| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Set the protocol and info columns before fetching anything that might
cause an exception.
Add some more different fields for the different types of host names in
browser packets.
Force an exception to be thrown if there's no NUL terminator for a name
in the tvbuff.
svn path=/trunk/; revision=3711
|
|
svn path=/trunk/; revision=3669
|
|
svn path=/trunk/; revision=3668
|
|
that's how Network Monitor displays them. (What are they if they're not
0xffff?).
The PDC Startup announcement message, if not short, includes an LMNT
token between the NT version and LM20 token.
After the DB Count in an Announce change to UAS or SAM message there are
that number of DBChange Info Structures, according to Network Monitor;
dissect them. After that, there is a domain SID size, and, if that size
is non-zero, a domain SID, and only then
In a SAM LOGON request, the domain SID size is a 4-byte quantity, not a
2-byte quantity, and is followed by a domain SID, an NT version, an LMNT
token, and an LM token, according to Network Monitor.
Display the NT version in decimal, as that's how Network Monitor
displays it.
svn path=/trunk/; revision=3666
|
|
LM token - it appears to have the value 0xffff in several captures, and
follows an "LMNT Token" field, so it might be an LM token.
svn path=/trunk/; revision=3663
|
|
Fixed up some longstanding bugs (predating the tvbuffification)
discovered during regression testing of the tvbuffification.
svn path=/trunk/; revision=3661
|
|
into a "packet-smb-browse.h" header file, and have modules that import
those routines include "packet-smb-browse.h" rather than declaring the
routines themselves; do the same for routines exported from
"packet-smb-logon.c".
Make routines and arrays not exported static, and make routines that
return a true/false return value "gboolean" rather than "guint32".
svn path=/trunk/; revision=3147
|
|
svn path=/trunk/; revision=2879
|
|
protocols, in addition to adding structures to the list of filterable
fields. Give it an extra argument that specifies a "short name" for the
protocol, for use in such places as
pinfo->current_proto;
the dialog box for constructing filters;
the preferences tab for the protocol;
and so on (although we're not yet using it in all those places).
Make the preference name that appears in the preferences file and the
command line for the DIAMETER protocol "diameter", not "Diameter"; the
convention is that the name in question be all-lower-case.
Make some routines and variables that aren't exported static.
Update a comment in the ICP dissector to make it clear that the
dissector won't see fragments other than the first fragment of a
fragmented datagram.
svn path=/trunk/; revision=2810
|
|
can be put, and a pointer to the string for the column, which might or
might not point to that buffer.
Add a routine "col_set_str()", which sets the string for the column to
the string passed to it as an argument; it should only be handed a
static string (a string constant would be ideal). It doesn't do any
copying, so it's faster than "col_add_str()".
Make the routines that append to columns check whether the pointer to
the string for the column points to the buffer for the column and, if
not, copy the string for the column to the buffer for the column so that
you can append to it (so you can use "col_set_str()" and then use
"col_append_str()" or "col_append_fstr()").
Convert a bunch of "col_add_str()" calls that take a string constant as
an argument to "col_set_str()" calls.
Convert some "col_add_fstr()" calls that take a string constant as the
only argument - i.e., the format string doesn't have any "%" slots into
which to put strings for subsequent arguments to "col_set_str()" calls
(those calls are just like "col_add_str()" calls).
Replace an END_OF_FRAME reference in a tvbuffified dissector with a
"tvb_length(tvb)" call.
svn path=/trunk/; revision=2670
|
|
The Cmd variable was being clamped below that value ...
svn path=/trunk/; revision=2544
|
|
the following:
It is now possible to enable/disable a particular protocol decoding
(i.e. the protocol dissector is void or not). When a protocol
is disabled, it is displayed as Data and of course, all linked
sub-protocols are disabled as well.
Disabling a protocol could be interesting:
- in case of buggy dissectors
- in case of wrong heuristics
- for performance reasons
- to decode the data as another protocol (TODO)
Currently (if I am not wrong), all dissectors but NFS can be disabled
(and dissectors that do not register protocols :-)
I do not like the way the RPC sub-dissectors are disabled (in the
sub-dissectors) since this could be done in the RPC dissector itself,
knowing the sub-protocol hfinfo entry (this is why, I've not modified
the NFS one yet).
Two functions are added in proto.c :
gboolean proto_is_protocol_enabled(int n);
void proto_set_decoding(int n, gboolean enabled);
and two MACROs which can be used in dissectors:
OLD_CHECK_DISPLAY_AS_DATA(index, pd, offset, fd, tree)
CHECK_DISPLAY_AS_DATA(index, tvb, pinfo, tree)
See also the XXX in proto_dlg.c and proto.c around the new functions.
svn path=/trunk/; revision=2267
|
|
packet length.
Use "IS_DATA_IN_FRAME()", rather than checking if "offset+1" is greater
than "pi.captured_len", to check whether there's any data left in the
packet.
Check whether data is in the packet *before* extracting it and stuffing
an item into the tree with it.
svn path=/trunk/; revision=2216
|
|
of the packet, use "pi.captured_len" - "fd->pkt_len" may include data
that isn't in the capture, due to a short snapshot length.
Don't use "fd->cap_len" when checking to see if you've run off the end
of the packe, use "pi.captured_len" - "fd->cap_len" isn't adjusted to
reflect any length fields, but "pi.captured_len" is (removing, for
example, Ethernet padding from the packet).
Use "END_OF_FRAME" rather than "pi.captured_len - offset", to make it a
bit clearer what's being done.
In the V.120 dissector, use "tvb_length()" when adding the top-level
protocol tree entry for V.120, as it's a tvbuffified dissector.
svn path=/trunk/; revision=2214
|
|
a particular type, rather than taking a varargs list, along the lines of
the "proto_tree_add_XXX_format()" routines.
Replace most calls to "proto_tree_add_item()" and
"proto_tree_add_item_hidden()" with calls to those routines.
Rename "proto_tree_add_item()" and "proto_tree_add_item_hidden()" to
"proto_tree_add_item_old()" and "proto_tree_add_item_hidden_old()", and
add new "proto_tree_add_item()" and "proto_tree_add_item_hidden()"
routines that don't take the item to be added as an argument - instead,
they fetch the argument from the packet whose tvbuff was handed to them,
from the offset handed to them.
svn path=/trunk/; revision=2031
|
|
Add exceptions routines.
Convert proto_tree_add_*() routines to require tvbuff_t* argument.
Convert all dissectors to pass NULL argument ("NullTVB" macro == NULL) as
the tvbuff_t* argument to proto_tree_add_*() routines.
dissect_packet() creates a tvbuff_t, wraps the next dissect call in
a TRY block, will print "Short Frame" on the proto_tree if a BoundsError
exception is caught.
The FDDI dissector is converted to use tvbuff's.
svn path=/trunk/; revision=1939
|
|
svn path=/trunk/; revision=1662
|
|
are sent in response to Win9X requests as well as the longer ones that
are sent to WinNT and above requests.
svn path=/trunk/; revision=1661
|
|
"packet-smb.c" up into several files.
svn path=/trunk/; revision=1629
|
