Age | Commit message (Collapse) | Author | Files | Lines |
|
http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32790 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4422
From me: Fix a number of instances where the function prototype or
the function definition wasn't changed so there was a mismatch
thus causing Windows (but not gcc) compilation errors.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32365 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32361 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4422
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@32360 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
free memory properly on shutdown.
This is an initial step. There's still some work to do.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@29754 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@25158 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
memory leak but it does save a 12 line comment explaining why the const-ness of the pointers was being cast away and (more importantly) fixes the conversation part of the crashes detailed in http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1113 . In particular the conversation keys themselves are se_ alloc'd so by the time we get to conversation_init() (again) the keys have already been freed by the se_ allocator so traversing them isn't such a good idea.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@24661 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
conversation_lookup_hashtable() did not return the correct conversation for the first packet of a conversation (ie when frame_num == conversation->setup_frame).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@23303 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
as the other address macros do.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21588 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
does (i.e., it will add the address bytes to the value that's already
there - it will not initialize the value, so you have to clear it before
doing any hashing).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21578 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Use it in the IAX2 dissector and in the conversation code.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@21577 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
the supplied patch fixes a problem where the options value should really be used from the conversation found (using
conversation_lookup_hashtable(...) to create a new conversation based on the already stored conversation template (the CONVERSATION_TEMPLATE bit is set in the stored conversation) rather from the options argument passed to the function(s).
This solves a problem that otherwise shows itself where "DISSECTOR_ASSERT(!(conv->options & CONVERSATION_TEMPLATE) && "Use the conversation_create_from_template function when the CONVERSATION_TEMPLATE bit is set in the options mask");" fails sometimes.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18825 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@18197 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15329 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@15171 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
fix bug in conversation_delete_proto_data
second argument to g_slist_remove() is a pointer to the data, not a GSlist containing a list of such pointers.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@14755 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
protocol during different stages of an application cycle.
This is very naughty and will cause problems when we have assigned a dissector to a dynamic port using conversation_set_dissector().
To make ethereal handle this case I have changed the try_conversation_dissector() to allow it to fail and return 0, meaning yes there is indeed a protocol registered for this conversation but that protocol rejected this packet.
(which only happens for "new" style dissectors, "old" style dissectors will never reject a packet that way)
When this happens the decode_udp_port() helper will still allow other dissectors to be tried, in the hope that the conversation is now used for some other protocol and thus someone else might be able to decode the packet.
Update SNMP and TFTP dissectors to check that even if there already is a conversation but that conversation does NOT have snmp/tftp registered as the dissector for it, then create a new conversation anyway and attach the proper dissector.
Since ethereal keeps track of which frame number a conversation started in, this actually works really well.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@14345 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13871 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
changed the conversation code).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@13250 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
the template is left around, and a new conversation is created with
the wildcards in the template un-wildcarded.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@12757 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
they have LF at the end of the line on UN*X and CR/LF on Windows;
hopefully this means that if a CR/LF version is checked in on Windows,
the CRs will be stripped so that they show up only when checked out on
Windows, not on UN*X.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11400 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
- conversation.[ch] - To support not setting port2 on matching a
conversation. This is used by protocols such as iSNS in which the client
registers a TCP/UDP port with the server for notifications and the server
sends notifications to this port from different source ports.
- packet-isns.c - Added support for handling zero-length TLVs and ESI & SCN
frames (when registering an SCN/ESI port, a conversation dissector is
setup).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@11320 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@9605 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
header, Extended Link Service, Interswitch Link Service, FCP, and IPFC.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6757 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
non-const pointers.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6683 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"try_circuit_dissector()" and "try_conversation_dissector()", as both fo
them call "call_dissector()" and "call_dissector()" now does that stuff
itself.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6520 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
winapi_cleanup tool written by Patrik Stridvall for the wine
project.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@6116 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
equivalents for the epan/ directory but leave winsock2.h in inet_pton.c
and inet_ntop.c for now (can't estimate the consequences).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5928 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
When we see PRTOMAP GETPORT calls for UDP, make sure all further UDP packets to or from
this port goes to the ONC-RPC dissector regardless of the port on the other side.
We need this because if there is ONC-RPC traffic going between the ONC-RPC Program port to a port which has a normal ethereal dissector, ethereal would dissect the traffic as the protocol associated with the other port instead.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@5430 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
1. Changes how can_desegment works so that can_desegment is
only != 0 for whichever dissector is running immediately on
top of whoever offers the can_desegment service.
Thus DCERPC needs no special handling to see if it can trust
can_desegment (which is currently only available ontop of TCP
and not ontop of tcp->nbss->smb).
2. Changes fragment reassembly of transaction smb to only show
the defragmented packet for the transaction smb holding the
first fragment.
To see why, test it with a transaction SMB containing a ~60kb
PDU or larger. The old behaviour had approximately quadratic
behaviour regarding runtime for dissecting such PDUs.
(example: NetShareEnum is a command which can grow really really
large if the number of shares and comments are large)
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4296 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
than a pointer to a dissector function, as an argument.
This means that the conversation dissector is called through
"call_dissector()", so the dissector itself doesn't have to worry about
checking whether the protocol is enabled or setting
"pinfo->current_proto", so get rid of the code that does that in
conversation dissectors. Also, make the conversation dissectors static.
Get rid of some direct calls to dissectors; replace them with calls
through handles, and, again, get rid of code to check whether a protocol
is enabled and set "pinfo->current_proto" where that code isn't needed.
Make those dissectors static if they aren't already static.
Add a routine "create_dissector_handle()" to create a dissector handle
without registering it by name, if the dissector isn't used outside the
module in which it's defined.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4281 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4239 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
dissectors and that's no longer needed.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4112 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
of protocol-id-plus-datum pairs, so that multiple protocols can attach
information to the same conversation.
Dissectors that attach information to a conversation should not assume
that if they find a conversation it has one of its data attached to it;
the conversation might've been created by another dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3901 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
that look up conversations in hash tables, unless they are arguments
that will be ignored; if they're not being ignored, then if the argument
is a null pointer you may get a crash if it's dereferenced, and if it's
not a null pointer you'll only get a match if the conversation has
whatever stuff the arguments points to as its first address or port.
If you match a conversation with a wildcarded address and/or port, and
the address and/or port matched a non-wildcarded search argument, and
the conversation is for a connection-oriented transport protocol, set
the wildcarded address and/or port for the conversation to the value
that matched it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3897 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"try_conversation_dissector()" does - start with as exact matches as
possible, and then start doing wildcarding - so that it can find
conversations with wildcard addresses or ports even if both address and
port arguments are supplied to it.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3893 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
to imply that
1) conversations have source and destination addresses and ports
- they don't (if they did, they'd be monologues, not
conversations), they just have two address/port pairs for the
two endpoints, with one or more of the address or port in the
second pair possibly being wildcarded;
2) the first and second address or port argument to
"find_conversation()" or "try_conversation_dissector()" have
anything to do with the first or second address/port pair in
a conversation - they don't, the two arguments to those
routines are matched against *both* address/port pairs for a
conversation;
as otherwise people might think that they need to add flags to wildcard
the first arguments "conversation_new()" or "find_conversation()" (they
don't, they just have to pass the non-wildcarded address/port first and
then pass the wildcarded one, even if that means passing the destination
first and source second).
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3537 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Split some lines differently.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3519 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
another (copying the data to a mallocated array) in
"epan/packet_info.h", and use it in the conversation code.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3510 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
structures as arguments, that evaluates to "true" if the two addresses
are equal and "false" if they're not equal. Use that macro in the
conversation code.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@3509 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
"old_dissector_try_heuristic()" any more, as their users have all been
tvbuffified - get rid of them.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2660 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
in "try_conversation_dissector()" that they're done in
"old_try_conversation_dissector()".
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2656 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
conversation doesn't have a dissector.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2655 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
source *and* destination port and/or both the source *and* destination
address passed to "find_conversation()", because the packet for which
you're trying to find the conversation may be going in the opposite
direction to the packet for which the conversation was originally
created.
Create different hash tables for wildcarded conversations, to reduce the
number of "is this a wildcard?" tests done when doing hash lookups.
This is sufficient to allow the TFTP dissector to use conversations
rather than being special-cased in the UDP dissector, and may also be
sufficient to handle a similar problem with SMTP (request goes from
client IP X port Y to server IP Z's well-known port, reply comes back
from some other port on server Z to client IP X port Y), but further use
may reveal other changes that should be made.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2525 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
Jeff Foster.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2523 f5534014-38df-0310-8fa8-9805f1628bb7
|
|
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@2458 f5534014-38df-0310-8fa8-9805f1628bb7
|