Age | Commit message (Collapse) | Author | Files | Lines |
|
If an ASN.1 dissector is calling register_dissector for itself in its proto_register_xxx
function and then calling find_dissector for itself in its proto_reg_handoff_xxx
function then just create a static handle for that dissector and use the return
value of register_dissector, so the find isn't necessary.
Change-Id: I911bdadc2fb4259601c141b955e741a2369cc447
Reviewed-on: https://code.wireshark.org/review/16233
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
and generate the modified dissector dissector
Change-Id: Iad745b9e0e8ab0bc055da7f26ec0822433897db7
Reviewed-on: https://code.wireshark.org/review/15977
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ic644042d238b5f2abcd874bca92c6dea55804ba9
Reviewed-on: https://code.wireshark.org/review/15913
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Done for performance improvements.
This could probably be done in checkAPIs.pl, but this was just
a quick manual check with grepping.
Change-Id: I91ff102cb528bb00fa2f65489de53890e7e46f2d
Reviewed-on: https://code.wireshark.org/review/15751
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
|
|
Change-Id: Id86d17f1e321b8cc73fb732aaf674e1420a0a745
Reviewed-on: https://code.wireshark.org/review/15737
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I4bf861ed9e6b767341f2cbd4e926606d4919f2ef
Reviewed-on: https://code.wireshark.org/review/15041
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The simple bind credential is a string. This commit changes the
ldap.simple field to FT_STRING.
Change-Id: If98f7d481994ca187668c75631de8913cdd4c865
Reviewed-on: https://code.wireshark.org/review/14933
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will make it easier to determine protocol dependencies.
Some LLC OUI dissector tables didn't have an associated protocol, so they were left without one (-1 used)
Change-Id: I6339f16476510ef3f393d6fb5d8946419bfb4b7d
Reviewed-on: https://code.wireshark.org/review/14446
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I1208fe3c2ba428995526f561e8f792b8d871e9a9
Reviewed-on: https://code.wireshark.org/review/14388
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Add fields for the absolute time stamp (and another field for a presence
flag for the absolute time stamp) and the packet encapsulation for the
packet.
This lets us remove the field for the packet encapsulation in the
frame_data structure; do so.
Change-Id: Ifb910a9a192414e2a53086f3f7b97f39ed36aa39
Reviewed-on: https://code.wireshark.org/review/13499
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I3e2e3143f66db62c416fd7031d290e2a5b21fa93
Reviewed-on: https://code.wireshark.org/review/12677
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
names that were generated from asn2wrs.py
This includes:
1. new_create_dissector_handle -> create_dissector_handle
2. new_register_dissector -> register_dissector
3. new_register_ber_oid_dissector -> register_ber_oid_dissector
4. new_register_ber_syntax_dissector -> register_ber_syntax_dissector
Also remove PDU_NEW, SYNTAX_NEW and REGISTER_NEW as there is no need for the distinction anymore.
Change-Id: I82c7de7c8ffeeab3259d1b55bb4afc5f6a1e0329
Reviewed-on: https://code.wireshark.org/review/12491
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I7b794cba2feda2cae40411e2b1cb9fb091d08220
Reviewed-on: https://code.wireshark.org/review/12480
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I6da4bd1a6c82b9d46566bb52d5c01f250db88b1f
Reviewed-on: https://code.wireshark.org/review/12234
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 11761
Change-Id: Icd955b848edc9f802331f25ab1b8684aa2631553
Reviewed-on: https://code.wireshark.org/review/12184
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I3d7a61a5ddd79b7bcbec5b9c515470848f413fd5
Reviewed-on: https://code.wireshark.org/review/12121
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
dissector_add_string directly.
Change-Id: I307ee31562a5a84bc62691f367e3b8df3cb3f244
Reviewed-on: https://code.wireshark.org/review/12097
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since ssl_dissector_[add|delete] only take TCP dissectors, remove the parameter and just use it within the "internal" ssl_association_add call.
Change-Id: I0fdf941389934c20cbacf910250e17520614e706
Reviewed-on: https://code.wireshark.org/review/11591
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The target here is the Decode As dialog where protocols have multiple registrations into a dissector table and that shows up as multiple entries in the Decode As dialog list with the same name so users are unsure which "dissector" they are choosing.
The "default" behavior (done in this commit) is to not allow duplicates for a dissector table, whether its part of Decode As or not. It's just ENFORCED for Decode As.
Bug: 3949
Change-Id: Ibe14fa61aaeca0881f9cc39b78799e314b5e8127
Reviewed-on: https://code.wireshark.org/review/11405
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It ends up dragging in libwireshark headers, which programs not linking
with libwireshark shouldn't do. In particular, including
<epan/address.h> causes some functions that refer to libwireshark
functions to be defined if the compiler doesn't handle "static inline"
the way GCC does, and you end up requiring libwireshark even though you
shouldn't require it.
Move plurality() to wsutil/str_util.h, so that non-libwireshark code can
get it without include epan/packet.h. Fix includes as necessary.
Change-Id: Ie4819719da4c2b349f61445112aa419e99b977d3
Reviewed-on: https://code.wireshark.org/review/11545
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
packet_info.
This can hopefully lead to the removal of the GSS-API specific members of the packet_info structure.
Change-Id: I7622d66e9f02c6e4cb76adcf0737b35c6ec88cdd
Reviewed-on: https://code.wireshark.org/review/11509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This is initial support for reloading Lua plugins without
restarting the application.
Still todo:
- Deregister FileHandlers
- Support deregister ProtoField with existing abbrev (same_name_hfinfo)
- Add a progress dialog when reloading many plugins
- Search for memory leakages in wslua functions
Change-Id: I48870d8741251705ca15ffe1068613fcb0cb18c1
Reviewed-on: https://code.wireshark.org/review/5028
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
General approach:
1. Split allocation (e.g. g_hash_table_new) from deallocation
(g_hash_table_destroy) into functions named "init" and "cleanup".
2. Remove guards that test whether the hash tables are set as
init is always called before cleanup.
3. Remove setting hash tables to NULL after destruction.
4. Copy register_init_routine function call and change init to cleanup.
5. Add cleanup function that calls reassembly_table_destroy if there
is a reassembly_table_init function.
Some templates were modified as follows:
- snmp: split renew into init+cleanup, but keep renew for the uat_new
callback.
- ldap,ros: Rename init to cleanup as there was no initialization.
- camel: remove init function from header, make it static. Remove debug
print.
- tcap: remove unused ssn_range assignment.
Files in epan/ were regenerated using cmake && make asn1
Change-Id: Idac16ebf0ec304e0c8becaab5d32904e56eb69b9
Reviewed-on: https://code.wireshark.org/review/9136
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Create "common" SRT tap data collection intended for all GUIs. Refactor/merge functionality of existing dissectors that have SRT support (AFP, DCERPC, Diameter, FC, GTP, LDAP, NCP, RPC, SCIS, SMB, and SMB2) for both TShark and GTK.
SMB and DCERPC "tap packet filtering" were different between TShark and GTK, so I went with GTK filter logic.
CAMEL "tap packet filtering" was different between TShark and GTK, so GTK filtering logic was pushed to the dissector and the TShark tap was left alone.
Change-Id: I7d6eaad0673fe628ef337f9165d7ed94f4a5e1cc
Reviewed-on: https://code.wireshark.org/review/8894
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This fixes a number of recent fuzz failures.
Bug: 11195
Change-Id: Ifa6cc380fd3f610469d3c795e234e6986cfaf674
Reviewed-on: https://code.wireshark.org/review/8699
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Bug: 9363
Change-Id: Ic64716ef0156607ca40773cef8e76fc4a0825b3c
Reviewed-on: https://code.wireshark.org/review/8196
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
proto_tree_add_bitmask_[value|value_with_flags|list]
Part 2 of a few
Change-Id: Ic1f1aafe2ed02dce95b15c03a91cbd68807a5cf4
Reviewed-on: https://code.wireshark.org/review/8165
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9c8bf6beec47afb901e492723b335a28a24f455e
Reviewed-on: https://code.wireshark.org/review/8004
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Ping-Bug: 9398
Change-Id: I163d3dc99562b3388470c58d05e2d4d2e2f6d00c
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-on: https://code.wireshark.org/review/7477
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
That eliminates a redundant and confusing data type, and avoids issues
with one piece of code using e_uuid_t but wanting to use routines
expecting an e_guid_t.
Change-Id: I95e172d46d342ab40f6254300ecbd2a0530cde60
Reviewed-on: https://code.wireshark.org/review/7506
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
I guess the signature mismatch must just be a warning with Clang; it's
not with MSVC.
Change-Id: Ic1f4cb88471f7e13019e891f111978310dfada73
Reviewed-on: https://code.wireshark.org/review/7225
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
RFC 2830 describes the Start TLS operation as follows:
1. ExtendedRequest is sent by client with the requestName OID set to
"1.3.6.1.4.1.1466.20037".
2. Server responds with an ExtendedResponse having a resultCode and
optionally a responseName (OID).
The text mentions that the field *must* be set but the definition allows
it to be optional. The previous code then made assumption that once (1)
was seen, then any ExtendedResponse signals an acknowledgement.
That is not entirely correct, a server could reject the request. This
patch corrects that by checking the ExtendedResponse_resultCode for
success, and then uses the new ssl_starttls_ack() helper to kick off
SSL. This simplifies the code a bit.
Tested against ldap-ssl.pcapng (which has no responseName) from
http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys
The result is the same as before, except that "Protocols in frame"
changed from "...:ldap:ssl:ldap" to "...:ssl:ldap".
Change-Id: Id7e40c5a50a217c4d3d46f08241d704f19d195dd
Reviewed-on: https://code.wireshark.org/review/6982
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
There are a few oid functions that are only called in oids_test.c. I'll presume the APIs are used in proprietary dissectors rather than just remove them.
Change-Id: I4595e00f93bf9ab8cf2493fe0432b91960f55a3f
Reviewed-on: https://code.wireshark.org/review/6592
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
afterwards
Change-Id: I5d79d3e48c1ad83713a312dce39b749f47b0ecc8
Reviewed-on: https://code.wireshark.org/review/6612
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
UAT error strings are usually allocated by g_strdup() or
g_strdup_printf(), and must ultimately be freed by the caller.
Make the pointer-to-error-string-pointer arguments to various functions
be "char **", not "const char **".
Fix cases that finds where a raw string was being used, as that won't
work if you try to free it; g_strdup() it instead.
Add a missing free of an error string.
Remove some no-longer-necessary casts.
Remove some unnecessary g_strdup()s (the string being handed to it was
already g_malloc()ated).
Change some variable declarations to match.
Put in XXX comments for some cases where the error string is just freed,
without being shown to the user.
Change-Id: I40297746a2ef729c56763baeddbb0842386fa0d0
Reviewed-on: https://code.wireshark.org/review/6525
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I36b2731d67f9345d2fd0c23800bba7d2be94c387
Reviewed-on: https://code.wireshark.org/review/6008
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I2a06b13528ad7dfc587bfb9c1333d4f7a497614e
Reviewed-on: https://code.wireshark.org/review/5684
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This improvement avoids use of deallocated memory (crash) if using a
deregistered field in display filter, color filter, custom column and
other cases when the field is used as "interesting field".
This functionality is currently used in http, imf and ldap preferences.
Also removed unused proto_registrar_n() as this does not work correctly
after deregistering fields.
Change-Id: I043e3bf7a98bd773c9801e712a012d1eab8a7f94
Reviewed-on: https://code.wireshark.org/review/5161
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I9e2cd7a9fed33fc2f4b0c0da3603690450f6952d
Reviewed-on: https://code.wireshark.org/review/4809
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Iceeaa94a80543570a720281ac39d3ccd9ac924fa
Reviewed-on: https://code.wireshark.org/review/4699
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: I1a317b19d8076588c9305dae6287bb80cc14da64
Reviewed-on: https://code.wireshark.org/review/4494
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Change-Id: Ia6c3e7a25615bf8e052c3bacf096d76df775c9c2
Reviewed-on: https://code.wireshark.org/review/4126
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
The captured length reflects the way the capture was done; it should not
affect actual lengths used in the dissection.
Don't fetch the version until we need it; that lets us dissect more of
the packet if the previous change caused us to throw an exception trying
to fetch the version from the correct location rather than not throwing
an exception by fetching it from an incorrect location that happens to
be within the captured data.
Change-Id: I9f63afd4ef51f46c19b3afd2a651a5bb768fecaf
Reviewed-on: https://code.wireshark.org/review/4101
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie43c3a55aa954c1ec640ec90c74356b2b19e4156
Reviewed-on: https://code.wireshark.org/review/4100
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This mostly involved adding expert info capabilities to many of the dissectors so that they could correctly flag error conditions.
Only remaining proto_tree_add_text calls are in H248.cnf, which has a convoluted way of using hf_ data to make its tree.
Change-Id: I6412150c2ec1977d7fa38f3f0ed416680bdfb141
Reviewed-on: https://code.wireshark.org/review/3500
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They were actually necessary.
Bug:10224
Change-Id: I9973bf7bab670d12e5b90bb2a57e99f9125d6a07
Reviewed-on: https://code.wireshark.org/review/2632
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I753ca95e2e1b38bad2c09955317e648c525e40ef
Reviewed-on: https://code.wireshark.org/review/2509
Tested-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|