| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This gets complicated, because those subdissectors might be called by
other dissectors as well. We need a better way of passing that sort of
out-of-bound information.
Pull some routines used for processing Content-Type parameters into
common code; we can't guarantee that the media parameters passed in
would be writable (passing it as *the* data hid that; passing a
structure with that *and* the HTTP message type revealed it), so don't
convert it to lower-case in place.
Use that information, if available, to determine whether an IPP message
is a requet or a response.
Change-Id: I4bccc9f05cd0b14ad445be7ab37b3d884d841325
Reviewed-on: https://code.wireshark.org/review/17216
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I12f92c983d587c2a4751428cdf299635090c9f0b
Reviewed-on: https://code.wireshark.org/review/14748
Reviewed-by: João Valverde <j@v6e.pt>
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This saves many dissectors the need to find the data dissector and store a handle to it.
There were also some that were finding it, but not using it.
For others this was the only reason for their handoff function, so it could be eliminated.
Change-Id: I5d3f951ee1daa3d30c060d21bd12bbc881a8027b
Reviewed-on: https://code.wireshark.org/review/14530
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Started by grepping call_dissector_with_data, call_dissector_only and call_dissector and traced the handles passed into them to a find_dissector within the dissector. Then replaced find_dissector with find_dissector_add_dependency and added the protocol id from the dissector.
"data" dissector was not considered to be a dependency.
Change-Id: I15d0d77301306587ef8e7af5876e74231816890d
Reviewed-on: https://code.wireshark.org/review/14509
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Dissectors registered with SSL must be registered for Export PDU to
work properly. Otherwise the dissector name could be NULL, resulting
in a capture file that cannot properly be dissected.
Add an assertion to ssl-utils to catch this situation. Note that this
results in an "wmem_alloc: assertion failed: (allocator->in_scope)"
report because these functions are possibly called in the protocol
handoff routines... Can be fixed later.
The DNS dissector is fixed by merging the UDP/TCP dissectors into a
single dns handle which recognizes TCP and then assumes the length
prefix if TCP.
Change-Id: If73b9b09a4682d66fb8fa026c42a3475648f9bf1
Reviewed-on: https://code.wireshark.org/review/13194
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
That removes most of the uses of the frame number field in the
frame_data structure.
Change-Id: Ie22e4533e87f8360d7c0a61ca6ffb796cc233f22
Reviewed-on: https://code.wireshark.org/review/13509
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8512cfa1d424f82a873a0e0e1d22c7b075fdd7f3
Reviewed-on: https://code.wireshark.org/review/13069
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
ZLIB_CONST must be defined before including zlib.h to expose z_const,
*AND* z_const shouldn't be used unless it's defined, because older
versions of zlib don't define it even if you define ZLIB_CONST.
While we're at it, throw in some DIAG_OFF(cast-qual)/DIAG_ON(cast-qual)
pairs to suppress unavoidable "cast throws away const qualification"
warnings.
The original "make zlib constness-aware" change also removed an
unnecessary include of <zlib.h> from wiretap/wtap.c, so we do that as
well.
Change-Id: I3c5269a8fbc54bbbb4d316544cc7b8fa30614c19
Reviewed-on: https://code.wireshark.org/review/12675
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This reverts commit fb0246c6fd7cd34b820558f75eb48bba6326b768. That commit assumes that if you define Z_CONST, z_const will be defined; that is *not* the case with older versions of zlib, which don't define z_const under any circumstances.
Change-Id: I6f9b7ea18922799b1aaf94dc2c63120128f2550a
Reviewed-on: https://code.wireshark.org/review/12671
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
ZLIB_CONST must be defined before including zlib.h to expose 'z_const'.
Change-Id: Ic0dbd59ed3c760dd84ef4546f6ff4d5d3db91519
Reviewed-on: https://code.wireshark.org/review/12547
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Since ssl_dissector_[add|delete] only take TCP dissectors, remove the parameter and just use it within the "internal" ssl_association_add call.
Change-Id: I0fdf941389934c20cbacf910250e17520614e706
Reviewed-on: https://code.wireshark.org/review/11591
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Setting a zero port still allows it for selection in the UAT dialog
while not breaking HTTPS dissection.
(In theory the UAT setting would work. In practice it would still call
ssl_dissector_add and take over the SSL registration for all tcp/443
traffic. On removal with ssl_dissector_remove, the HTTPS port is not
added back again until a restart (or until the HTTPS ports list is
changed from the default) because the spdy registration overwrites the
HTTP one...)
Also note that NPN detection for SPDY is not implemented, only ALPN
detection is supported.
Bug: 10984
Change-Id: I6e84aa6408abf40bb860abee4845731ce55ce254
Reviewed-on: https://code.wireshark.org/review/10517
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: Ife5f44a333227b1df3d2377d12dbec65a4b4d5c3
Reviewed-on: https://code.wireshark.org/review/10164
Reviewed-by: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The preferences are still supported for backwards compatibility, but the heuristic_protos file has final say on the "preference" to enable/disable a heuristic dissector.
Also add parameter to heur_dissector_add() for the "default" enable/disable of a heuristic dissector. With this parameter, a few more (presumably weak) heuristic dissectors have been "registered" but of course default to being disabled.
Change-Id: I51bebb2146ef3fbb8418d4f5c7f2cb2b58003a22
Reviewed-on: https://code.wireshark.org/review/9610
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Roland Knall <rknall@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This allows better presentation of heuristic dissectors to the end user.
Change-Id: I2ff3985ab914e83c2989880cc0c7b9904045b3f6
Reviewed-on: https://code.wireshark.org/review/9602
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Provide a way for Lua-based dissectors to invoke tcp_dissect_pdus()
to make TCP-based dissection easier.
Bug: 9851
Change-Id: I91630ebf1f1fc1964118b6750cc34238e18a8ad3
Reviewed-on: https://code.wireshark.org/review/6778
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com>
Tested-by: Hadriel Kaplan <hadrielk@yahoo.com>
|
|
Get rid of references to ep_ and se_ allocation in code that now uses
wmem allocation instead.
Fix API documentation of conversation_table.h routines to reflect that
as well - some APIs changed to pass wmem scopes.
Also, zbee_sec_key_hash() now takes the output buffer as an argument and
just returns it, and nobody actually uses the return value, so change it
to return void.
Change-Id: Ife1ec675a9322fd0f0be306a9d639ec17aad1c7a
Reviewed-on: https://code.wireshark.org/review/6636
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ief4c377d56748e1a8ed0ef7fe5ba03b9be00cd8d
Reviewed-on: https://code.wireshark.org/review/6267
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Fifth batch (packet-rtp.c -> end).
Will look at cleaning up and committing script afterwards.
Change-Id: I8ed61dc941d98d3f7259a9d1f74e214eb7b4bfa2
Reviewed-on: https://code.wireshark.org/review/6052
Reviewed-by: Martin Mathieson <martin.r.mathieson@googlemail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
(for some dissectors which fetch all other integral fields using
ENC_BIG_ENDIAN).
Change-Id: Ic18e3172aad76af12b12d6732c88497be22aed56
Reviewed-on: https://code.wireshark.org/review/5748
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
passing data between dissectors using the "media_type" subdissector.
Change-Id: I82cbfed770b41404bc42cb6a4413db07d04dffdc
Reviewed-on: https://code.wireshark.org/review/5462
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
parameter instead of pinfo->private_data.
Change-Id: I0a0cb0b4838bc4e55a759fb6031355892c220c8e
Reviewed-on: https://code.wireshark.org/review/5461
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Coming when data length = 0
Bug: 10704
Change-Id: Ibd0730be661d966aa0429480dba97ed7d3e5c471
Reviewed-on: https://code.wireshark.org/review/5377
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
They don't handle values outside the range -1 to 127, and their behavior
is locale-dependent. Use g_ascii_isXXX() and g_ascii_toXXX() instead of
isXXX() and toXXX().
If you're checking for printable ASCII, don't use isascii() and don't
use iscntrl(), use g_ascii_isprint(). If you're checking for graphical
ASCII, i.e. printable ASCII except for a space, use g_ascii_isgraph().
Use ws_xton() to convert a hex digit character to the corresponding
numeric value.
Change-Id: Id3039bc586fbf66d8736c2df248c790c0d7a2330
Reviewed-on: https://code.wireshark.org/review/4851
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Ping-Bug: 10566
Change-Id: I4d3d991eb8b5ede349a361d1f6b605b4a67a98b6
Reviewed-on: https://code.wireshark.org/review/4645
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Found by yurui ming
Ping-Bug: 10566
Change-Id: I92e784eb91dc6c88af409e2936671b0ea473fba9
Reviewed-on: https://code.wireshark.org/review/4637
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Clear the COL_INFO before start to dissect SPDY PDU
Change-Id: I7a22515f1c2c89b5647003320ff455a74fbce42a
Ping-Bug: 10566
Reviewed-on: https://code.wireshark.org/review/4636
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Found by yurui ming
Change-Id: Ibef07fa13af0de8357bdf98a038460706d0972f7
Ping-Bug: 10566
Reviewed-on: https://code.wireshark.org/review/4635
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Misc: (as needed)
- Add editor modelines;
- Adjust whitespace.
Change-Id: I0e5d877a2a6273842ad8e771ac0c0acbfcb83200
Reviewed-on: https://code.wireshark.org/review/4173
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Add static before function
Change-Id: I42c5be7a1436160bcb82d0cb4309959802b7b3cb
Reviewed-on: https://code.wireshark.org/review/3696
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
- remove unneeded initializers;
- replace tabs in files with editor mode line 'expandtabs';
- col_set_str() --> col_add_str() (in one case);
- tvb_length() -- > tvb_reported_length() (in one case);
- do some whitespace & indentation fixes/changes.
Change-Id: Ib8ffbbcdb6e4a74c0df6021a75430ae1ef9ae089
Reviewed-on: https://code.wireshark.org/review/3435
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I8d66b1bc7dbdfee3d4bf6fd3b3c21c6323b66f44
Reviewed-on: https://code.wireshark.org/review/2946
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Fix also tvb_length / tvb_length_remaining soft warning
Change-Id: I3fd8f3a842fa84273b84ae36317e2c3fbdca076d
Reviewed-on: https://code.wireshark.org/review/1461
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Address Evan's missed comments from https://code.wireshark.org/review/767/
From Alexis La Goutte
Fix unused variable (pinfo) and fix crash (wrong variable in while)
Change-Id: I1b134585f4d522d3e808069f606beb4aae0488fa
Reviewed-on: https://code.wireshark.org/review/1164
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Fixes major memory leak.
Bug:10062
Change-Id: Ife70f12b8697a7873860c702ee0c740f98d98821
Reviewed-on: https://code.wireshark.org/review/1435
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
whitespace changes
Change-Id: I8c2e8694223270f1810aa6b13d955f0d08001d30
Reviewed-on: https://code.wireshark.org/review/1239
Reviewed-by: Bill Meier <wmeier@newsguy.com>
Tested-by: Bill Meier <wmeier@newsguy.com>
|
|
Change-Id: I3f0365e6e693e26e2490150d78cc6a7bc82281fe
Reviewed-on: https://code.wireshark.org/review/1211
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Change-Id: I7eb5177864d683cf722f877336f787b392e707e6
Reviewed-on: https://code.wireshark.org/review/1165
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Id4a7b4ff8167c4691cf3b2c6273e29d1b00f79cf
Reviewed-on: https://code.wireshark.org/review/1163
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The dictionary_id member of a spdy_conv_t is only used if we have libz;
put it inside the #ifdef. That also lets us give it a type of uLong,
from libz, which avoids it being 32 bits when the type returned by
adler32() is 64 bits. (The *value returned by adler32()* might always
fit in 32 bits, but this is arguably cleaner than throwing a cast at the
problem.)
The third argument to adler32() is a uInt; cast sizeof to uInt to avoid
other 32-bit-vs-64-bit warnings. (It should have been size_t, but maybe
libz antedated size_t's availability in all the compilers that were used
to compile it.)
The buffer size in spdy_decompress_header_block() is always 16K; just
make it a #define that is *not* size_t, so that we avoid other
32-bit-vs-64-bit warnings.
Use DISSECTOR_ASSERT_NOT_REACHED() for "this can't happen" - it's marked
as "doesn't return", so we don't get "variable is unassigned" warnings
(at least not from the Clang I'm using), and also means we wouldn't get
a crash if it *does* happen (we just get a warning on the console and in
the protocol tree).
Change-Id: I55945b69b7485a02f3f623b21f671ed2915d453d
Reviewed-on: https://code.wireshark.org/review/1162
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Porting SPDYSHARK Plugin ( http://code.google.com/p/spdyshark/) to built-in dissector
Closed-bug: 9821
Change-Id: I3169ab49e67f67a17e4094a289f4d3a389d610bc
Reviewed-on: https://code.wireshark.org/review/767
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
