Age | Commit message (Collapse) | Author | Files | Lines |
|
Change all wireshark.org URLs to use https.
Fix some broken links while we're at it.
Change-Id: I161bf8eeca43b8027605acea666032da86f5ea1c
Reviewed-on: https://code.wireshark.org/review/34089
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Also make the RDP port (3389) to default to TPKT when decrypting TLS.
Change-Id: I951531080b36905b2c3ac9039e66243c67b6efe6
Reviewed-on: https://code.wireshark.org/review/33521
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I92c94448e6641716d03158a5f332c8b53709423a
Reviewed-on: https://code.wireshark.org/review/25756
Petri-Dish: Dario Lombardo <lomato@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This emphasizes that there is no such thing as *the* routine to
construct a subset tvbuff; you need to choose one of
tvb_new_subset_remaining() (if you want a new tvbuff that contains
everything past a certain point in an existing tvbuff),
tvb_new_subset_length() (if you want a subset that contains everything
past a certain point, for some number of bytes, in an existing tvbuff),
and tvb_new_subset_length_caplen() (for all other cases).
Many of the calls to tvb_new_subset_length_caplen() should really be
calling one of the other routines; that's the next step. (This also
makes it easier to find the calls that need fixing.)
Change-Id: Ieb3d676d8cda535451c119487d7cd3b559221f2b
Reviewed-on: https://code.wireshark.org/review/19597
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
This is mostly to address memory leaks in range preferences (the biggest
user of range functionality) on shutdown.
Now range preferences must use epan scoped memory when referencing
internal preference structures to keep consistency.
Change-Id: Idc644f59b5b42fa1d46891542b53ff13ea754157
Reviewed-on: https://code.wireshark.org/review/19387
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
This patch introduces new APIs to allow dissectors to have a preference for
a (TCP) port, but the underlying data is actually part of Decode As functionality.
For now the APIs are intentionally separate from the regular APIs that register a
dissector within a dissector table. It may be possible to eventually combine the
two so that all dissectors that register with a dissector table have an opportunity
to "automatically" have a preference to adjust the "table value" through the
preferences dialog.
The tcp.port dissector table was used as the guinea pig. This will eventually be
expanded to other dissector tables as well (most notably UDP ports). Some
dissectors that "shared" a TCP/UDP port preference were also converted. It also
removed the need for some preference callback functions (mostly when the callback
function was the proto_reg_handoff function) so there is cleanup around that.
Dissectors that has a port preference whose default was 0 were switched to using
the dissector_add_for_decode_as_with_preference API rather than dissector_add_uint_with_preference
Also added comments for TCP ports used that aren't IANA registered.
Change-Id: I99604f95d426ad345f4b494598d94178b886eb67
Reviewed-on: https://code.wireshark.org/review/17724
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
"subdissectors?" register their own.
There are a number of dissectors who are subdissectors of TPKT (and OSITP) that are
not called by TCP dissector directly, yet can possibly register a TCP port "on the
behalf" of TPKT. Just allow TPKT to support a range of ports to possibly include
these protocols.
Remove the preferences from these dissectors, but add backwards compatibility for
the preferences by hooking into set_prefs and have the preferences just hook into
Decode As functionality directly.
Change-Id: Ic1b4959d39607f2b6b20fa6508da8d87d04cf098
Reviewed-on: https://code.wireshark.org/review/17476
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It's not used by anything outside the TPKT dissector - and probably
*shouldn't* be used by anything outside the TPKT dissector.
Clean up some white space while we're at it.
Change-Id: I9bb9642a002fb9e8bd6c36d80d7653ef9af615d4
Reviewed-on: https://code.wireshark.org/review/13204
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: Ie39ef054a4a942687bd079f3a4d8c2cc55d5f22c
Reviewed-on: https://code.wireshark.org/review/12485
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Some of the ASN.1 dissectors still generate a new_create_dissector_handle from the tool itself, so leave those for now.
Change-Id: Ic6e5803b1444d7ac24070949f5fd557909a5641f
Reviewed-on: https://code.wireshark.org/review/12484
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
Change-Id: I9c7d1c092bbae896ec0c2832617891346927f2e1
Reviewed-on: https://code.wireshark.org/review/11932
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Picking off "easy" dissectors that only have one or two exit points at most.
This concludes a "first pass" over the dissector directory.
Change-Id: If5ce5484214be50fe541cba478da1de62e354297
Reviewed-on: https://code.wireshark.org/review/11830
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9362e0fdc4519ba5f3d656152966e7030f478839
Reviewed-on: https://code.wireshark.org/review/9022
Petri-Dish: Evan Huus <eapache@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
Specifically:
- Set packet.h to be the first wireshark #include after
config.h and "system" #includes.
packet.h added as an #include in some cases when missing.
- Remove some #includes included (directly/indirectly) in
packet.h. E.g., glib.h.
(Done only for those files including packet.h).
- As needed, move "system" #includes to be after config.h and
before wireshark #includes.
- Rework various #include file specifications for consistency.
- Misc.
Change-Id: Ifaa1a14b50b69fbad38ea4838a49dfe595c54c95
Reviewed-on: https://code.wireshark.org/review/5923
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
restore it.
Change-Id: I13197cc48068bb35ee12a7023cfe5f76bbc4e264
Reviewed-on: https://code.wireshark.org/review/5486
Petri-Dish: Michael Mann <mmann78@netscape.net>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They don't handle values outside the range -1 to 127, and their behavior
is locale-dependent. Use g_ascii_isXXX() and g_ascii_toXXX() instead of
isXXX() and toXXX().
If you're checking for printable ASCII, don't use isascii() and don't
use iscntrl(), use g_ascii_isprint(). If you're checking for graphical
ASCII, i.e. printable ASCII except for a space, use g_ascii_isgraph().
Use ws_xton() to convert a hex digit character to the corresponding
numeric value.
Change-Id: Id3039bc586fbf66d8736c2df248c790c0d7a2330
Reviewed-on: https://code.wireshark.org/review/4851
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Change-Id: I8e9c58b75eea85877d22024201e5d8d0e9a3dbfd
Reviewed-on: https://code.wireshark.org/review/4459
Reviewed-by: Bill Meier <wmeier@newsguy.com>
|
|
Other minor cleanups while in the area.
Change-Id: I623d941e53128f169e55dfc629547b4221fa72fc
Reviewed-on: https://code.wireshark.org/review/4021
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Evan Huus <eapache@gmail.com>
|
|
https://www.wireshark.org/lists/wireshark-dev/201406/msg00131.html
This reverts commit 246fe2ca4c67d8c98caa84e2f57694f6322e2f96.
Change-Id: Ib24bae0198c13a84bd7f731bf4af921212109a8f
Reviewed-on: https://code.wireshark.org/review/2430
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I9209c1271967405c34c1b6fa43e1726a4d3a5a3f
Reviewed-on: https://code.wireshark.org/review/2377
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
(Using sed : sed -i '/^ \* \$Id\$/,+1 d')
Fix manually some typo (in export_object_dicom.c and crc16-plain.c)
Change-Id: I4c1ae68d1c4afeace8cb195b53c715cf9e1227a8
Reviewed-on: https://code.wireshark.org/review/497
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
svn path=/trunk/; revision=53918
|
|
svn path=/trunk/; revision=53230
|
|
- when the text parameter is constant col_add_str() and col_set_str() are equivalent but col_set_str() is faster.
- same for replace col_append_fstr and col_append_str
- remove col_clear() when it's redundant:
+ before a col_set/col_add if the dissector can't throw an exception.
- replace col_append() after a col_clear() with faster col_add... or col_set
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9344
svn path=/trunk/; revision=52948
|
|
epan/show_exception.c, as it's used outside
epan/dissectors/packet-frame.c. Update their callers to include
<epan/show_exception.h> to get their declaration.
Add a CATCH_NONFATAL_ERRORS macro that catches all exceptions that, if
there's more stuff in the packet to dissect after the dissector call
that threw the exception, doesn't mean you shouldn't go ahead and
dissect that stuff. Use it in all those cases, including ones where
BoundsError was inappropriately being caught (you want those passed up
to the top level, so that the packet is reported as having been cut
short in the capture process).
Add a CATCH_BOUNDS_ERRORS macro that catches all exceptions that
correspond to running past the end of the data for a tvbuff; use it
rather than explicitly catching those exceptions individually, and
rather than just catching all exceptions (the only place that
DissectorError should be caught, for example, is at the top level, so
dissector bugs show up in the protocol tree).
Don't catch and then immediately rethrow exceptions without doing
anything else; just let the exceptions go up to the final catcher.
Use show_exception() to report non-fatal errors, rather than doing it
yourself.
If a dissector is called from Lua, catch all non-fatal errors and use
show_exception() to report them rather than catching only
ReportedBoundsError and adding a proto_malformed item.
Don't catch exceptions when constructing a trailer tvbuff in
packet-ieee8023.c - just construct it after the payload has been
dissected, and let whatever exceptions that throws be handled at the top
level.
Avoid some TRY/CATCH/ENDTRY cases by using checks such as
tvb_bytes_exist() before even looking in the tvbuff.
svn path=/trunk/; revision=47924
|
|
svn path=/trunk/; revision=45017
|
|
(COPYING will be updated in next commit)
svn path=/trunk/; revision=43536
|
|
Also: remove trailing whitespace for a number of files.
svn path=/trunk/; revision=39503
|
|
(previously missed).
57 FT_BOOLEAN: FALSE-->ENC_BIG_ENDIAN
31 FT_BOOLEAN: TRUE-->ENC_LITTLE_ENDIAN
10 FT_BYTES: ENC_BIG_ENDIAN-->ENC_NA
1 FT_BYTES: ENC_LITTLE_ENDIAN-->ENC_NA
21 FT_BYTES: FALSE-->ENC_NA
2 FT_BYTES: TRUE-->ENC_NA
2 FT_IPXNET: ENC_BIG_ENDIAN-->ENC_NA
6 FT_IPv6: ENC_BIG_ENDIAN-->ENC_NA
1 FT_IPv6: FALSE-->ENC_NA
6 FT_NONE: ENC_BIG_ENDIAN-->ENC_NA
19 FT_NONE: FALSE-->ENC_NA
3 FT_NONE: TRUE-->ENC_NA
1 FT_STRING: ENC_BIG_ENDIAN-->ENC_ASCII|ENC_NA
1 FT_STRING: ENC_LITTLE_ENDIAN-->ENC_ASCII|ENC_NA
5 FT_STRING: FALSE-->ENC_ASCII|ENC_NA
1 FT_STRING: TRUE-->ENC_ASCII|ENC_NA
4 FT_STRINGZ: ENC_NA-->ENC_ASCII|ENC_NA
8 FT_STRINGZ: FALSE-->ENC_ASCII|ENC_NA
1 FT_INT32: FALSE-->ENC_BIG_ENDIAN
1 FT_INT32: TRUE-->ENC_LITTLE_ENDIAN
11 FT_UINT8: 0-->ENC_BIG_ENDIAN
111 FT_UINT8: FALSE-->ENC_BIG_ENDIAN
17 FT_UINT8: TRUE-->ENC_LITTLE_ENDIAN
1 FT_UINT16: 0-->ENC_BIG_ENDIAN
68 FT_UINT16: FALSE-->ENC_BIG_ENDIAN
18 FT_UINT16: TRUE-->ENC_LITTLE_ENDIAN
4 FT_UINT24: FALSE-->ENC_BIG_ENDIAN
70 FT_UINT32: FALSE-->ENC_BIG_ENDIAN
1 FT_UINT32: TRUE-->ENC_LITTLE_ENDIAN
4 FT_UINT64: FALSE-->ENC_BIG_ENDIAN
1 FT_UINT64: TRUE-->ENC_LITTLE_ENDIAN
1 FT_UINT_STRING: FALSE-->ENC_ASCII|ENC_BIG_ENDIAN
svn path=/trunk/; revision=39442
|
|
A work in progress.
Can be used with the SSL dissector to decrypt Enhanced RDP Security SSL.
With Standard RDP Security (e.g those on Wiki), the PDUs are all encrypted
after the SecurityExchange PDU.
Wiki to be updated with an example SSL protected capture and associated
key material.
svn path=/trunk/; revision=39066
|
|
Apply rev 25869 to most of the rest of the TCP-desegmenting dissectors.
(The SSL dissector was already updated in one of two spots with bug 4535/rev
32456.)
A couple of the patches had to be manually applied.
From me: Fix the comments to match the change (including in the TCP and SSL
dissectors.)
svn path=/trunk/; revision=36332
|
|
keys to have _uint in their names, to match the routines that handle
dissector tables with string keys. (Using _port can confuse people into
thinking they're intended solely for use with TCP/UDP/etc. ports when,
in fact, they work better for things such as Ethernet types, where the
binding of particular values to particular protocols are a lot
stronger.)
svn path=/trunk/; revision=35224
|
|
svn path=/trunk/; revision=34458
|
|
This is necessary in case a subdissector had changed it but was unable to
restore it (due to the exception).
Remove check_col().
svn path=/trunk/; revision=34436
|
|
svn path=/trunk/; revision=32411
|
|
svn path=/trunk/; revision=32367
|
|
svn path=/trunk/; revision=29342
|
|
svn path=/trunk/; revision=29340
|
|
Allow optimalization with -ftracer.
svn path=/trunk/; revision=26822
|
|
svn path=/trunk/; revision=26308
|
|
svn path=/trunk/; revision=23480
|
|
create_dissector_handle() and
dissector_add() for now.
svn path=/trunk/; revision=23478
|
|
Parse MGCP over TCP with ASCII TPKT header
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1964
svn path=/trunk/; revision=23466
|
|
port
svn path=/trunk/; revision=23306
|
|
svn path=/trunk/; revision=23150
|
|
other than 102.
svn path=/trunk/; revision=19049
|
|
svn path=/trunk/; revision=18196
|
|
- in dissect_tpkt_encap() only check the desegment flag passed in the function.
svn path=/trunk/; revision=16016
|
|
svn path=/trunk/; revision=14909
|