| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Move the boolean flag for using captured DNS packet info for name resolution
to the Name Resolution preferences settings, as it was rather surprising to
disable Name Resolution preferences and still have names being resolved. Also
disble them all if the '-n' command line switch is used, and re-enable it for
a 'd' character in the '-N' option.
Bug: 10337
Change-Id: Ie4d47bab0100db3360cc447cd3e446b2e39aa917
Reviewed-on: https://code.wireshark.org/review/9786
Petri-Dish: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Change-Id: I4f1042cebe527874c3f890411f5e44aa71da5d28
Reviewed-on: https://code.wireshark.org/review/7732
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ida53904b4db1ca982055de267ce6f4fdcedd248b
Reviewed-on: https://code.wireshark.org/review/7701
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I78376c5578ee1f1871260db478a9c0d994f5bd38
RFC6594: Use of the SHA-256 Algorithm with RSA, Digital Signature Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP Resource Records
RFC7479: Using Ed25519 in SSHFP Resource Records
Reviewed-on: https://code.wireshark.org/review/7654
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add the ability to set frame number types: none, request, or response.
Use the types to draw different related packet indicators in the packet
list.
Track the conversation in PacketListRecord. Use it to draw dashed lines
for unrelated frames.
Set frame number types for DNS and ICMP.
Instead of drawing a transparent QImage, alpha blend our foreground
color and draw directly in our painter. Blend more toward the foreground
color.
Add FRAMENUM_TYPE to checkAPIs.
Change-Id: I2495945bb436413e05d6ec697184a0b4fd5ad214
Reviewed-on: https://code.wireshark.org/review/7436
Reviewed-by: Gerald Combs <gerald@wireshark.org>
|
|
When DNS Client Subnet length is > 16, the limit coming from avoid stack smashing with tvb_memcpy
Issue reported by Boaz
Bug:10988
Change-Id: I6103ba47fac9817410c7fc399c18e96c66ab8438
Reviewed-on: https://code.wireshark.org/review/7308
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The DNS packet's 3rd additional RR is a LOC RR.
In the LOC RR, Wireshark marks the Size field with meters unit.
However, the Horizontal and Vertical Precision fields have no units
Issue reported by Boaz
Bug:10940
Change-Id: If177757d2bba6ea012a320aceaea2f8d8e50155c
Reviewed-on: https://code.wireshark.org/review/7014
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Adjust any other ep_ related APIs related to the transition.
Change-Id: I961b371c2c4bda557e0f1817705c27eef0dae66c
Reviewed-on: https://code.wireshark.org/review/6388
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2c5b662f6b46d60a97a491ca8ec01b3f0e41fa56
Reviewed-on: https://code.wireshark.org/review/6338
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This affects both the dissector (that has been added with a tap interface and a stats generator) and the UI (to recall the stats menu).
Change-Id: I90658f7aa6707aa39bdd787a51b20fed4dbddc53
Reviewed-on: https://code.wireshark.org/review/6236
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Bug: 10816
Change-Id: Ifd036148f9f2e76516913bda11cf07fdb63def94
Reviewed-on: https://code.wireshark.org/review/6174
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Change-Id: I1d258923a7a63539ec8456d3e306bca5016a1e4b
Reviewed-on: https://code.wireshark.org/review/6060
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I3681462aeb98ca62ed3ec5eb226b2553317391a9
Reviewed-on: https://code.wireshark.org/review/5997
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(for some dissectors which fetch all other integral fields using
ENC_BIG_ENDIAN).
Change-Id: Ic18e3172aad76af12b12d6732c88497be22aed56
Reviewed-on: https://code.wireshark.org/review/5748
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I33a9a54a318a1a3ea106f4531db4e79a6b6d42ac
Reviewed-on: https://code.wireshark.org/review/5716
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I9242300b2ace3155c1506b584a90f073100a305e
Reviewed-on: https://code.wireshark.org/review/5512
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: Ib0bffc6d5e4bd6b68f48a843b4b4cab7422aceb7
Reviewed-on: https://code.wireshark.org/review/5476
Reviewed-by: Stephen Fisher <sfisher@sdf.org>
|
|
It seems the Replacement Length field calculated by Wireshark (which Wireshark calls "rReplacement Length"), is the length of the first label of the DNS name in the Replacement, instead of the entire DNS name length.
Issue found by Boaz
Bug:10700
Change-Id: I8b726f3a3bf316d688a40c3ade100d255ca3be42
Reviewed-on: https://code.wireshark.org/review/5300
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
In the attached pcap file, there's a single DNS packet with WKS RR in the Prerequisites section.
The Protocol field of this RR is read as if it is 4 bytes long instead of 1, which actually reads part of the bytes of the following RR.
Found by boaz
Bug:10675
Change-Id: Icf12c7f3864b629a242598373c06eee4de0ca098
Reviewed-on: https://code.wireshark.org/review/5170
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 10674
Change-Id: I44297bfa64c31ab53d2aa61b6e54253b7a5a1e27
Reviewed-on: https://code.wireshark.org/review/5167
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
when transaction id is reused
Bug: 10657
Change-Id: Id4356dcd6802da40b4a3e2e2095cc9d2932c2c68
Reviewed-on: https://code.wireshark.org/review/5100
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: Ia5747a5d0c8c63b7471de624c96e546c7bbfbf57
Reviewed-on: https://code.wireshark.org/review/5064
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 10650
Change-Id: I3411d4e5ef534a663940974d98c351976005ee8e
Reviewed-on: https://code.wireshark.org/review/5057
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
Bug: 10652
Change-Id: Ibd119177feecd27d0c6baba255e7e3da37b131bd
Reviewed-on: https://code.wireshark.org/review/5043
Tested-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
The queries RRs and answers RRs are parsed fine.
However, only the first 2 authoritative RRs are parsed and none of the 3 additional RRs are parsed.
The second authoritative RR is of type NXT, and even though it has data length of 9, Wireshark reads all the bytes until the end of the packet as if they are part of bitmap in this RR (it reads 317 bytes too many).
This causes it to not parse the rest of the RRs correctly.
Found by boaz
Bug:10615
Change-Id: I22e5987c44a11399b07c3106fbb70c6e9e867afe
Reviewed-on: https://code.wireshark.org/review/4940
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Some other cleanup while in the neighborhood. Not sure the all the proto_tree_add_expert calls are needed after each field (having implicit bounds error thrown should be sufficient), but left them in there.
Change-Id: I3ca75ec9f51ccbed6b6ca792789daa8e7cebf34a
Reviewed-on: https://code.wireshark.org/review/4574
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
For:
- FT_BYTES: Always use just ENC_NA
- integral/floating (other than FT_[U]INT8): Do ENC_NA --> ENC_BIG_ENDIAN
Also:
- FT_UINT... --> FT_UINT8 in a few cases (to match proto_tree_add_item...)
- Change one case of incorrect '||' to '|'
Change-Id: I427e0e61618ff8faf55691c8a695930f67d455b0
Reviewed-on: https://code.wireshark.org/review/4184
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Not yet tested on real dns traffic
Update also last updated DNS parameters (2014-08-12)
Change-Id: I6109d585584e5fca11c606a2230d8ef89cdbf7b6
Reviewed-on: https://code.wireshark.org/review/3870
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
(draft-ietf-dnsop-delegation-trust-maintainance-14)
Use DS dissector for CDS (see section 3.1) and DNSKEY dissector for CDNSKEY (see section 3.2)
Change-Id: I2ee11dc0eb2b5c74447b58604b1611ed249bc329
Reviewed-on: https://code.wireshark.org/review/3869
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I2b18ccb874a51e5e752462a34175df8d8a90ce41
Reviewed-on: https://code.wireshark.org/review/3868
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Other minor cleanup while in the area.
Change-Id: Id8d957d3d68a2e3dd5089f490bd59d773e1be967
Reviewed-on: https://code.wireshark.org/review/3427
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie983ba3b88102c4f3749ab2f13d519eb78838bbc
Reviewed-on: https://code.wireshark.org/review/3410
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I2db7bf6a80a34540aa90a3362566ac399b1c3644
Reviewed-on: https://code.wireshark.org/review/3101
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I2ea1892b5963cc5578cbdd2b03029ca8424f2267
Reviewed-on: https://code.wireshark.org/review/2640
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I24fe3cc4a3589dadc4528a77fe7ff13d06b1a983
Reviewed-on: https://code.wireshark.org/review/2245
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
tvb_length -> tvb_reported_length
tvb_get_string -> tvb_get_string_enc
Change-Id: Ia511f0e9d3f8ae3d7a1a965431016336ec47188d
Reviewed-on: https://code.wireshark.org/review/1660
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
http://tools.ietf.org/html/rfc7218
Change-Id: Icd276c6cb4680aa53b081c239cb8eb2d8fc109c6
Reviewed-on: https://code.wireshark.org/review/1659
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ia97aa45ff0fc52fb21d2e864d1ca328646de547b
Reviewed-on: https://code.wireshark.org/review/1429
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
red/black tree to hash map
Update the readme file accordingly
Change-Id: I056d1ab1f77df641b83fa9b3618b6c25d66e1a83
Reviewed-on: https://code.wireshark.org/review/1420
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Add ep_ to routines that may return ephemeral strings.
Change "get_XXX" to "XXX_to_display" if the routine returns a formatted
string if it can't get a name.
Change-Id: Ia0e82784349752cf4285bf82788316c9588fdd88
Reviewed-on: https://code.wireshark.org/review/1217
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Z field of edns0 in Additinal records is decoded to text description incorrectly (wrong bitmask)
Found by Jittinan Suwanrueangsri
Closed-Bug: 9767
Change-Id: I8171b211cce79cb096a0f354764992f5cb18617c
Reviewed-on: https://code.wireshark.org/review/226
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
svn path=/trunk/; revision=54962
|
|
buffers. Remove two unused functions.
svn path=/trunk/; revision=54250
|
|
svn path=/trunk/; revision=54088
|
|
svn path=/trunk/; revision=53230
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
