| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Two interlocking problems cause the dissection of FC to fail in some cases,
as shown in the capture of the related issue.
The FC dissector assumes that ETHERTYPE_UNK in the data structure passed
to it is coming from the MDS header dissector only, and thus that header
sizes have to be taken into account. This is not / no longer the case.
It always passes down ETHERTYPE_FCFT. Therefore the MDS header size
checking does not apply to ETHERTYP_UNK, so is removed as condition.
The other FC related dissectors were forced to setup a data structure to
pass to FC for it to handle that part of the frame. Because these weren't
related to ethernet, these lazily set the ethertype field in the data
structure to 0. This unfortunately matches ETHERTYPE_UNK, triggering the
MDS header size checking in FC, leading to this issue. With the first
problem resolved, now make it explicit that unknown ethertype is indicated
by ETHERTYPE_UNK, not '0'.
Addresses primary part of issue #17084
|
|
The static arrays are supposed to be arrays of const pointers to int,
not arrays of non-const pointers to const int.
Fixing that means some bugs (scribbling on what's *supposed* to be a
const array) will be caught (see packet-ieee80211-radiotap.c for
examples, the first of which inspired this change and the second of
which was discovered while testing compiles with this change), and
removes the need for some annoying casts.
Also make some of those arrays static while we're at it.
Update documentation and dissector-generator tools.
Change-Id: I789da5fc60aadc15797cefecfd9a9fbe9a130ccc
Reviewed-on: https://code.wireshark.org/review/37517
Petri-Dish: Guy Harris <gharris@sonic.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Ib7c50b55942220d48de025642154b4bf3f39c8a2
Reviewed-on: https://code.wireshark.org/review/9074
Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
|
|
The return values of new-style dissectors always use the captured length, so
replace those automagically with sed.
Change-Id: Ic43072ee4a80d433cd4264444583a0e670adc26a
Reviewed-on: https://code.wireshark.org/review/9065
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
proto_tree_add_bitmask_[value|value_with_flags|list]
Part 2 of a few
Change-Id: Ic1f1aafe2ed02dce95b15c03a91cbd68807a5cf4
Reviewed-on: https://code.wireshark.org/review/8165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Third batch (packet-icmpv6.c -> packet-mac-lte.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Ib91e36ad200db01c3000605f6a7a21125b96a640
Reviewed-on: https://code.wireshark.org/review/6018
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I8e9c58b75eea85877d22024201e5d8d0e9a3dbfd
Reviewed-on: https://code.wireshark.org/review/4459
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I4497f1b8b6eab0e576d9dd31b732965f9a6679c6
Reviewed-on: https://code.wireshark.org/review/4124
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I7e016f10fcfdc0523bf2fe8c11295c0334f7c332
Reviewed-on: https://code.wireshark.org/review/2694
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Hopefully that name makes it clear what the routiner's purpose is, and
will encourage people to use it rather than using dissector_add_uint()
with a bogus integer value.
Change-Id: Ic5be456d0ad40b176aab01712ab7b13aed5de2a8
Reviewed-on: https://code.wireshark.org/review/2483
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
tvb_new_subset -> tvb_new_subset_remaining it appears that's what the intention is.
Change-Id: I2334bbf3f10475b3c22391392fc8b6864454de2d
Reviewed-on: https://code.wireshark.org/review/1999
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
any actual difference)..
Change-Id: I0766d0f130648aaa5a58d9f4062fa24e898cbdc3
Reviewed-on: https://code.wireshark.org/review/545
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54594
|
|
svn path=/trunk/; revision=54089
|
|
fc_hdr or fc_data_t structure passed between all necessary dissectors.
svn path=/trunk/; revision=53569
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
|
svn path=/trunk/; revision=45017
|
|
Add new parameter 'data' to heur_dissector_t and new_dissector_t, for now it's always NULL
svn path=/trunk/; revision=44860
|
|
svn path=/trunk/; revision=43907
|
|
svn path=/trunk/; revision=43538
|
|
In a few cases: do some whitespace, indentation cleanup & reformatting.
svn path=/trunk/; revision=42632
|
|
svn path=/trunk/; revision=42513
|
|
non-autogenerated epan/dissectors:
Specifically: Replace FALSE|0 and TRUE|1 by ENC_BIG_ENDIAN|ENC_LITTLE_ENDIAN as
the encoding parameter for proto_tree_add_item() calls which directly reference
an item in hf[] which has a type of:
FT_UINT8
FT_UINT16
FT_UINT24
FT_UINT32
FT_UINT64
FT_INT8
FT_INT16
FT_INT24
FT_INT32
FT_INT64
FT_FLOAT
FT_DOUBLE
svn path=/trunk/; revision=39288
|
|
http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
svn path=/trunk/; revision=32790
|
|
svn path=/trunk/; revision=32410
|
|
svn path=/trunk/; revision=32367
|
|
svn path=/trunk/; revision=29345
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
svn path=/trunk/; revision=26091
|
|
The get_ifcp_pdu_len() call used for the tcp_dissect_pdus() call does not mask
off the frame length properly. The result is that the "Flags" field
incorrectly becomes the high order part of the Frame Length.
svn path=/trunk/; revision=25416
|
|
RFC 4172 section 5.3.1 shows a chart of the iFCP encapsulated Header Format.
It says that bytes 4-7 MUST be zeros. In reality most vendors are putting some
information in these 4 bytes, particularly Nishon. This caused almost all iFCP
packets to not be decoded for this vendor.
svn path=/trunk/; revision=25415
|
|
tcp_dissect_pdus() to also include a packet_info pointer.
there are many reasons why some protocols actually need to be able to access the pinfo structure while determining the pdu size
svn path=/trunk/; revision=19751
|
|
svn path=/trunk/; revision=18196
|
|
remove the port preference setting and replace it with strong heuristics instead
(attempt but fail to set a conversation dissector when the heuristics and the dissection match)
use tcp_dissect_pdus() for reassembly and pdu tracking and get rid of the try-to-step-through-the-pdu-to-find-where-the-next-pdu-starts thing.
svn path=/trunk/; revision=17804
|
|
Remove svn:executable
Add svn:eol-style native
Add svn:keywords Id
svn path=/trunk/; revision=15179
|
|
The FC D_id and S_id fields in teh FC frame encapsulated inside iFCP unfortunately has "undefined" (semi-random) values so we can not use th S_/D_id matching in FC when transported atop iFCP.
Change iFCP to call a new fc_ifcp handler instead of the fc handler.
Add a new handler to FC specific to iFCP.
Only set the pinfo->src/dst fields to the S_id/D_id fields IFF the FC frame was NOT transported ontop of iFCP.
Othervise we just use the TCP/IP values that are already stored there.
Some Hosts use RelativeOffset fields for FC. We can only dissect the RelOff field with offset 0.
Change FC to only call the FCP subdissector if offset==0 when relative offsets are used.
Some hosts when using relative offsets do not specify a proper value for rxid in teh commands instead htey lkeave it as 0xffff
Change the FCP conversation matching to ignore RXID when searching for a conversation.
svn path=/trunk/; revision=15076
|
|
fix multiple pdus in one segment
svn path=/trunk/; revision=15069
|
