Age | Commit message (Collapse) | Author | Files | Lines |
|
The PGSQL "STARTTLS" protocol is documented at
http://www.postgresql.org/docs/9.4/static/protocol-flow.html
While at it, convert some tvb_length[_remaining] users.
Tested against pgsql-ssl.pcapng,
Tested against imap-ssl.pcapng,
http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys
Change-Id: I1a00a6daa7f03de93339c2c13b07b4cfb8cdbd86
Reviewed-on: https://code.wireshark.org/review/6821
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Fourth batch (packet-mac-lte.c -> packet-rtp.c).
Will look at cleaning up and committing script afterwards.
Change-Id: Id921f07f4b274f0cfb77ce81abe4a285fdb8b644
Reviewed-on: https://code.wireshark.org/review/6023
Petri-Dish: Martin Mathieson <martin.r.mathieson@googlemail.com>
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(for some dissectors which fetch all other integral fields using
ENC_BIG_ENDIAN).
Change-Id: Ic18e3172aad76af12b12d6732c88497be22aed56
Reviewed-on: https://code.wireshark.org/review/5748
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I1ad94654343e5a018a0b3159481d45ffb3a91263
Reviewed-on: https://code.wireshark.org/review/4363
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Other minor cleanups while in the area.
Change-Id: I8ea59205cfe6fab643d8fe01b75ce91532004fd9
Reviewed-on: https://code.wireshark.org/review/4004
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I8df48b25de784a48a25f0e48aac1e1545ed92c35
Reviewed-on: https://code.wireshark.org/review/2865
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I63a3704effe3fcab01a193dc39b6a22e9f1cf3fe
Reviewed-on: https://code.wireshark.org/review/2376
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=54085
|
|
Add support for new PostgreSQL (9.3) error/notice message fields
Improves the PostgreSQL protocol dissector by adding support for the new error and notice fields which are new in PG 9.3:
http://www.postgresql.org/docs/9.3/interactive/protocol-error-fields.html
In particular, it adds support for the 'p', 'q', 's', 't', 'c', 'd', and 'n' field codes.
From me :
Fix wrong hf name...
svn path=/trunk/; revision=53431
|
|
"new" style dissectors.
Now that "bytes consumed" can be determined, should tcp_dissect_pdus() take advantage of that?
Should tcp_dissect_pdus return length (bytes consumed)? There are many dissectors that just call tcp_dissect_pdus() then return tvb_length(tvb). Seems like that could all be rolled into one.
svn path=/trunk/; revision=53198
|
|
- tvb_get_g_stringz()/tvb_get_ephemeral_stringz()/tvb_get_seasonal_stringz() -> tvb_get_stringz()
- tvb_get_g_stringz_enc()/tvb_get_ephemeral_stringz_enc() -> tvb_get_stringz_enc()
- tvb_get_ephemeral_unicode_stringz() -> tvb_get_unicode_stringz()
- tvb_bcd_dig_to_ep_str() -> tvb_bcd_dig_to_wmem_packet_str()
- update docs accordingly
svn path=/trunk/; revision=52180
|
|
This leaves just the Pidl dissectors remaining for removal of check_col() in the dissectors directory. A small handful of check_col() calls remain outside of the dissectors.
svn path=/trunk/; revision=49941
|
|
svn path=/trunk/; revision=49938
|
|
svn path=/trunk/; revision=45017
|
|
Also (for a few files):
- create/use some extended value strings;
- remove unneeded #include files;
- remove unneeded variable initialization;
- re-order fcns slightly so prefs_reg_handoff...() at end, etc
svn path=/trunk/; revision=44438
|
|
svn path=/trunk/; revision=43538
|
|
svn path=/trunk/; revision=43091
|
|
FT_STRINGZ, FT_UINT_STRING as follows:
1. If there's no character encoding (ENC_ASCII, ...) specified
then use ENC_ASCII.
2. For all but FT_UINT_STRING, always use ENC_NA
(replacing any existing True/1/FALSE/0
/ENC_BIG_ENDIAN/ENC_LITTLE_ENDIAN).
svn path=/trunk/; revision=39426
|
|
- Don't use 'l' as a variable name;
- Use 'tvb_strsize();proto_tree_add_item();' iso 'tvb_get_ephemeral_stringz(); proto_tree_add_string();'
- Use ENC_NA/ENC_BIG_ENDIAN iso FALSE as appropriate for proto_tree_add_item().
svn path=/trunk/; revision=39047
|
|
supported by the PostgreSQL dissector.
"The PostgreSQL dissector do not fully support the frontend StartupMessage (see
"StartupMessage" in
http://developer.postgresql.org/pgdocs/postgres/protocol-message-formats.html).
The couples parameter name/parameter value in this kind of message are reported
as a block of text ("name: value") by the dissector whereas reporting them as
parameter name/parameter value would be more appropriate.
I've fixed it, so now the username and the database sent by the frontend can be
handled in, for instance, the CSV output of TShark.
I've also added a "val_count" field to contain the number of values (row
descriptions or row data) included in RowDescription/DataRow messages. This
information is useful when analyzing the CSV of TShark since in a CSV row, many
row descriptions or row data may be packed together."
Patch changes from me:
- No need to fetch ephemeral string anymore so just use tvb_strsize()
to get string length;
- Change field-filtername from pgsql.val.count to pgsql.field.count
See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6343
svn path=/trunk/; revision=39030
|
|
svn path=/trunk/; revision=37371
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
http://www.wireshark.org/lists/wireshark-dev/200809/msg00075.html
(as referenced in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2907 ) and
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3411 :
Write a new convenience routine for finding a conversation and, if it is not
found, create it. The frame number and addresses are taken from pinfo (as is
the common case).
Use this function in a bunch of dissectors.
svn path=/trunk/; revision=32790
|
|
svn path=/trunk/; revision=29340
|
|
(1) Trailing/leading spaces are removed from 'name's/'blurb's
(2) Duplicate 'blurb's are replaced with NULL
(3) Empty ("") 'blurb's are replaced with NULL
(4) BASE_NONE, NULL, 0x0 are used for 'display', 'strings' and 'bitmask' fields
for FT_NONE, FT_BYTES, FT_IPv4, FT_IPv6, FT_ABSOLUTE_TIME, FT_RELATIVE_TIME,
FT_PROTOCOL, FT_STRING and FT_STRINGZ field types
(5) Only allow non-zero value for 'display' if 'bitmask' is non-zero
svn path=/trunk/; revision=28770
|
|
last in file.
svn path=/trunk/; revision=27910
|
|
proto_reg_handoff rework.
svn path=/trunk/; revision=26586
|
|
svn path=/trunk/; revision=26091
|
|
svn path=/trunk/; revision=25290
|
|
- if offset is 0, tvb_length is the same as tvb_length_remaining, just faster.
Replace
- col_append_fstr() with faster col_append_str()
- col_add_str() with col_set_str()
when it's safe
svn path=/trunk/; revision=23252
|
|
tcp_dissect_pdus() to also include a packet_info pointer.
there are many reasons why some protocols actually need to be able to access the pinfo structure while determining the pdu size
svn path=/trunk/; revision=19751
|
|
svn path=/trunk/; revision=18196
|
|
acked_packets (i.e. packets that have interesting tcp properties such as being retransmissions etc) hang off the per conversation tcpd struct instead of being global.
while this should improve performance by unmeasurably little it does have the sideeffect that once we finish the rewrite tcp analysis might actually work and work well even for tcp over tcp tunnelling.
this also means that if you include packet-tcp.h you also need to include emem.h .
svn path=/trunk/; revision=17681
|
|
svn path=/trunk/; revision=15275
|
|
add a "match_strval_idx()" routine that does the same thing, and have
"match_strval()" call it.
Make those routines, and "val_to_str()", return a "const" pointer.
Update dissectors as necessary to squelch compiler warnings produced by
that.
Use "val_to_str()" rather than using "match_strval()" and then, if the
result is null, substituting a specific string. Clean up some other
"match_strval()"/"val_to_str()" usages.
Add a null pointer check in the NDPS dissector's "attribute_value()"
routine, as it's not clear that "global_attribute_name" won't be null at
that point.
Make some global variables in the AFS4INT dissector local.
Make some routines not used outside the module they're in static.
Make some tables "static const".
Clean up white space.
Fix Gerald's address in some files.
svn path=/trunk/; revision=14786
|
|
svn path=/trunk/; revision=14779
|
|
svn path=/trunk/; revision=13672
|
|
will treat it as negative" problem by first calling
"tvb_ensure_bytes_exist()" - if the length is *that* large, it will run
past the end of the tvbuff, so the exception that
"tvb_ensure_bytes_exist()" will throw with a negative argument will be
the correct exception.
svn path=/trunk/; revision=13614
|
|
asn1.[ch]
follow.[ch]
ptvcursor.[ch]
reassemble.[ch]
xmlstub.[ch]
fix #include statements accordingly.
svn path=/trunk/; revision=13366
|
|
1) Added a setup_frame parameter to conversation_t
2) Used the conversation_t next to maintain a list of conversations with the
same src/dest tuple but different setup_frame number.
3) Changed the signature of find_conversation() and conversation_new() to pass
in the frame number.
4) Adjusted packet-sdp to select RTP conversation if both m=audio and m=image
are present, and T.38 conversation if only m=image is present. I expect that
RTP/T.38 dissecting to be better, but I don't have a way to generate T.38
packets.
svn path=/trunk/; revision=13243
|
|
by incorrectly trying to proto_tree_add_item() with a very huge length. However, someone with more SQL knowledge than me should have a qualified look at that place and do a better fix.
svn path=/trunk/; revision=12833
|
|
- Make port configurable via prefs
- Highlight keywords in addition to values in hexpane
svn path=/trunk/; revision=12800
|
|
svn path=/trunk/; revision=12795
|