| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Bug: 14054
Change-Id: Ib6fbb58cab4d9eb140c0911391a9c330a036cfd1
Reviewed-on: https://code.wireshark.org/review/23515
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
They're not used anywhere other than inside the dissectors, so make them
private to the dissectors.
Change-Id: I9946713f34f95a8173fd7748055fd4aa2e870f70
Reviewed-on: https://code.wireshark.org/review/23357
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This gets complicated, because those subdissectors might be called by
other dissectors as well. We need a better way of passing that sort of
out-of-bound information.
Pull some routines used for processing Content-Type parameters into
common code; we can't guarantee that the media parameters passed in
would be writable (passing it as *the* data hid that; passing a
structure with that *and* the HTTP message type revealed it), so don't
convert it to lower-case in place.
Use that information, if available, to determine whether an IPP message
is a requet or a response.
Change-Id: I4bccc9f05cd0b14ad445be7ab37b3d884d841325
Reviewed-on: https://code.wireshark.org/review/17216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
It's not - it could be called from the SSL dissector or the SCTP
dissector. Create separate dissectors for all of them; they can, if
passed appropriate metadata in the "data" argument, process it
appropriately for the type of metadata the calling tissector supplies.
Bug: 12344
Change-Id: I8d9a2f3173e6de42b31993bbb6c81d161f68bf8c
Reviewed-on: https://code.wireshark.org/review/14944
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This adds the possibility to filter on the negotiated WebSocket
protocol from the upgrade response as well as on a specific TCP port
Bug: 12298
Change-Id: I8e0b785cec0b8c71ec558b74ac07c81194268b38
Signed-off-by: Gregor Jasny <gjasny@googlemail.com>
Reviewed-on: https://code.wireshark.org/review/14645
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add HTTP Proxy Service attributes and UUID.
Change-Id: If0ab490f2df0930d2b80687ac4c9a1d7e4d463e4
Reviewed-on: https://code.wireshark.org/review/11978
Reviewed-by: Michal Labedzki <michal.labedzki@tieto.com>
|
|
On amd64 before patch: sizeof(http_conv_t) == 88, after: 72 bytes.
Change-Id: I2863f1c7223a904dadfbe68dc41bc61fc2cc378a
Reviewed-on: https://code.wireshark.org/review/1388
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Using value_is_in_range is making quite some assumptions, namely (1) the
proxy server is always run on a registered HTTP port, and (2) the
source (client) port is always not HTTP. The former is quite a strong
assertion which fails to hold when using a custom port (8008) that got
detected through heuristics.
Fix this by recording the source address and port pair for the server
and then check this against the current packet.
This fixes detection of a SSL conversation where two conversations got
detected instead of one. Example: 8008 is proxy, 443 is target server.
Now the proxied conversation got detected as 443 --> "client port"
(server to client, ok) and 443 --> 8008 (client to server, not ok,
should be "client port" --> 443).
bug:7717
Change-Id: I05113ec2aca6c9296184759a8a62eb32cbfcbb4f
Reviewed-on: https://code.wireshark.org/review/1380
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
Request-response tracking and response-time calculation for HTTP.
svn path=/trunk/; revision=47694
|
|
traffic *without* claiming all that traffic for themselves; they might
want, instead, to register for a particular media type.
Not all traffic to or from port 3689 is DAAP - not even traffic between
two Apple machines doing media stuff (e.g., some FairPlay traffic
isn't). Register for the media type application/x-dmap-tagged, and just
say port 3689 is HTTP. This means we can get rid of the FPLY hack, as
that traffic is application/octet-stream. Update some comments.
Leave it up to the DAAP dissector to tag traffic as DAAP in the protocol
column.
svn path=/trunk/; revision=47376
|
|
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
sizeof.
Cast away some implicit 64-bit-to-32-bit conversion errors due to use of
strtol() and strtoul().
Change some data types to avoid those implicit conversion warnings.
When assigning a constant to a float, make sure the constant isn't a
double, by appending "f" to the constant.
Constify a bunch of variables, parameters, and return values to
eliminate warnings due to strings being given const qualifiers. Cast
away those warnings in some cases where an API we don't control forces
us to do so.
Enable a bunch of additional warnings by default. Note why at least
some of the other warnings aren't enabled.
randpkt.c and text2pcap.c are used to build programs, so they don't need
to be in EXTRA_DIST.
If the user specifies --enable-warnings-as-errors, add -Werror *even if
the user specified --enable-extra-gcc-flags; assume they know what
they're doing and are willing to have the compile fail due to the extra
GCC warnings being treated as errors.
svn path=/trunk/; revision=46748
|
|
WebSocket dissector improvements
- Now works for WebSocket packets not aligned with IP packets.
- Support subdissectors.
From me :
- Fix checkAPIs warning (about comments)
- Remove some whitespace
svn path=/trunk/; revision=45875
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
Add WebSocket Protocol dissector (RFC6455)
* Support Base Framing Protocol
* Support of major opcode (Text, Binary, Close, Ping, Pong...)
* Support of unmask Payload (Client-to-Server Masking)
TODO
* Add fragmentation support
* Add WebSocket Extensions
svn path=/trunk/; revision=42163
|
|
http proxy), let the proxied protocol take care of reassembly itself.
svn path=/trunk/; revision=23949
|
|
- Split the HTTP tap into two taps: one for the HTTP statistics
and the other for the export object function. This allows the
HTTP statistics to work again (they seem to have been
partially broken since SVN rev 18901).
- Pass the conversation data (conv_data) between functions now
instead of using the global variable stat_info (now only used
for the HTTP stats)
- Pass only pointers from the HTTP dissector to the Export Object
tap, where we'll then copy the values and insert into the slist.
- Make sure we free all memory allocated by this feature when
we're done with it.
- Various other minor improvements
svn path=/trunk/; revision=21021
|
|
feature lists all of the content found in an HTTP stream (images, http, etc.)
and displays it in a list that allows the user to save each one as a file that
is already reassembled by the dissectors.
svn path=/trunk/; revision=20867
|
|
Could you apply the attached patch also to finish it off - I
failed to include it in the original e-mail.
svn path=/trunk/; revision=18906
|
|
svn path=/trunk/; revision=18196
|
|
- stat_infos are mantained in a GPtrArray to avoid leaking and overwriting them
- added http_host and request_uri to http_info_value_t
svn path=/trunk/; revision=13555
|
|
Also move ncp222.py, x11-fields, process-x11-fields.pl,
make-reg-dotc, and make-reg-dotc.py.
Adjust #include lines in files that include packet-*.h
files.
svn path=/trunk/; revision=11410
|
