serial Number parameter. - From Erwin Rol: ACN support. +2003-11-18 06:31 guy -2003-10-14 07:36 guy + * config.guess, config.sub: - * acinclude.m4: + Latest config.guess and config.sub from - Do the tests for various extra "-L" and "-l" flags that might be - needed with "-lsnmp" in a loop; this fixes up the configure - script's operation on Solaris. + http://savannah.gnu.org/projects/config/ -2003-10-14 08:56 guy +2003-11-18 06:06 ulfl - * plugins/acn/.cvsignore: + * gtk/capture_info_dlg.c: - Add a .cvsignore file. + removed MSVC warnings -2003-10-14 09:03 sahlberg +2003-11-18 04:19 gerald - * gtk/io_stat.c: + * doc/ethereal.pod: - update to iostat + Document the capture filter changes that were just checked in. - add different styles to draw the plot +2003-11-18 04:16 gerald -2003-10-14 09:11 guy + * util.c, util.h, gtk/main.c: - * AUTHORS, packet-eapol.c: + Check the environment variables SSH_CONNECTION, SSH_CLIENT, + REMOTEHOST, DISPLAY, and CLIENTNAME (in that order). If any of + them are set, create a capture filter that excludes their traffic + and set it as the default. The longer filters should be + efficient without being overly long; they may need some tweaking. - From Motonori Shindo: Key Information dissection in EAPOL-Key - messages. +2003-11-18 00:46 ulfl -2003-10-14 09:15 sahlberg + * gtk/toolbar.c: - * gtk/io_stat.c: + removed some warnings - Simplify handling of tick val remove unnessecary code and - structures cleanup +2003-11-17 22:56 sahlberg -2003-10-14 09:27 sahlberg + * epan/to_str.c: - * gtk/io_stat.c: + updates to ip_to_str[_buf]() to make them faster. - further cleanup + This functin was in a recent profiling run the fifth most + expensive function. It consumed ~3.5% of the total cpu in that + run. - remove the redundant pixels_per_tick structure + Using a static table this function is now just over twice as fast + as previously. -2003-10-14 09:55 sahlberg + My testrun calling it 10.000.000 times in a loop changed the + execution time from ~17.3s ro ~8.2s - * gtk/io_stat.c: + If this test was representative for the speedup and if ~3.5 in + the profile run was representative for normal cases this should + make ethereal ~1.8% faster. Woohoo. (low hanging fruit) - further cleanup remove redundant structure for yscale_max +2003-11-17 22:34 guy -2003-10-14 10:01 sahlberg + * plugins/: acn/Makefile.am, artnet/Makefile.am, asn1/Makefile.am, + gryphon/Makefile.am, mgcp/Makefile.am, pcli/Makefile.am, + rtnet/Makefile.am: - * gtk/io_stat.c: + Fix the copyright notices (Gerald has the copyright on Ethereal). - remove the redundant count_type structure as part of the iostat - cleanup +2003-11-17 22:31 guy -2003-10-14 10:34 sahlberg + * plugins/giop/Makefile.am: - * gtk/io_stat.c: + Tweak the introductory comment. - update to iostat, added new plot style: filled bar +2003-11-17 22:29 guy -2003-10-14 17:50 guy + * plugins/: enttec/.cvsignore, rdm/.cvsignore: - * packet-isup.c: + Fix the .cvsignore files. - From Jeff Morriss: note in the Protocol column that we're - assuming the ITU dialect of ISUP. +2003-11-17 22:26 guy -2003-10-14 21:24 jmayer + * plugins/rdm/packet-rdm.c: - * packet-sip.c: + From Erwin Rol: check the checksum in RDM packets. - Update list of SIP RFCs +2003-11-17 22:09 guy -2003-10-14 21:26 jmayer + * configure.in: - * packet-sdp.c: + From Loïc Minier: append $(EXEEXT) to the names of binaries, so + that the configure script generates the right executable image + file names on Cygwin. - Add a comment for (maybe) later connection handling +2003-11-17 21:52 guy -2003-10-14 23:20 guy + * packet-sdp.c: - * AUTHORS, prefs.c, prefs.h, doc/ethereal.pod, gtk/file_dlg.c, - gtk/gui_prefs.c, gtk/main.c: + From Lars Roland: use the c= and m= information to set up + conversations to use RTP/RTCP. - From Ian Schorr: +2003-11-17 20:57 guy - Add a preference to control whether the "File > Open" - dialog box - should start out in the last directory in which it looked - - and - save that in the preferences file across invocations - or - should - always start out in a user-specified directory, and add - another - preference to specify that directory. + * AUTHORS, Makefile.am, configure.in, + packaging/nsis/Makefile.nmake, packaging/nsis/ethereal.nsi, + plugins/Makefile.am, plugins/Makefile.nmake, + plugins/artnet/ChangeLog, plugins/artnet/moduleinfo.h, + plugins/artnet/packet-artnet.c, plugins/enttec/.cvsignore, + plugins/enttec/AUTHORS, plugins/enttec/COPYING, + plugins/enttec/ChangeLog, plugins/enttec/INSTALL, + plugins/enttec/Makefile.am, plugins/enttec/Makefile.nmake, + plugins/enttec/NEWS, plugins/enttec/moduleinfo.h, + plugins/enttec/packet-enttec.c, plugins/rdm/.cvsignore, + plugins/rdm/AUTHORS, plugins/rdm/COPYING, + plugins/rdm/Makefile.am, plugins/rdm/Makefile.nmake, + plugins/rdm/moduleinfo.h, plugins/rdm/packet-rdm.c: + + From Erwin Rol: initial ENTTEC support and RDM support. + +2003-11-17 20:00 guy + + * gtk/capture_info_dlg.c: + + Not all compilers allow array/structure/union members of + automatic variables to be initialized to non-constant values (C89 + says that "All the expressions in an initializer for an object + that has static storage duration or in an initializer list for an + object that has aggregate or union type shall be constant + expressions"; presumably the intent of the former was to avoid + run-time initialization and of the latter was to let the + initialization be done by copying from a compile-time-created + blob of memory), so we have to initialize "info->counts" by hand. + +2003-11-17 19:40 guy - Write out section name comments into the preferences - file. + * capture.c: - Clean up white space a bit. + Fix a typo. -2003-10-14 23:42 guy +2003-11-17 18:23 ulfl - * gtk/file_dlg.c: + * etypes.h, packet-ethertype.c: - Clean up the stuff that fills in the starting directory. + added ETHERTYPE_PROFINET -2003-10-15 02:13 gerald +2003-11-17 00:27 guy - * doc/: ethereal-filter.pod.template, ethereal.pod, tethereal.pod: + * gtk/capture_info_dlg.c: - Move the filter syntax description to the ethereal-filter pod - page. + "capture()" takes a "struct pcap_stat *" argument, so you need to + include before including "capture.h". -2003-10-15 08:08 guy + Include "dlg_utils.h" to declare "dlg_set_cancel()". - * packet-dcerpc-spoolss.c: +2003-11-17 00:26 guy - We got rid of the wrong hf_devmode_driver_extra; bring the wrong - one back, and get rid of the one that shouldn't be kept around. + * capture.c: -2003-10-15 08:25 sahlberg + Get rid of a no-longer-used variable. - * gtk/io_stat.c: +2003-11-16 23:17 guy - remove an extra ';' to keep visual studio happy + * Makefile.am, disabled_protos.c, packet-alcap.c, + packet-ansi_637.c, packet-ansi_683.c, packet-ansi_a.c, + packet-ansi_map.c, packet-atalk.c, packet-clnp.c, + packet-dcerpc.c, packet-dcerpc.h, packet-dvmrp.c, packet-fcip.c, + packet-giop.c, packet-giop.h, packet-gsm_a.c, packet-gsm_sms.c, + packet-gssapi.c, packet-gssapi.h, packet-iscsi.c, + packet-mrdisc.c, packet-msnip.c, packet-pim.c, packet-ppp.c, + packet-rpc.c, packet-rpc.h, packet-smb-browse.c, + packet-smb-browse.h, packet-smb-logon.c, packet-smb-logon.h, + packet-smb-mailslot.c, packet-smb-pipe.c, packet-snmp.c, + packet-tpkt.c, prefs.c, epan/packet.c, epan/proto.c, + epan/proto.h, gtk/dfilter_expr_dlg.c, gtk/help_dlg.c, + gtk/proto_dlg.c, plugins/plugin_api_list.c: -2003-10-15 08:41 sahlberg + Export "protocol_t" as an opaque type. - * gtk/io_stat.c: + Make "proto_is_protocol_enabled()" and + "proto_get_protocol_short_name()" take a "protocol_t *" as an + argument, so they don't have to look up the "protocol_t" - this + will probably speed them up considerably, and they're called on + almost every dissector handoff. - Remove the unnecassary HashTable and use - gtk_object_[get|set]_data to keep track of which io structure a - certain draw area is associated with. + Get rid of a number of "proto_is_protocol_enabled()" calls that + aren't necessary (dissectors called through handles, including + those called through dissector tables, or called as heuristic + dissectors, aren't even called if their protocol isn't enabled). -2003-10-15 09:18 guy + Change some direct dissector calls to go through handles. - * packet-gtp.c: +2003-11-16 23:11 sahlberg - Fix the XXX_to_str routines + * AUTHORS, Makefile.am, Makefile.nmake, h225-persistentdata.c, + h225-persistentdata.h, packet-h225.c, packet-h225.h, + tap-h225rassrt.c, doc/ethereal.pod, doc/tethereal.pod, + gtk/Makefile.am, gtk/Makefile.nmake, gtk/h225_ras_srt.c: - 1) not to rely on their static buffers being initialized; + From Lars Roland Service Response times for H225 RAS - 2) not to bother checking whether a BCD digit is a valid - digit - or not (index into a 16-element array, instead); +2003-11-16 22:33 sahlberg - 3) to work correctly, in the case of "id_to_str()". + * packet-h450.c: -2003-10-15 13:10 sahlberg + Bugfix for h450. - * doc/ethereal.pod, gtk/io_stat.c: + The hf field we give to dissect_per_object_string is a FT_STRING + and not a FT_BYTES. This caused ethereal to abort with an assert + failure. - Client LOAD measurement for io-stat + This fixes the issue that Keith French recently brought up in his + mailing to ethereal-users - See manpage (hopefully manpage does not reformat my nice ascii - graph) +2003-11-15 23:58 guy - While Service Response Times and the MIN/MAX/AVG thing in - io-stat are measurements on the server load. The new - measurement type LOAD is a measurement of Client LOAD. + * packet-wsp.c: - Or rather, it is an attempt to measure client LOAD by measuring - how much concurrency in its requests the client generates. It the - client is slow in starting new i/o when a previous i/o has - completed, this willb e indicated by the concurrency being - lowered. + From Olivier Biot: fix the offset for the Encoding-Version header + in the general form. - it is an experiment. i am not aware of any other attempts in - deducing client workload from looking at captures. +2003-11-15 23:48 guy -2003-10-15 19:40 guy + * gtk/menu.c: - * AUTHORS, Makefile.am, gtk/Makefile.am, gtk/Makefile.nmake, - gtk/main.c, gtk/menu.c, gtk/toolbar.c, gtk/toolbar.h, - image/toolbar/capture_24.xpm, image/toolbar/cfilter_24.xpm, - image/toolbar/dfilter_24.xpm, image/toolbar/stock_close_24.xpm, - image/toolbar/stock_colorselector_24.xpm, - image/toolbar/stock_help_24.xpm, - image/toolbar/stock_jump_to_24.xpm, - image/toolbar/stock_open_24.xpm, - image/toolbar/stock_preferences_24.xpm, - image/toolbar/stock_print_24.xpm, - image/toolbar/stock_refresh_24.xpm, - image/toolbar/stock_right_arrow_24.xpm, - image/toolbar/stock_save_24.xpm, - image/toolbar/stock_search_24.xpm, - image/toolbar/stock_stop_24.xpm: + From Michael Lum: add hotkeys for Protocols and + Preferences. - From Ulf Lamping: toolbar. +2003-11-15 11:46 ulfl -2003-10-15 19:57 guy + * gtk/menu.c: - * AUTHORS, packet-socks.c, doc/ethereal.pod: + GTK2 specific: use some Ethereal specific stock icons generated + in toolbar.c - From David E. Weekly: move the code to put the SOCKS version up, - so it's done in common code. +2003-11-15 11:44 ulfl -2003-10-15 20:07 guy + * gtk/: toolbar.c, toolbar.h: - * packet-socks.c: + handlebar removed, GTK2 specific: generate some Ethereal specific + stock icons and use them in the toolbar - Put back a missing comment. +2003-11-15 11:39 ulfl - Get rid of some extra blanks at the end of the text for some - protocol tree items. + * config.nmake: - Use %u, not %d, to format unsigned quantities. + added gdk_pixbuf to GTK2 specific libs to link (needed in + toolbar.c) - Make the "Client Authentication Methods" item's length cover all - the authentication methods, not just the count of methods. +2003-11-15 10:06 ulfl -2003-10-15 22:00 guy + * file.c: - * packet-ip.c: + removed no longer used gtk includes - From Giles Scott: make some items in the ICMP protocol tree named - fields. +2003-11-15 08:53 ulfl -2003-10-15 22:34 guy + * gtk/capture_info_dlg.c: - * gtk/toolbar.c: + seperated capture dialog from capture.c and put into new + gtk/capture_info_dlg.c, added some tiny bars, that will indicate + the percentage, added ESC key handler and use of GTK_STOCK button - Note that we might want to use the GTK+ 2.x stock icon mechanism - when building for GTK+ 2.x. +2003-11-15 08:50 ulfl - Fix the callback for the "Print" button. + * gtk/capture_dlg.c: -2003-10-15 22:37 guy + added "#include " to be able to include + "capture.h" - * gtk/toolbar.c: +2003-11-15 08:47 ulfl - "Find frame" can do more than search with a display filter. + * capture.c, capture.h, gtk/Makefile.am, gtk/Makefile.nmake: -2003-10-16 00:45 guy + seperated capture dialog from capture.c and put into new + gtk/capture_info_dlg.c - * gtk/: file_dlg.c, main.c: +2003-11-14 21:18 guy - There doesn't seem to be any need to set "cfile.dfilter" to the - contents of the filter text entry when reloading the file, and: + * capture.c: - 1) that doesn't work with the toolbar "reload" button - (the - widget passed in for that button doesn't have a - E_DFILTER_TE_KEY data item pointing to the text - entry); + When it comes to whether to use "select()" or not, even if you're + building in Cygwin's pretend-it's-UNIX environment, we need to + treat the platform as Windows. - 2) that causes the Tools > Summary dialog box to report - what - you've typed in that box, not the filter that's - actually in - effect (i.e., it causes "cfile.dfilter" to reflect - what's - been typed, not what's been applied); + Get rid of the BSD #define - just check for the platforms on + which we mustn't use "select()". - so don't bother doing so. That also means that the - "/File/Reload" menu item doesn't need a E_DFILTER_TE_KEY data - item, so don't give it one. +2003-11-14 19:20 guy -2003-10-16 06:47 guy + * doc/README.developer: - * packet-gtp.c: + Fix the stuff that talks about adding to DISSECTOR_SOURCES to + talk about adding to DISSECTOR_SRC instead, and update it to + mention "Makefile.nmake" in the first instance. - Get rid of a value_string table that was used by now-deleted - code. +2003-11-14 18:59 guy -2003-10-16 09:55 guy + * packet-gprs-ns.c: - * packet-gtp.c: + From Josef Korelus: update the offset after decoding an IE. - From Michal Melerowicz: +2003-11-14 10:11 guy - merge gtpv0 and gtpv1 dissectors into one; + * packet-null.c: - fix up XXX_to_str routines. + Fix the heuristics so that they recognize Linux DLT_NULL headers. -2003-10-16 18:14 guy +2003-11-14 02:07 guy - * packet-ansi_map.c: + * packet-sip.c: - From Michael Lum: add missing g_free() calls. + Add support for the compact form of headers. -2003-10-16 18:15 guy +2003-11-14 01:35 guy * packet-tcap.c: - From Michael Lum: fixed some formatting and removed unused code. + From Michael Lum: fix up handling of ABORT package. -2003-10-16 20:56 oabad +2003-11-14 01:27 guy - * gtk/: main.c, toolbar.c, toolbar.h: + * packet-wap.c: - - use stock icons in the toolbar when using GTK2 - use GTK1/2 - compatibility macros [GS]ET_OBJECT_DATA where needed - add a - set_toolbar_object_data() function which associates the display - filter entry (from the main window) with the E_DFILTER_TE_KEY for - the open and reload buttons (it is needed by the open and - reload callbacks). The function is called in - create_main_window() - reindent + From Olivier Biot: fix the debugging output of + "tvb_get_guintvar()". -2003-10-16 21:04 oabad +2003-11-13 23:44 guy - * gtk/toolbar.c: + * packet-wsp.c: - Put back Guy's changes from r1.3 (print callback, and "Find - frame..." tooltip). + From Olivier Biot: use "g_strdup_printf()" to generate + dynamically-allocated sprintf output. -2003-10-16 21:19 guy +2003-11-13 23:38 guy - * prefs.c, prefs.h, gtk/gui_prefs.c, gtk/toolbar.c, gtk/toolbar.h: + * packet-eapol.c, packet-isup.c, packet-ldp.c, packet-m2ua.c, + epan/proto.c: - From Ulf Lamping: add a GUI preference item to control the - toolbar style. + Require that field names contain only alphanumerics, "-", "_", + and ".". - Make the style text arrays static, as nobody uses them outside - prefs.c. + Fix the names that contained other characters. - Use FALSE and TRUE for the values for the Boolean controlling the - highlighting style. +2003-11-13 23:13 guy - Note that we're now using stock icons in the toolbar in GTK+ 2.x. + * packet-dcerpc.c: - Put back the resizing of elements in the top-level container, at - least for GTK+ 1.2[.x]; otherwise, the toolbar's height never - gets smaller, even if you change the style in such a way as to - reduce the height of the elements (icons+text -> icons or text, - icons -> text). + From Jaime Fournier: get rid of space in field name. - Make some routines and variables not used outside gtk/toolbar.c - static. +2003-11-13 20:53 sahlberg -2003-10-17 06:06 oabad + * packet-tcp.c: - * gtk/toolbar.c: + Change the gboolean controlling whether to use TCP Sequence + Number Analysis and TCP Relative Sequence Numbers to default to + ENABLED instead of DISABLED. - Change the comments about toolbar elements resizing as it is not - necessary in GTK+ 2.x + These features do not consume that much memory or CPU but will + greatly enhance the feature set of ethereal. Make it enabled by + default so also those that never venture into the preferences + dialog will benefit from it. -2003-10-17 07:45 sahlberg +2003-11-13 08:22 sahlberg - * packet-h225.c: + * file.c, doc/ethereal.pod: - change the h225 emailid from a sequence of bytes to a string + For Time Reference frames reset the counter for + CulmulativeBytes. This makes the CulmulativeBytes field make + more sense since if we want something to be a TimeReference frame + it is likely that we also want to measure BOTH time and number of + bytes (==culmulative bytes) until the event we are looking at. -2003-10-17 08:01 sahlberg +2003-11-13 08:16 sahlberg - * packet-h225.c: + * packet-ip.c: - destinationType is an EndPointType and NOT an EndPoint + Change the strings shown for ICMP TTL exceeded to match the + wording in the standard -2003-10-17 08:14 guy +2003-11-13 05:08 gerald - * gtk/toolbar.c: + * packet-wsp.c: - Further expand a comment. + We can't pass NULLs to proto_tree_add_text(). Replace a bunch of + occurrences of match_strval() with val_to_str() so that we don't + throw an assertion. -2003-10-17 17:20 oabad + These changes fix a problem with a file from Martin Dubovsky; + otherwise they haven't been heavily tested. - * gtk/proto_draw.c: +2003-11-12 23:17 guy - Use gtk_tree_view_expand_to_path() in gtk2 code to expand a node, - as it also expands parent nodes if necessary. + * plugins/docsis/packet-docsis.c: -2003-10-17 17:28 oabad + From Anand Narwani: fix bitmask for Active Grants field. - * gtk/: menu.c, toolbar.c: +2003-11-12 22:44 guy - From Olivier Biot : remove packet capture code when compiling - without libpcap. - -2003-10-17 21:26 guy - - * packet-dhcpv6.c: - - From Shinsuke Suzuki: - - - support RFC3319 - - update the RFC/i-d name - - change the DHCPv6 option numbers to catch up with the - latest IANA's assignment status - -2003-10-17 21:27 guy - - * packet-pim.c: - - From Shinsuke Suzuki: support Address List Option, newly - introduced in draft-ietf-pim-sm-v2-new-08.txt. - -2003-10-17 21:28 guy - - * AUTHORS: - - Update credits for Shinsuke Suzuki. - -2003-10-17 22:59 guy - - * packet-ndps.c: - - From Greg Morris: don't add zero-length items to the tree, add - some missing alignment adjustments, fix a call to - "address_item()" to set the offset to its return value rather - than adding its return value to the offset, handle an object type - of 2 (counted list of objects) in an event handling profile, - advance the offset past length values after processing the length - value. - - Fix some additional "address_item()" calls, and put the - aforementioned length values into the protocol tree. - -2003-10-17 23:43 guy - - * packet-fr.c: - - Fix up some comments. - -2003-10-17 23:44 guy - - * packet-lmi.c: - - Fix a URL. - -2003-10-18 18:46 guy - - * packet-rip.c: - - From Emanuele Caratti: - - add the dissection of RIPv2 packets with Keyed Message - Disest - Authentication (RFC2082); - - fix a small bug - the Auth entry must be the first of the - RTE in - a RIP packet. - -2003-10-19 17:30 guy - - * packet-tacacs.c, packet-tacacs.h: - - From Emanuele Caratti: - - add support for multiple encryption keys, one per - conversation, - in a single capture; - - add some fields in the accounting dissection. - -2003-10-20 06:06 oabad - - * gtk/gui_prefs.c: - - In fileopen_dir_changed_cb() : - return FALSE immediately if the - text entry is empty ; - return FALSE at the end of the function - so that the signal is sent to the entry. It avoids a Gtk-ERROR - (and an abort) : file: gtkentry.c: line 4338 (blink_cb): - assertion failed: GTK_WIDGET_HAS_FOCUS(entry)) - -2003-10-20 19:07 guy - - * gtk/toolbar.c: - - From Ulf Lamping: - - put toolbar separators in the right places; - - get rid of the "Capture Stop" button in Win32. - -2003-10-20 19:13 guy - - * packet-isup.c: - - From Anders Broman: - - added decoding of Element IWFA(NSAP address) in IANA ICP - format; - - fixed decoding of CODEC LIST. - -2003-10-20 19:25 guy - - * packet-laplink.c: - - From Brad Hards: support TCP desegmentation. - -2003-10-20 20:18 guy - - * packet-dcerpc-epm.c: - - From Jim McDonough: add the text sservice name for a UUID/version - string at the top level of a floor, falling back to the - UUID/version strings themselves if the service isn't found. - - Use #defines for protocol IDs. - -2003-10-20 22:28 guy - - * gtk/: main.c, menu.c: - - If a tap menu item doesn't have a "selected_packet_enabled()" or - "selected_tree_row_enabled()" routine, enable it by default, so - that tap windows can be popped up even if you have no capture - file. - - Assorted code cleanups. - -2003-10-20 23:05 guy - - * packet-laplink.c: - - From Jesper Peterson: get rid of GCCism/C++ism - C89 doesn't - allow variables to be declared in the middle of executable code. - -2003-10-20 23:07 guy - - * doc/README.developer: - - Warn about Yet Another GCCism. - -2003-10-21 07:17 guy - - * packet-dcerpc.c, epan/packet_info.h: - - Catch exceptions when dissecting a verifier, so we still dissect - the stub data even if there's a problem dissecting the verifier. - - Show stub data as "Encrypted stub data" if it's encrypted, - "Decrypted stub data" if it was encrypted but we decrypted it, - and "Stub data" if it wasn't encrypted. - - Don't attempt to decrypt data unless it was encrypted (i.e., the - authentication level is "Packet privacy". - - Get rid of "decrypted_data" member of "packet_info" structure - - we don't need it any more. - -2003-10-22 01:28 sahlberg - - * packet-h225.c, packet-per.c: - - Fix to dissection of Mike's problem reported on ethereal-users - - We did align to byte a bit too frequently inside - dissect_per_octet_string - - Also change GroupIP.group from being a FT_BYTES into being - FT_STRING - -2003-10-22 01:55 sahlberg - - * AUTHORS, packet-dcerpc-tapi.c, packet-dcerpc-tapi.h: - - From Jean-Baptiste Marchand add function names for the TAPI - interface - -2003-10-22 02:03 sahlberg - - * AUTHORS, Makefile.am, Makefile.nmake, packet-dcerpc-butc.c: - - From Jaime Fournier - - New protocol DCERPC BUTC Stub dissector for the BUTC interface - -2003-10-22 02:07 sahlberg - - * AUTHORS, Makefile.am, Makefile.nmake, packet-dcerpc-rs_bind.c: - - From Jaime Fournier New protocol DCERPC/RS_BIND - - Added stub dissector for the RS_BIND protocol - -2003-10-22 02:22 guy - - * packet-dcerpc-butc.c, packet-dcerpc-rs_bind.c: - - Get rid of carriage returns. - -2003-10-22 02:24 guy - - * packet-gtp.c: - - Get rid of C++ comment. - -2003-10-22 20:12 guy - - * packet-sccp.c: - - From Michael Lum: add new SSN values for RANAP, IOS, and - BSSAP/BSAP, and add a heuristic subdissector list. - -2003-10-22 20:59 guy - - * AUTHORS, Makefile.am, Makefile.nmake, packet-ansi_637.c, - packet-ansi_a.c, packet-bssap.c, packet-bssap.h: - - From Michael Lum: - - BSSAP (GSM 08.06)/BSAP (IOS 4.0.1) support - IOS 4.0.1 support - Add Transport Layer support to ANSI IS-637-A dissector - -2003-10-22 21:21 guy - - * packet-ymsg.c: - - From Yaniv Kaul: - - remove the check on 3 ports only - since Yahoo! Messenger - can - stream on any port; - - remove the check that will not dissect if the packet is - not big - enough - as partial dissection is also helpful sometimes; - - the version is 2 bytes, not 4 bytes. - -2003-10-22 21:26 guy - - * packet-dcerpc.c: - - From Yaniv Kaul: if there's more than one context item in a BIND - PDU, show the number of context items before showing the first - one. - -2003-10-22 22:13 guy - - * prefs.c, prefs.h, gtk/toolbar.c: - - From Ulf Lamping: add a preference to control whether to show or - hide the main toolbar (currently no GUI to set it; that's in - progress). - -2003-10-23 00:16 guy - - * packet-ansi_683.c: - - From Michael Lum: register with the ANSI A-interface dissector. - -2003-10-23 04:57 guy - - * packet-dcerpc-netlogon.c: + * packet-wsp.c: - Use -1 rather than "tvb_length(tvb)" to specify a length that - covers the entire tvbuff for Secure Channel bind credentials. + From Olivier Biot: - Use -1 rather than 0 to have the top-level item for Secure - Channel ACK credentials cover the entire tvbuff. + implement the TE header decoding; -2003-10-23 04:59 guy + fix the exported add_content_type function; - * epan/exceptions.h: + reimplement the header parameter dissection so the + parameters + also show up in the related header. - Add a new EXCEPT_CODE macro to get the exception code for the - current exception, for use in CATCH_ALL handlers, so you can - catch all exceptions and then pass the exception code on to a - routine that handles different exceptions differently. +2003-11-12 21:22 guy -2003-10-23 05:01 guy + * packet-tzsp.c: - * packet-frame.c, packet-frame.h: + From Chris Waters: - Add a "show_exception()" routine that takes an exception code as - an argument, and puts the appropriate exception indication into - the tree. + * Better decoding of TZSP header. + * Handle unknown tags in packet. + * Removed encapsulation types which are not actually + supported. + * Added tags for original length and sensor address. + * Fix signedness of some fields. - In "dissect_frame()", do a CATCH_ALL for exceptions, and pass the - exception code to "show_exception()". + Get rid of unused "hf_tzsp_reserved" variable. -2003-10-23 05:23 guy + Use -1 rather than "tvb_length(tvb)" when constructing the + top-level protocol tree item, and set the length if we have + payload that we dissect separately. - * packet-dcerpc.c: + Have "add_option_info()" take a starting offset, rather than + constructing a subset tvbuff for it. - Get rid of the "offset" argument to "dcerpc_try_handoff()" - it's - always 0. + Clean up indentation. - In "dcerpc_try_handoff()", remove the authentication padding from - the stub data handed to the subdissector - that's not really stub - data for the subdissector, and it should throw an exception if - the request or response would go into the authentication padding. - Don't even try to dissect the remaining stub data if the - authentication padding value consumes all the stub data or would - consume even more than that. +2003-11-12 20:44 guy - Show any "Long frame" data before the authentication padding, and - show the authentication padding as the stuff at the very end of - the stub data, after the "Long frame" data. + * AUTHORS, packet-ntp.c, doc/ethereal.pod: - Catch all exceptions when dissecting authentication information, - so that even if it's bad or we don't have all of it, we still - dissect the stub data. + From Matthias Drochner: support for mode 6 and mode 7 control + packets and NTP4 autokey extension data. - Try dissecting authentication trailer information even if we - don't have all of it in the tvbuff - we want an exception to be - thrown if we don't. Don't try to dissect it if it eats into the - stub data, however. +2003-11-12 19:04 ulfl - Don't bother catching exceptions in "dissect_auth_verf()" - we - now always catch exceptions in above it in the DCE RPC dissector - call tree. + * gtk/print_dlg.c: - Use CATCH_ALL and "show_exception()" when calling the - sub-dissector for a connection-oriented PDU; that means we won't - have to worry about adding new exception types unless they're - types that we should rethrow. + completely redesigned print dialog layout, to be more obvious to + the user -2003-10-23 05:58 guy +2003-11-12 18:48 gerald - * packet-dcerpc.c: + * file.c: - Catch exceptions in "dissect_dcerpc_cn_bs()", so that if we get - an exception dissecting stuff past the DCE RPC header, we still - drive on and dissect the next PDU, if any. + Remove MAX_DECODE_BUFFER_SIZE; it's no longer used. -2003-10-23 07:14 guy +2003-11-12 09:00 guy * packet-dcerpc.c: - Fix a call to "dissect_dcerpc_cn()" to handle the new return - value. - -2003-10-23 07:52 guy - - * packet-ncp.c: - - Treat NCP 0x5555 packets as NCP requests, so we store them in the - hash table and can identify replies to them. - - Clean up white space. - - Note that the "is_signed" hack doesn't work with Ethereal. - -2003-10-23 08:16 guy - - * packet-ncp2222.inc: - - Non-NCP_SERVICE_REQUEST packets don't have a subfunction. - - The group for a request isn't part of the packet, so give it an - offset and length of 0, so if you select it we doesn't highlight - some part of the packet. - -2003-10-23 08:40 sahlberg - - * packet-smb.c: - - The ACL revision field is one byte, not 2 bytes. + Put stub data back where it was in the tree before. -2003-10-23 18:49 ashokn - - * AUTHORS, packet-lmp.c, doc/ethereal.pod: - - Added support for LMP draft version -09. Support for older draft - versions -02 and -03 is still present (since they are in use), - selectable by a protocol preference. - -2003-10-24 00:35 guy - - * packet-dcerpc-reg.c: - - From Jim McDonough: add dissection of the shutdown, shutdownex, - and abortshutdown commands within the winreg pipe. - -2003-10-24 00:36 guy +2003-11-12 08:58 guy * packet-smb.c: - From Jim McDonough: add one more nt status code to - packet-dcerpc-smb.c that is often returned from the winreg - abortshutdown operation. - -2003-10-24 00:38 guy - - * packet-bssap.c: - - From Michael Lum: get rid of an unused value_string table. - -2003-10-24 00:42 guy + If what remains of the SMB byte count exceeds the data left in + the tvbuff, show what's left as extra byte parameters - don't act + as if there aren't any extra byte parameters. - * AUTHORS, packet-dcerpc-mapi.c, packet-dcerpc-mapi.h: +2003-11-11 20:49 guy - From Jean-Baptiste Marchand: add more MAPI procedure names. + * packet-null.c, wiretap/snoop.c: -2003-10-24 00:50 guy + From Brian Ginsbach: fix handling of IRIX and UNICOS/mp snoop + captures on loopback interfaces. - * packet-sip.c: - - From Anders Broman: make it possible to filter on only address or - tag in the SIP address fields. - -2003-10-24 10:46 sahlberg - - * packet-h225.c, packet-per.c: - - Fix all the issues Michael Oliveras reported +2003-11-11 20:33 guy - 1, TunnellingProtocol_id is a CHOICE not a SEQUENCE 2, change - some values to be FT_STRING instead of FT_BYTES 3, update - dissect_per_octet_String to always 0 terminate all FT_STRINGs - (if necessary in a temporary buffer) before passing them on to - proto_tree_add_string() since that function did not want to - handle FT_STRING or FT_STRINGZ othervise. + * packet-ses.c: -2003-10-24 10:52 sahlberg + Add parameter length checking. - * wiretap/libpcap.c: +2003-11-11 20:11 guy - The capture tools for DGUX has swapped the included/original - packet lengths of the frame header. they specify the pcap - version as 543.0 + * packet-rsvp.c: -2003-10-24 22:59 guy + From Mohammad Hanif: fix dissection of RSVP DETOUR object code. - * packet-ospf.c: +2003-11-11 20:08 guy - From Taisuke Sasaki: fix offsets of metrics in - Inter-Area-Prefix-LSAs and Inter-Area-Router-LSAs. - -2003-10-24 23:55 guy - - * wiretap/: libpcap.c, wtap-int.h: + * image/toolbar/capture_24.xpm, image/toolbar/cfilter_24.xpm, + image/toolbar/dfilter_24.xpm, image/toolbar/stock_close_24.xpm, + image/toolbar/stock_colorselector_24.xpm, + image/toolbar/stock_help_24.xpm, + image/toolbar/stock_jump_to_24.xpm, + image/toolbar/stock_open_24.xpm, + image/toolbar/stock_preferences_24.xpm, + image/toolbar/stock_print_24.xpm, + image/toolbar/stock_refresh_24.xpm, + image/toolbar/stock_right_arrow_24.xpm, + image/toolbar/stock_save_24.xpm, + image/toolbar/stock_search_24.xpm, + image/toolbar/stock_stop_24.xpm, plugins/asn1/moduleinfo.h: - Move the version number checking for libpcap files, to see - whether to swap the "captured length" and "length" fields, to the - open-file code; store a tri-state (definitely swapped, definitely - not swapped, maybe swapped) value in the per-capture-file-format - information for libpcap format, and use that when processing - packets. + Get rid of carriage returns in source files. -2003-10-25 00:25 sahlberg +2003-11-11 19:24 guy * packet-tcp.c: - Update / cleanup to tcp sequence number analysis and new features - - moved some variables to the structure where they belonged instead - of where they currently were and reduced the complexity of the - code - - Fast Retransmission: Ethereal not tries to detect and flag - FastRetransmissions: The heuristics for this check is: >=3 - dupacks in other direction this semgent is what the dupacks are - asking for it arrived within 10ms of the last dupack (10ms - should be short enough to not confuse with real RTOs) - - OutOfOrder segments Previously all segments that did not advance - the right edge of the window was flagged as retransmission now - ethereal will try to flag segments that are merely reordered as - OutOfOrder segments insteaD - - tHE HEURISTICS ARE: it has not been ACKed yet we have not - seen it before it arrived within 4ms of the segment - immediately to the right in the window - -2003-10-25 06:07 guy - - * packet-cdp.c: - - Update comments to give a URL that defines some additional CDP - type values, and to use the names from the URL and to refer to - it. - -2003-10-25 06:10 guy - - * packet-cisco-oui.c: - - Add some additional Cisco Protocol ID values, and URLs for - documents that contain them. - -2003-10-25 06:19 guy - - * packet-cisco-oui.c: - - Add one more Cisco protocol type. + Make the declaration of "process_tcp_payload()" match the + definition. -2003-10-25 06:49 guy +2003-11-11 19:23 guy - * packet-per.c: - - In restricted character strings, deal with character values that - are greater than the alphabet length. - - Just use "proto_tree_add_item()" if you have a range of bytes, of - known length, that are to be added as an item - that handles both - FT_STRING and FT_BYTES, including null-terminating the string - value. - -2003-10-25 07:17 guy - - * packet-chdlc.c, packet-frame.c, wiretap/ngsniffer.c, - wiretap/visual.c, wiretap/wtap.c, wiretap/wtap.h: - - Add a new WTAP_ENCAP_CHDLC_WITH_PHDR type, to distinguish Cisco - HDLC captures with packet direction information from captures - without it. Use them appropriately. - -2003-10-26 03:09 sahlberg - - * file.c, gtk/io_stat.c: - - Update to cf_get_display_name() return "" if there is no - file loaded yet instead of crashing in io-stat - - io-stat only print the label for the top tick on the y axis to - make it look less cluttered - -2003-10-27 00:54 sharpe + * packet-tacacs.c: - * gtk/smb_stat.c: + "tacplus_pref_cb()" takes no arguments, not an unspecified list + of arguments. - This changes the Filter: label in the SMB Service Response Time - dialog box to a button that brings up the Create Filter dialog - box. While it works, the problem is that it also acts as an Enter - keypress as far as the start_stat button is concerned. +2003-11-11 18:25 guy - Probably needs a small fix. + * config.nmake: -2003-10-27 01:09 sharpe + Get rid of GLib 1.3 support - current versions of GTK+ 1.3 + require GLib 2.0, and earlier versions are sufficiently buggy + that we don't want to support them. - * gtk/smb_stat.c: +2003-11-11 13:59 ulfl - Make sure that Clicking OK in the filter creation dialog box does - not act as an OK to the dialog box it is called from. + * gtk/print_mswin.c: -2003-10-27 01:20 sharpe + added some print dialog flags, to disable some unsupported print + features (e.g. selection of pages from X to Y) - * gtk/: rpc_stat.c, smb_stat.c: +2003-11-11 08:29 guy - Add Filter Button support for onc-rpc as well ... + * AUTHORS, Makefile.am, Makefile.nmake, packet-ses.c, packet-ses.h, + doc/ethereal.pod: -2003-10-27 01:35 sharpe + From Yuriy Sidelnikov: ISO 8327-1 Session Protocol support. - * gtk/: dcerpc_stat.c, fc_stat.c: +2003-11-11 06:10 guy - Add filter button support to FibreChannel stats and DCERPC stats. + * plugins/: plugin_api_list.c, Xass-list, Xplugin_api.c, + Xplugin_api.h, Xplugin_api_decls.h, Xplugin_table.h: -2003-10-27 09:17 guy + Add "asn1_id_decode1()" to the list of exported functions. - * AUTHORS, packet-http.c, doc/ethereal.pod: +2003-11-11 05:54 guy - From Loïc Minier: HTTP header and payload desegmentation. + * packet-ansi_map.c: -2003-10-27 19:30 guy + From Michael Lum: - * packet-mdshdr.c: + Minor improvements. - From Dinesh Dutt: display the FC CRC for frames encapsulated with - MDSHDR, and show only the low-order 13 bits of the packet length - field. + Added IEI level decoding of cdma2000 Handoff * IOS data + parameters. -2003-10-27 19:34 guy +2003-11-11 05:51 guy - * packet-tcp.c: + * packet-ansi_a.c: - Squelch some signed vs. unsigned comparison warnings. + From Michael Lum: - Get rid of an unused variable. + Change P_xxx to ANSI_A_E_xxx. -2003-10-27 22:28 guy + Fix decoding of some parameters. - * packet-h225.c, packet-h245.c, packet-h450.c, packet-per.c: + Fix initialization of ett array. - From Lars Roland: whitespace cleanups. +2003-11-11 05:23 guy -2003-10-27 22:29 guy + * gtk/gui_prefs.c: - * packaging/nsis/Makefile.nmake: + The user interface preference page has only 9 rows in the GTK+ + 2.x version. - From Lars Roland: fix a typo. +2003-11-11 05:09 guy -2003-10-27 22:45 guy + * gtk/gui_prefs.c: - * epan/dfilter/scanner.l: + Create the last two items in the GUI preferences page's first + column the same way the other items are created - in order, going + down the page, and using "pos++" as the table position. - Allow + and , in unparsed strings, so that you can use + as a - sign in a number or exponent and so that floating-point numbers - can use , as well as . as a decimal point. +2003-11-10 22:31 guy -2003-10-27 23:12 guy + * packet-ansi_a.c: - * gtk/io_stat.c: + From Albert Chin: on HP-UX 11.00 (and possibly 10.20 + and perhaps some versions of Digital/Tru64 UNIX) drags in + , which drags in , which defines P_SID in + ways that cause this not to compile. Use P_MY_SID instead. - Don't draw a Y-axis label if you haven't constructed the label - string. +2003-11-10 21:42 guy -2003-10-27 23:31 guy + * packet-h225.c: - * Makefile.am, Makefile.nmake, packet-dcerpc-initshutdown.c, - packet-dcerpc-initshutdown.h: + From Martin Regner: - From a suggestion by Jim McDonough: support for the INITSHUTDOWN - service. + "aliasAddress", in an EndPoint sequence, is a sequence of + aliasAddresses. -2003-10-28 00:31 guy + Don't update the Info or Protocol columns in a pdu_item. - * AUTHORS, Makefile.am, Makefile.nmake, packet-h225.c, - packet-h225.h, tap-h225counter.c, doc/ethereal.pod, - doc/tethereal.pod, gtk/Makefile.am, gtk/Makefile.nmake, - gtk/h225_counter.c: +2003-11-10 20:22 guy - From Lars Roland: H.225 message and reason tag counter taps. + * packet-dcerpc-epm.c: -2003-10-28 03:57 guy + From Yaniv Kaul: - * packet-scsi.c: + 1. Add dissection of inquiry type (rpc_c_ep_all_elts / + rpc_c_ep_match_by_if / rpc_c_ep_match_by_obj / + rpc_c_ep_match_by_both). - From Dinesh Dutt: + 2. The version field seems incorrect to me - I believe it + is usually + should be version 2.0, not 0.2. + I suspect that the insertion of version information to + the hash + table is also wrong, (and the get for the version + should have + used _letohl() ) - but I did not change it. - Add dissection code for the following additional SCSI - commands: - - Start/Stop Unit - - Write Buffer - - Send Diagnostics + 3. Clean up some white space. - Don't copy the product serial number to a buffer before - printing - it. +2003-11-10 20:15 guy -2003-10-28 05:49 guy + * packet-ansi_a.c: - * doc/README.developer: + From Albert Chin: dynamically allocate the "ett" array - some + compilers (such as at least one older version of the HP C + compiler) can't cope with constant expressions that involve the + "?" operator, it appears; they think it's not a constant + expression. - As per a suggestion by Olivier Biot, note that objects pointed to - by pointer arguments to "proto_tree_add_XXX" functions are copied - - if you allocated a buffer for one of them (e.g., a string), and - you don't free that buffer when you're done with it, you'll leak - memory. + Also, as Albert notes, there's no reason for "ett" to be static + here. -2003-10-28 05:50 guy +2003-11-10 08:14 sahlberg - * doc/README.developer: + * packet-q931.c: - Clarify the previous checkin - that applies to the 'value' - argument. + The Q.931 dissector never checked whether the codeset variable + was set to a reasonable value or not. -2003-10-28 06:44 guy + This was problematic and caused crashes since this variable is + used as an index into an array where we grab a pointer (which is + later dereferenced). - * AUTHORS, Makefile.am, Makefile.nmake, packet-nt-tpcp.c: + Dereferencing that pointer will have surprising effects. Usually + crashes. - From Giles Scott: Alteon/Nortel Transparent Proxy Control - Protocol support. + Update Q.931 to verify sanity of the codeset variable everytime + it gets set. -2003-10-28 07:02 guy +2003-11-10 08:02 sahlberg - * AUTHORS, Makefile.am, configure.in, - packaging/nsis/Makefile.nmake, packaging/nsis/ethereal.nsi, - plugins/Makefile.am, plugins/Makefile.nmake, - plugins/asn1/.cvsignore, plugins/asn1/AUTHORS, - plugins/asn1/COPYING, plugins/asn1/ChangeLog, - plugins/asn1/INSTALL, plugins/asn1/Makefile.am, - plugins/asn1/Makefile.nmake, plugins/asn1/NEWS, - plugins/asn1/moduleinfo.h, plugins/asn1/packet-asn1.c: + * packet-smb.c: - From Matthias Melchior: plugin to decode BER-encoded ASN.1 - messages, given a type-table from "snacc" as a protocol - description. + Bugfix for ethereal crashes -2003-10-28 08:50 sahlberg + If the ByteCount field in the SMB PDU spanned beyond the end of + the packet because the packet was short or because the BC field + was corrupted and contained garbade data then the tree item for + the command (the subtree just after the SMBHeader subtree) would + describe data continuing beyond the end of the packet. - * packet-tcp.c: + If we selected one such tree in the dissect pane and used + Prepare/Match Selected this would cause the filter build thing + to try to access data beyod the end of the packet and ethereal + would dump core. - Full duplex analyzers that capture each direction of a link with - a separate NIC will lose the time integrity between the two NICs - more often than one might expect. It is thus relatively common - that a data segment and its ACK being swapped in the capture - file. + Change the END_OF_SMB macro so that it shrinks bc so that bc + never describes data beyond the end of the packet. - Therefore, drop the condition that a segment must not have been - acked yet in the detection of OutOfOrder segments. +2003-11-10 07:44 sahlberg - Second, fix a bug where we didnt keep track of the ack numbers - properly for relative sequence number analysis. + * packet-ldap.c, gtk/dcerpc_stat.c: -2003-10-28 17:27 guy + Not all LDAP PDUs are aligned to the start of a TCP segment. - * packet-scsi.c: + If we failed to dissect the GSS-SPNEGO blob it probably means + that the segment is somewhere in the middle of an LDAP PDU. - "%.*" expects an "int" argument giving the precision. + Just bail out and stop dissecting the PDU instead of aborting + ethereal completely using g_assert() since this is not really a + pathological error, its just something that can and will happen + normally. -2003-10-28 17:59 guy +2003-11-09 22:57 guy - * packet-wsp.c: + * asn1.c, asn1.h: - From Loïc Minier: get rid of the second of a pair of identical - checks. + Fix the type of the "integer" argument to + "asn1_uint32_value_decode()", as per a note by Michael Lum. - As per a note by Olivier Biot, make the "multipart/XXX" items all - lower case. +2003-11-09 22:55 guy -2003-10-28 18:08 guy + * AUTHORS, packet-rtcp.c, packet-rtp.c, doc/ethereal.pod: - * packet-ansi_a.c, packet-ansi_map.c, packet-bssap.c: + From Martin Mathieson: display the bitfields for - From Michael Lum: fixed BCD decoding of filler nibble and fixed - some minor bugs. + - the first 2 bytes of RTP headers + - the first byte of RTCP report. -2003-10-28 19:27 guy +2003-11-09 22:49 guy - * plugins/asn1/Makefile.nmake: + * packet-ansi_map.c: - Fix the Makefile to match other plugin Makefiles. + From Michael Lum: add the ability to put parameter data at the + end of the parameter name so that the user doesn't have to open + the parameter subtree to see the most important data. -2003-10-28 20:44 guy + Use "%u", not "%d", to print unsigned quantities. - * plugins/asn1/Makefile.nmake: + Get rid of includes of (we're not loading any code at + run-time in the dissector itself), and and + (we shouldn't need either of those). - This dissector uses GTK+ calls (which no dissector should); until - that's fixed, use GTK_CFLAGS and GTK_LIBS rather than GLIB_CFLAGS - and GLIB_LIBS. +2003-11-09 22:41 guy -2003-10-28 20:53 guy + * packet-gsm_a.c: - * plugins/asn1/packet-asn1.c: + From Michael Lum get rid of non-portable "%N$" constructs in + printf formats. - As we don't supply a default ASN.1 SNACC output file, if we get - an ENOENT when trying to open the SNACC file, and the file we're - trying to open is the default file, don't print a warning. + Use "%u", not "%d", to print unsigned quantities. - Fix some typoes. + Get rid of includes of (we're not loading any code at + run-time in the dissector itself), and and + (we shouldn't need either of those). -2003-10-28 21:01 guy +2003-11-09 22:32 guy - * plugins/: plugin_api_list.c, Xass-list, Xplugin_api.c, - Xplugin_api.h, Xplugin_api_decls.h, Xplugin_table.h: + * packet-ansi_a.c: - Add "get_datafile_dir()" to the plugin API list, for the benefit - of plugins that might get configuration information from a file. + Remove accidentally-inserted letter. -2003-10-28 21:04 guy +2003-11-09 22:30 guy - * plugins/asn1/packet-asn1.c: + * packet-ansi_a.c: - "get_datafile_dir()" is now in the plugin table. + From Michael Lum: -2003-10-28 21:45 guy + Fix some incorrect bit shifts. - * plugins/: plugin_api_list.c, Xass-list, Xplugin_api.c, - Xplugin_api.h, Xplugin_api_decls.h, Xplugin_table.h: + Get rid of non-portable "%N$" constructs in printf + formats. - Export "get_datafile_path()", not "get_datafile_dir()" - most if - not all dissectors need only the former, which does the - pathname-construction work for you. + Use "%u", not "%d", to print unsigned quantities. -2003-10-28 21:47 guy +2003-11-09 22:15 guy * plugins/asn1/packet-asn1.c: - Use "get_datafile_path()", rather than constructing the default - ASN.1 file path by hand. - - Set "default_asn1_filename", not "asn1_filename", to the default - path. - -2003-10-29 10:37 guy + From Albert Chin: the HP-UX 10.20 C compiler doesn't allow - * plugins/plugin_api.h: + typedef enum _foo foo; + enum _foo { + ... + }; - There's no need to #define tvb_get_string or tvb_get_stringz - - that's done in Xplugin_api.h. + You have to define the enum before using it in a typedef. (If I + had my ANSI C89 standard handy, I could say whether that was + legal ANSI C or not.) - However, we do need to include "epan/filesystem.h", to declare - "get_datafile_path()". +2003-11-09 22:13 guy -2003-10-29 10:54 guy + * packet-bssgp.c: - * plugins/asn1/packet-asn1.c: + From Albert Chin: get rid of null statements outside of function + bodies (that's what the ";" in - From Matthijs Melchior: #ifdef out the GUI code, for now. + int + foo(...) + { + ... + }; -2003-10-29 21:19 guy + is). - * AUTHORS, packet-diameter.c, doc/ethereal.pod: +2003-11-09 19:53 guy - From Steve Ford: "prefs_register_string_preference()" makes a - copy of any string pointed to by the preference variable - as the - value we set it to is allocated, we should free it after - registering the preference. + * packet-dcerpc-dcom.h: - The register routine is called only once - don't worry about - whether "gbl_diameterDictionary" is null or not. + From Albert Chin: get rid of C++ comments. - Get rid of a duplicate credit entry in the man page. +2003-11-09 01:36 guy -2003-10-29 21:54 guy + * prefs.c: - * packet-snmp.c: + From Gisle Vanem: - Fix some memory leaks found by Steve Ford. + Copy the "gui_fileopen_*" fields in "copy_prefs()". -2003-10-29 22:00 guy + Fix a typo in "free_prefs()". - * packet-snmp.c: +2003-11-08 05:47 guy - Actually, one of those *isn't* a leak; don't free something we - haven't allocated yet. + * packet-tcp.c, packet-tcp.h: -2003-10-29 22:02 guy + Have "decode_tcp_ports()" handle only the handoff to a + subdissector - and have it return TRUE if we succeeded, FALSE + otherwise - and have an internal "process_tcp_payload()" routine + handle the (TCP-specific) PDU tracking and sequence number + analysis, with an argument to indicate whether it should do that + or not (i.e., whether it's being handed a TCP segment or + reassembled data). - * packet-snmp.c: +2003-11-08 00:09 guy - Another leak that isn't. + * AUTHORS, packet-rsvp.c, doc/ethereal.pod: -2003-10-29 22:04 guy + From Mohammad Hanif: - * packet-snmp.c: + correct and enhance support for RSVP FAST_REROUTE and + DETOUR + objects (source: + draft-ietf-mpls-rsvp-lsp-fastreroute-03.txt); - ...and there's one leak we missed. + support an RSVP SESSION_OBJECT object with ctype = 1. + This + object contains resource affinities (source: RFC 3209). -2003-10-29 22:11 guy +2003-11-08 00:02 guy - * packet-snmp.c: + * packet-msproxy.c, packet-socks.c, packet-tcp.c, packet-tcp.h: - Plug that leak with a cleanup handler, so we don't leak the - variable OID if we throw an exception fetching the variable - value. + "decode_tcp_ports()" is for use by protocols that proxy + transport-layer packets/sessions, e.g. MSProxy and SOCKS. It + should not cause any of the TCP-specific stuff such as sequence + number analysis or PDU tracking to be done. (Actually, MSProxy + and SOCKS should offer desegmentation services *themselves* and + do their *own* PDU tracking, rather than just passing stuff on to + "decode_tcp_ports()", but that's another matter.) -2003-10-29 22:39 guy + Make "tcp_tree" once again be a local variable to + "dissect_tcp()", and pass it as an argument to those functions + that use it. - * gtk/toolbar.c: +2003-11-07 23:27 guy - Have the "edit display filters" button do the exact same thing as - the "Edit -> Display Filters..." menu item, as per Ulf Lamping - - there's apparently some problem wherein &args doesn't get passed - properly to the callback. + * Makefile.nmake, config.h.win32, config.nmake, + wiretap/Makefile.nmake, wiretap/config.h.win32: -2003-10-29 23:15 guy + Let people configure whether to build with Zlib or not solely by + controlling whether ZLIB_DIR is defined or not in config.nmake. - * gtk/dfilter_expr_dlg.c: +2003-11-07 23:26 guy - Put quotes around values for FT_ABSOLUTE_TIME variables, and - around values with white space in them. + * gtk/Makefile.nmake: -2003-10-29 23:48 guy + Nothing here should require zlib.h, so we shouldn't need to do + "/I$(ZLIB_DIR)". - * epan/: proto.c, proto.h, ftypes/ftype-bytes.c, - ftypes/ftype-string.c, ftypes/ftype-tvbuff.c: +2003-11-07 20:23 guy - Make the "fvalue_set" methods for types whose value is allocated - free any previously-allocated version first, so that they don't - leak memory. + * packet-wsp.c: - From Olivier Biot: add a "proto_item_append_string()" routine, to - append to the string value a protocol tree item has. + From Olivier Biot: implement the Range, Content-Range and + Content-Disposition headers. -2003-10-30 00:39 tpot +2003-11-07 20:07 guy - * packet-ipmi.c: + * packet-wsp.c: - Decorate higher level proto_item with NetFn and LUN values in - hex. + From Olivier Biot: add dissection for the Content-Base headeer. -2003-10-30 02:06 guy +2003-11-07 08:50 guy - * AUTHORS, Makefile.am, Makefile.nmake, packet-brdwlk.c, - packet-fc.c, packet-fc.h, packet-fcels.c, packet-fcels.h, - packet-fcip.c, packet-fcsb3.c, packet-fcsb3.h, packet-fcsp.c, - packet-fcsp.h, packet-fcswils.c, packet-fcswils.h, - packet-mdshdr.c, epan/packet_info.h: + * packet-fcels.c, packet-fcels.h: From Dinesh Dutt: - - Dissector for FICON - - Dissector for FC-SP (Security Protocol for Fibre - Channel) - - Patches to correct the reassembly of FC fragments. - - Support for new MDS Port Analyzer Adapters that carry - the - frame length for truncated frames. - -2003-10-30 03:11 guy - - * AUTHORS, doc/ethereal.pod, wiretap/AUTHORS, wiretap/Makefile.am, - wiretap/Makefile.nmake, wiretap/file_access.c, wiretap/hcidump.c, - wiretap/hcidump.h, wiretap/wtap.h: - - From Marcel Holtmann: support for reading Linux Bluez Bluetooth - stack "hcidump -w" traces. - - Note that Jesper Peterson contributed support for reading Endace - ERF files. - -2003-10-30 03:15 guy - - * packet-brdwlk.c: + - Added support for displaying support for + Multicast/Broadcast supported + bits in *LOGI common service params + - Removed restriction for "Random Relative Offset" & its + alternate to be in + PLOGI or PDISC only. Some HBAs set it even in FLOGI. - #if 0 out the stuff to set the reported length, as it'd throw an - exception if it would increase the reported length. +2003-11-07 08:47 guy -2003-10-30 07:00 guy + * packet-fcsp.c: - * AUTHORS, Makefile.am, Makefile.nmake, packet-ansi_a.c, - packet-ansi_map.c, packet-gsm_a.c, packet-gsm_sms.c: - - From Michael Lum: - - GSM BSSMAP (GSM 08.08) support - GSM DTAP (3GPP TS 24.008) support - GSM SMS (3GPP TS 24.011) support - GSM SS (3GPP TS 24.080) support - GSM SMS TPDU (3GPP TS 23.040) support - -2003-10-30 07:14 guy - - * packet-gsm_sms.c: - - From Michael Lum: squelch a couple of compiler warnings. - -2003-10-30 08:07 guy - - * packet-q931.c: - - From Anders Broman: - - fix the offset when putting the cause code in a Cause IE - into the - protocol tree; - - in a Number IE, show the number type, numbering plan, and - extension indicator as named-field bitfields. - -2003-10-30 08:34 guy - - * packet-q933.c: - - Apply Anders Broman's changes to the Q.931 dissector to the Q.933 - dissector: - - fix the offset when putting the cause code in a Cause IE - into the - protocol tree; - - in a Number IE, show the number type, numbering plan, and - extension indicator as named-field bitfields. - -2003-10-30 11:21 guy - - * packet-gsm_a.c: - - Definitions of arrays, with no length specified, are not legal C. - -2003-10-30 11:53 guy - - * wiretap/hcidump.c: - - The quantities in the hcidump header are little-endian, not - big-endian. + From Dinesh Dutt: -2003-10-30 11:54 guy + - Added support for decoding related to Security in *LOGI + service params + - Added support for new LS_RJT code for authentication + failure + - Brought packet-fcsp.c up-to-date with FC-SP rev 1.2 - * packet-gsm_sms.c: +2003-11-07 05:26 sahlberg - No zero-length arrays, please. + * Makefile.am, Makefile.nmake, packet-kpasswd.c: -2003-10-30 11:56 guy + New protocol: MS Kpasswd (RFC3244) - * plugins/asn1/packet-asn1.c: + KPasswd is partially dissected for UDP. - "strchr()" and the like would be compared against NULL; - "strcmp()", however, is compared against 0. + It would be very useful if someone added dissection of the asn.1 + encoded AP_REQ and the KRB-PRIV blobs. I dont think I will add + those. -2003-10-30 19:38 guy +2003-11-07 04:03 sahlberg - * packet-ansi_map.c: + * packet-ldap.c: - From Michael Lum: step over unknown parameters. + In some captures we might have already established and BOUND LDAP + session where GSS-SPNEGO is used. If we havent seen the BIND + call ethereal would assume it is vanilla non-GSS-SPNEGO LDAP and + would fail to decode the packet. -2003-10-30 19:39 guy + Add heuristics to the LDAP dissector so that IF the first 4 bytes + of the LDAP PDU looks like ity could be a length field and IF the + fifth byte has the value 0x60 then assume what we have is + GSS-SPNEGO and assume this and all further commands on this + session is GSS-SPNEGO as well. - * packet-gsm_a.c: +2003-11-07 03:47 guy - From Michael Lum: dissect DTAP from RANAP NAS PDU fields. + * packet-http.c: -2003-10-30 19:43 guy + Make a field for the Content-Type entity header, and give it an + EH_ value so it can be handled specially (with a string dissector + table so that subdissectors can register for particular content + types). - * packet-bssgp.c: +2003-11-07 01:29 guy - From Josef Korelus: fix reversed messages in true_false_string - tables. + * gtk/: menu.c, toolbar.c, toolbar.h: -2003-10-30 19:56 guy + "File->Open" should be available whether or not we have a captue + file open. - * tethereal.c: + The toolbar equivalent should *not* be available if we have an + "Update list of packets in real time" capture running. - On UNIX, give up set-UID and set-GID privileges before opening - capture files and immediately after opening capture devices, so - we run without privileges as much as possible. + The toolbar "Save" button should not be available if we don't + have an unsaved capture file. -2003-10-30 20:30 guy +2003-11-06 23:02 guy - * configure.in: + * gtk/menu.c: - If we don't have pod2man, quit - otherwise, we'd just drive on - and use the empty POD2MAN variable in commands, producing very - confusing errors. + Make Shift+Control+S an accelerator for "Save As...", as per the + GNOME HIG. -2003-10-30 22:06 guy +2003-11-06 22:45 guy - * configure.in: + * wiretap/: file_access.c, netmon.c, network_instruments.c, + network_instruments.h, wtap-int.h: - Wrap "x$POD2MAN" in quotes, so if there are spaces in the - pathname, the configure script doesn't fail. (The Makefile will - probably fail, but that's another matter.) + From Scott Emberley: support for writing Network Instruments + Observer files. - If "$POD2MAN" is empty, it could mean that pod2man is installed - but the user's path doesn't include the directory in which it's - installed; fix up the error message. +2003-11-06 09:52 guy -2003-10-31 00:43 guy + * doc/README.plugins: - * AUTHORS, doc/editcap.pod, doc/ethereal.pod, doc/mergecap.pod, - doc/tethereal.pod, wiretap/AUTHORS, wiretap/Makefile.am, - wiretap/Makefile.nmake, wiretap/file_access.c, - wiretap/network_instruments.c, wiretap/network_instruments.h, - wiretap/wtap.h: + Note that not all OSes on which Ethereal runs can support + plugins. - From Scott Emberley: support for reading Network Instruments - version 9 capture files. + Note that you have to modify plugins/Makefile.nmake. -2003-10-31 07:57 guy + Fix "plugin/" to "plugins/". - * util.c: + Update the sample Makefile.am and Makefile.nmake to match the + current state of affairs. - Include so that OSVERSIONINFO and the like are - defined on Windows. +2003-11-06 09:47 guy -2003-10-31 08:06 guy + * doc/README.developer: - * wiretap/: network_instruments.c, network_instruments.h: + Warn people not to use the "numbered argument" feature that many + UNIX printf's implement. - Temporarily get rid of the "struct tm" in "struct observer_time", - and get rid of the reference to its "tm_gmtoff" member - there - are platforms on which Ethereal runs that don't have "tm_gmtoff" - in "struct tm". If the time stamp in the packets is nanoseconds - since midnight 2001-01-01 *local* time, we'd need to compute the - offset between that and midnight 2000-01-01 GMT, and adjust the - time with that. +2003-11-06 09:32 guy -2003-10-31 08:13 guy + * plugins/acn/packet-acn.c: - * doc/: editcap.pod, ethereal.pod, mergecap.pod, tethereal.pod: + From Erwin Rol: fix some switched fields. - Fix some warnings from pod2man. +2003-11-06 09:28 guy -2003-10-31 08:15 guy + * packet-sccp.c: - * README: + From Michael Lum: have the SCCP dissector register itself by + name. - Update the list of supported capture formats. +2003-11-06 09:18 sahlberg -2003-10-31 18:28 guy + * packet-ldap.c, packet-tcp.c: - * plugins/acn/: acn.h, packet-acn.c: + Update to LDAP and TCP - From Erwin Rol: update. + LDAP messages that span multiple segments will throw an exception + unless we have reassembly enabled. -2003-10-31 19:45 guy + Update TCP so that IF an exception was thrown that we still pick + up any hints provided by the subdissector about where the next + PDU starts. - * gtk/rtp_analysis.c: + Update LDAP so that it will rpovide hints to TCP about where the + next LDAP PDU starts in the sequence number space. - From Lars Ruoff: + Thus now ethereal can find and dissect LDAP PDUs that starts + somewhere in the middle of a TCP segment. - - fix missing detection of first packet when writing - payload. - - fix bug of erroneous handling of confort noise when - writing payload. - - fix bug of possible endless silence insertion on first - packet when - writing payload. +2003-11-06 09:13 guy -2003-10-31 19:48 guy + * packet-dcerpc.c: - * packet-h225.c: + Update a comment. - From Martin Regner: fix a problem with vendorIdentifier in some - H.225 messages. + Catch another case where we need to check for a null + decrypted_tvb. -2003-11-01 02:30 guy +2003-11-06 09:05 guy - * AUTHORS, acinclude.m4, capture.c, capture.h, globals.h, - pcap-util.c, pcap-util.h, tethereal.c, doc/ethereal.pod, - doc/tethereal.pod, gtk/capture_dlg.c, gtk/main.c: + * plugins/: acn/Makefile.nmake, artnet/Makefile.nmake, + asn1/Makefile.nmake, docsis/Makefile.nmake, + gryphon/Makefile.nmake, lwres/Makefile.nmake, + megaco/Makefile.nmake, mgcp/Makefile.nmake, pcli/Makefile.nmake, + rtnet/Makefile.nmake: - Based on a patch from Brian Fundakowski Feldman, add support for - setting link-layer type when capturing, using the - "pcap_set_datalink()" and related APIs. + Use "$(OBJECTS)" whenever a complete list of .obj files appears, + rather than repeating the list from the setting of OBJECTS. -2003-11-01 03:03 guy +2003-11-06 08:54 guy - * gtk/main.c: + * packet-http.c: - Return FALSE from the configure event handler, so that anybody - else who's registered for it can get notified about it. + Add a mechanism to handle various entity headers, allowing their + (string) values to be put into the protocol tree as fields and + allowing some headers to get special treatment, and use it for + Authorization, Proxy-Authorization, WWW-Authenticate, and + Proxy-Authenticate. -2003-11-01 03:06 guy +2003-11-06 08:51 sahlberg - * plugins/plugin_api_list.c: - - From Charlie Duke: add more functions to the plugin API. + * packet-tcp.c: -2003-11-01 03:08 guy + Fix for TCP. - * plugins/plugin_api_list.c: + If we have short or malformed PDUs in protocols above TCP this + will generate an exception and thus some of the stateful things + such as keeping track of and printing the tcp analysis data will + be shourcutted and not called. - Move the new functions to the end of the list, so we don't change - the ordinal numbers of the routines already in the list (that - breaks binary compatibility). + Add a wrapper around the call to the subdissectors above TCP so + that if an exception is generated we will still catch it and + explicitely call tcp_print_sequence_number_analysis() so that + also short packets are handled well. -2003-11-01 03:10 guy - - * plugins/plugin_api_list.c: +2003-11-06 07:44 sahlberg - "End" means end, not "almost the end". + * packet-dcerpc.c: -2003-11-01 03:10 guy + Bugfix for dcerpc parsing of encrypted short packets. - * plugins/: Xass-list, Xplugin_api.c, Xplugin_api.h, - Xplugin_api_decls.h, Xplugin_table.h: + Sometimes if we cant decrypt a DCERPC packet decrypted_tvb is + NULL. - From Charlie Duke: add more functions to the plugin API. + do not pass a NULL pointer to show_stub_data() since this will + dump core. -2003-11-01 03:38 guy +2003-11-05 20:19 guy - * wiretap/: network_instruments.c, network_instruments.h: + * packet-ansi_a.c: - The time in Observer files is in nanoseconds since midnight, - January 1, 2000, 00:00:00 *local* time. The amount to add to - that is just the UNIX time stamp value for that point in time; - get it with "mktime()". + Get rid of includes of (we're not loading any code at + run-time in the dissector itself), and and + (we shouldn't need either of those, and they might + be responsible for dragging in on Digital UNIX - + that header defines P_SID in a way that conflicts with our + definition). -2003-11-01 04:42 guy +2003-11-05 20:10 guy - * ncp2222.py: + * plugins/acn/packet-acn.c: - From Greg Morris: + Update from Erwin Rol. - 1. Add several return values - 2. Fix the reply structure for NCP 22/48, 23/122 - 3. Fix the request structure for NCP 23/121 - 4. ServerID should be displayed as a hex value. - 5. ServerStationLong should be LE. - 6. JobNumberList should be JobNumberLong. - 7. Fix 87/64, 87/65, 87/66, 87/68, 87/69 - These are not - Advanced Audit - Service, they really 64 bit file support NCP's. +2003-11-05 20:10 guy -2003-11-02 03:55 tpot + * packet-ldap.c: - * packet-dcerpc-netlogon.c: + A "GHashFunc()" returns a "guint", not a "gint". - In a secure channel verifier, sometimes the nonce isn't present; - not sure why this is so. +2003-11-05 09:04 sahlberg -2003-11-02 19:31 gerald + * gtk/ldap_stat.c: - * gtk/main.c: + the LDAP service response time dialog - The recent link-layer type additions broke "-r". Make it work - again. +2003-11-05 09:04 sahlberg -2003-11-02 22:12 gerald + * packet-ldap.c, packet-ldap.h, doc/ethereal.pod, gtk/Makefile.am, + gtk/Makefile.nmake, gtk/service_response_time_table.c: - * ipproto.c, ipproto.h: + update for LDAP measure the response time for some LDAP commands + and add a service response time dialog for it - Add an entry for Novell NCS heartbeats (ID 0xE0). +2003-11-05 04:23 guy -2003-11-02 23:12 gerald + * packet-wtp.c: - * packet-snmp.c, util.c, epan/filesystem.c, epan/filesystem.h, - plugins/plugin_api_list.c, plugins/asn1/packet-asn1.c: + From Olivier Biot: have a separate subtree ett_ value for + concatenated PDUs. - From Gisle Vanem: +2003-11-04 22:14 guy - * Added a new function get_file_in_temp() to epan/filesystem.c. - This because of asn1.dll plugin which had code to write to a - log-file "c:\temp\ethereal.log". I feel this patch makes this - safer; I don't even have a c:\temp dir. + * wiretap/snoop.c: - * Patched packet-asn1.c to use get_file_in_temp(). + Sigh. Some snoop files have 6 bytes of padding; assume the file + is a snoop file unless it has enoguh padding to hold a Shomiti + trailer record. (DEAR SUN MICROSYSTEMS: PLEASE DO NOT STUFF 16 + OR MORE BYTES OF PADDING INTO A SNOOP PACKET. THANK YOU. HAVE A + NICE DAY.) - * Added some #undef to packet-snmp.c to silence gcc. + Add a little paranoia about the record and captured data lengths. - * Changed "%u" -> "%lu" formats in util.c +2003-11-04 21:44 guy - Rename get_file_in_temp() to get_tempfile_path() to match other - function names. + * packet-isakmp.c: -2003-11-02 23:24 gerald + Get rid of all the UDP-encapsulated IPSec stuff. - * packet-gsm_a.c: + draft-ietf-ipsec-udp-encaps-06 says "The UDP port numbers are the + same as used by IKE traffic, as defined in [Kiv05]", and + "[Kiv05]" is draft-ietf-ipsec-nat-t-ike-05, which has been + superseded by draft-ietf-ipsec-nat-t-ike-07; the latter appears + to imply that it goes over port 4500, not port 500. - From Michael Lum: Add decode of Bearer Capability parameter. + We already have a draft-ietf-ipsec-udp-encaps-06 dissector for + port 4500 (packet-ipsec-udp.c), and it's not entirely clear to me + how, if draft-ietf-ipsec-udp-encaps-06 traffic *did* go over port + 500, you'd distinguish it from regular ISAKMP traffic. -2003-11-03 02:41 gerald +2003-11-04 20:33 guy - * epan/filesystem.c: + * gtk/prefs_dlg.c: - Make get_tempfile_path() work like get_datafile_path(), which - removes a dependency on PATH_MAX (which apparently isn't defined - under Windows). + Skip the check for the module if a page doesn't have a module. -2003-11-03 02:46 gerald +2003-11-04 20:22 guy - * plugins/: Xass-list, Xplugin_api.c, Xplugin_api.h, - Xplugin_api_decls.h, Xplugin_table.h: + * gtk/prefs_dlg.c: - Export get_tempfile_path() to the plugins. + Clean up the way we find the properties page for a given protocol + somewhat; this fixes a bug wherein we were assuming all modules + necessarily had preference pages (they won't, if the only + preferences for the module are obsolete preferences). -2003-11-03 10:15 guy +2003-11-04 19:47 guy - * AUTHORS, packet-wsp.c, packet-wsp.h: + * packet-wsp.c: From Olivier Biot: - * Use function reference arrays for header parse function - lookup - (avoids switch()) - - * Use macros for the common parts of the header parse - functions - - * Use macros for identical header dissection functions - - * Implement many missing header parse functions - - * Automatic header parse error notification - - * Some minor edits - - * Add HTTP equivalents to WSP status codes - -2003-11-03 10:36 guy - - * gtk/capture_combo_utils.c: - - "g_list_first()" takes an arbitrary list entry as an argument; - you don't need to call it if you already have a pointer to the - first entry in the list, which is what "a pointer to the list" - is. - -2003-11-03 10:40 guy - - * gtk/capture_dlg.c: - - Don't try to get the list of link-layer header types for an - interface if the interface isn't in the list of known (local) - interfaces - that way we don't try to get entries if the user's - in the middle of changing the "Interface:" text, or if the - interface is an rpcap: URL (getting the link-layer header type - list for a remote interface is currently impossible, and even - just getting its *default* interface type could hang for a long - time if the remote machine isn't responding). - - Free the link-layer header type list when we're done with it. - - Label the option menu for that list "Link-layer header type", as - it doesn't control the data link type of the interface in the - only case I know of where it's settable, namely 802.11 interfaces - - it just controls whether the packets you get from the interface - have a fake Ethernet header or a real 802.11 header. - -2003-11-03 20:45 guy + * Extra headers: Encoding-Version, WWW-Authenticate, + Proxy-Authenticate - * gtk/rtp_analysis.c: + * Fix memory allocate/free in header parsing functions & + macros - From Lars Ruoff: fix a problem with wrong maximum delay - calculation - first or marked packets are now ignored when - calculating maximum delay. - -2003-11-03 20:49 guy + * Add missing "ok = TRUE" for some header parsing + functions - * packet-q931.c: + * Header subfields all share the same subtree identifier + (more + intuitive) - Fro Anders Broman: fix the meaning of the extension bit, and add - some more bitfields. + * Get rid of unused header fields and subtrees -2003-11-03 20:57 guy + * Some whitespace changes - * packet-q933.c: +2003-11-04 18:37 guy - Apply Anders Broman's changes to the Q.931 dissector to the Q.933 - dissector: + * plugins/asn1/packet-asn1.c, plugins/gryphon/packet-gryphon.c, + AUTHORS, doc/ethereal.pod: - fix the meaning of the extension bit, and add some more - bitfields. + From Masaki Chikama: fix static compilation of "generic ASN.1" + and Gryphon plugins. -2003-11-03 21:00 guy +2003-11-04 16:44 gerald - * gtk/proto_draw.c: + * plugins/asn1/packet-asn1.c: - From Olivier Abad: Insert the GTK+ 2.2.4 - "gtk_tree_view_expand_to_path()" when building with GTK+ 2.0[.x], - so that we can build with 2.0[.x]. + #ifdef out "#include ", so that --disable-ethereal + works again. -2003-11-03 22:32 guy +2003-11-04 08:16 guy - * epan/filesystem.c: + * packet-http.c: - Use "g_get_tmp_dir()" to get the pathname of the temporary file - directory. + If we've already constructed a subset tvbuff, don't construct an + identical one and throw away the first one. -- cgit v1.2.1