| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
structure, rather than a fixed field. Get rid of that fixed field, as
it's no longer needed.
Use dissect_ndr_byte_array() rather than dissect_ndr_char_cvstring() in
a case where we have an opaque byte array.
Have dissect_ndr_cvstring() and dissect_ndr_vstring() - and, therefore,
routines that call them, such as dissect_ndr_cstring(),
dissect_ndr_char_cvstring(), dissect_ndr_char_vstring(), and
dissect_ndr_wchar_vstring() - require that the field being used by an
FT_STRING field. Manually fix a case where the PIDL generator makes
such a field FT_NONE rather than FT_STRING. Also handle EBCDIC, just in
case we happen to see a packet with EBCDIC strings.
Use tvb_get_string_enc(), rather than tvb_get_unicode_string() or
tvb_get_string(), in dissect_ndr_cvstring() and dissect_ndr_vstring().
svn path=/trunk/; revision=54134
|
|
proto data.
svn path=/trunk/; revision=53559
|
|
to be "used" by dissectors, just stored (for help in debugging?).
svn path=/trunk/; revision=53552
|
|
We presumably want "decode as" behavior to be consistent across UIs so
call load_decode_as_entries() from read_prefs().
svn path=/trunk/; revision=53498
|
|
the GUI. Bug 9450 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9450)
The basic idea behind this design is to have dissectors register with a "decode as list" with their name and dissector table. When "Decode As" dialog is launched, any "registered" dissector found in the packet will cause a tab to be created in the dialog. Any GUI (GTK+/Qt/tshark) can just hook into the "decode as list" to see what can be provided.
This patch includes the GUI portion of the functionality (including packet-dcerpc.[ch] because it had some GUI dependencies that are now removed).
Other notes:
1. Some "GUI text" (UTF8_LEFTWARDS_ARROW and similar) made their way into the dissector code. Not sure how necessary it is and if reformatting the strings to avoid the macros is desired (TCP/UDP use it, SCTP doesn't).
2. I converted the SCTP functionality to have 2 tabs (instead of radio button), currently both are labeled "Transport" which could be confusing to users. Naming suggestions welcome (as well as for naming of tabs from other dissectors).
3. BER and DCERPC have more opportunity to use Decode As now that they are selected based on dissector presense, not packet_info values.
4. Catapult DCT2000 populates pinfo->ipproto, yet under new design will not show up to do Decode As. Should a "decode as item" be created for it?
5. BER dissector doesn't have Clear/Show Current functionality working (never did)
6. Bluetooth (in old design) could have been used "capture wide" instead of single packet (creating tabs of values not present in current packet), which goes against what I believe to be in the intent of Decode As, but I'm willing to hear counter-arguments.
svn path=/trunk/; revision=53446
|
|
dcerpc_info* infomation be passed in as a function parameter. Bug 9387 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9387)
All "generated" source was manually modified (with the power of search/replace), but I believe the "source input" files have been adjusted (checked into revs 53098 and 53099) to reflect the necessary changes (with possible whitespace formatting differences).
The Microsoft compiler doesn't flag "unused function parameters", so I apologize in advance if I may have missed a few. The "dcerpc_info* di" parameter is used in almost every function.
svn path=/trunk/; revision=53100
|
|
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9307)
From Matthieu Patou
svn path=/trunk/; revision=52743
|
|
varying but pidl insists on having a different function. Bug 9306 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9306)
From Matthieu Patou.
svn path=/trunk/; revision=52742
|
|
dissected. Bug 9305 (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9305).
From Matthieu Patou
svn path=/trunk/; revision=52741
|
|
svn path=/trunk/; revision=52591
|
|
Also remove old WS_VAR_IMPORT define and related Makefile magic
everywhere in the project.
svn path=/trunk/; revision=47992
|
|
svn path=/trunk/; revision=46208
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
representation. Use it rather than a raw 0x10.
Add a DREP_ENC_INTEGER() macro that takes a pointer to the data
representation and returns either ENC_LITTLE_ENDIAN or ENC_BIG_ENDIAN;
use it for the encoding argument to proto_tree_add_item(), rather than
just the AND of drep[0] and DREP_LITTLE_ENDIAN, as it's not a boolean
any more, and for string values we'll be supporting character encodings
as well and thus won't be able to trust that the 0x10 bit will mean
"little endian".
Use ENC_NA for some other encoding values, i.e. for FT_BYTES and the
like.
Fix a couple of places in the DCOM dissector where we were passing the
byte-order bit rather than the field value to
proto_tree_add_uint_format().
Clean up white space.
svn path=/trunk/; revision=38128
|
|
I've just finished to write a ncacn_http dissector for Wireshark which
provides the ability to dissect Outlook anywhere packets properly (as
specified by [MS-RPCH].pdf documentation.
svn path=/trunk/; revision=35259
|
|
unaligned unmarshalling of dissectors generated by PIDL.
This will allow us to use PIDL and additional IDLs from the samba
project since they use "noalign" for certain protocols.
This may also allow us to use PIDL to describe, and machinegenerate
dissectors for normal, non-DCERPC, protocols.
This patch for PIDL is still under review, but the PIDL patch is l;ikely
to be committed soonish.
svn path=/trunk/; revision=31583
|
|
svn path=/trunk/; revision=30272
|
|
function dissect_ndr_uint1632()
svn path=/trunk/; revision=30265
|
|
the new datatype uint3264.
create a fake guint3264 type as well
svn path=/trunk/; revision=30264
|
|
on whether nrd or ndr64 is used.
svn path=/trunk/; revision=30263
|
|
pointers as 8 byte entities when ndr64 is negotiated
svn path=/trunk/; revision=30253
|
|
is ndr64 or not, from the bind information to the data we store for each
individual pdu, since the trnasport syntax may change dynamically back
and forth between "normal" and "ndr64" on the same conversation.
svn path=/trunk/; revision=30226
|
|
Recent glib versions always include signal.h in gbacktrace.h
On Linux PPC signal.h defines PT_R4 which is also defined by samba and
compilation fails.
svn path=/trunk/; revision=28727
|
|
svn path=/trunk/; revision=26319
|
|
add dissection of the 16 byte header prior to the NDR data when NDR is
transported as a blob ontop of !dcerpc
like the LOGON_INFO in the PAC in kerberos
svn path=/trunk/; revision=24289
|
|
rename dcerpc_smb_fetch_pol to dcerpc_fetch_polhnd_data and also make
it take an additional parameter to return the "type" of the policy
handle, if such a type was stored.
extend the pol_value structure used to track policy handles to also
store a type to represent what created the policy handle
types could be USER/ALIAS/CONNECT/... etc handles returned from the
SAMR interface
add a new helper function dcerpc_store_polhnd_type()
track policy handles between request/responses for dcerpc
update the samr.cnf file to make the samr dissectors for
SetSecurity/QuerySecurity dissect the specific bits for the security
descriptor correctly based on whether the policy handle refers to a
CONNECT/DOMAIN/USER/ALIAS or GROUP
svn path=/trunk/; revision=22703
|
|
prettify strings
svn path=/trunk/; revision=21722
|
|
svn path=/trunk/; revision=20941
|
|
which applies (for now only) to integer types.
when this flag is specified as PARAM_VALUE the fields name and its value will be pushed onto the info column of the summary line
svn path=/trunk/; revision=20922
|
|
also change their values to use the top order bits of an uint32 instead of the least significant ones
svn path=/trunk/; revision=20919
|
|
these new helpers take a parameter that can be used to decorate the tree and summary line (when this parameter is acted upon/implemented in the code inside the helpers)
WINREG was regenerated using a patched version of PIDL. Mainline version of PIDL does not yet have this patch applied.
svn path=/trunk/; revision=20918
|
|
dissector functions (dcv->private_data) for things such as strings and sids is a mess and very difficult to handle without a lot of memory leakage.
the biggest problem in changing this is the dcv->private_data usage.
add a dcv->se_data which can keep data around from a request to a response and use this to change the LSA/OpenPolicy2 servername passing from request to response as a test pattern of moving all users of dcv->private data over to use dcv->se_data.
once all users are migrated over we can then change the dcv->private data pointer to be of ep scope and thus not need an explicit free (which is quite difficult and it is quite difficult in the old semantics to know WHEN we need to free this pointer)
this will eventually make the usage more clean and at the same time close down quite a few memory leaks.
eventually this will make dissect_ndr_nt_SID return a pointer to ep allocated memory that need not be explicitely freed.
svn path=/trunk/; revision=19226
|
|
most of the relevant code moved to guid_utils
lot of corresponding code cleanup in packet-dcerpc.c
still using GHashTable
still not using a manuf like file
svn path=/trunk/; revision=18939
|
|
svn path=/trunk/; revision=18613
|
|
char * (just like all the other dissect_dcerpc_...() functions).
This should fix some "differ in signedness" warnings (and maybe will raise new ones, which should be fixed at the calling places then)
svn path=/trunk/; revision=18605
|
|
definition in the Catapult DCT2000 code.
svn path=/trunk/; revision=18524
|
|
svn path=/trunk/; revision=18196
|
|
svn path=/trunk/; revision=15079
|
|
svn path=/trunk/; revision=15067
|
|
(presumably-)harmless-but-otherwise-unremovable const-to-nonconst
warnings.
In the TACACS dissector, clean up the variables used in option parsing
to avoid some const-to-nonconst warnings.
Clean up some white space.
svn path=/trunk/; revision=15043
|
|
svn path=/trunk/; revision=15015
|
|
cerlare it as a parameter that is a struct/union and not a ref pointer to one.
this is ok since toplevel ref pointers are invisible in the wire encoding anyway.
unfortunatelky ethereal dce runtime needed to see that pointer to keep track of whisch one was a toplevel and which one wasnt.
implement a new api to call pointers which explicitely specifies whether the pointer is toplevel or embedded.
eventually all dce dissectors will use this new interface and the generic dissect_ndr_pointer() can be retired.
svn path=/trunk/; revision=13755
|
|
dcerpc_auth_subdissector_fns structure.
the SignAndSeal decryption (which works really well) needs this.
svn path=/trunk/; revision=13688
|
|
change the decodeas for dcerpc so that it actually works again for dcerpc over smb
svn path=/trunk/; revision=13515
|
|
svn path=/trunk/; revision=13399
|
|
strings that we already support
svn path=/trunk/; revision=13278
|
|
svn path=/trunk/; revision=13198
|
|
svn path=/trunk/; revision=13185
|
|
64 bit integer but in reality is a struct containing 2 32bit integers.
this construct is aligned on 4 byte boundaries in ndr and NOT
8 bytes as a real uint64 (== hyper) would be.
rename the existing dissect_ndr_uint64 ro dissect_ndr_duint32 (double uint32) to make it reflect better the alignment of the type.
svn path=/trunk/; revision=13184
|
