Wireshark mailing list archives
Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found.
From: Evan Huus <eapache () gmail com>
Date: Thu, 24 Apr 2014 17:02:21 -0400
On Thu, Apr 24, 2014 at 4:41 PM, <mmann78 () netscape net> wrote:
After looking at this, I'd have to say the DTLS decryption test is "flawed". It sets up a key to decifer traffic as HTTP, but it's not really HTTP, it's just a bunch of ASCII strings. I can change it to any of the valid dissectors and presuming the DTLS decyption is done correctly (which I presume is the real point of this test), that protocol will attempt to be dissected in the subsequent frames (and be caught by that protocol's filter). Ideas on the best way to fix this so I can restore removing the "bogus" HTTP tree when it's not really HTTP?
If it is just data, set up the DTLS key to decipher as "data" and check that field instead? You're right, if it's not really HTTP there's no reason to invoke that dissector unnecessarily.
-----Original Message----- From: Alexis La Goutte <alexis.lagoutte () gmail com> To: Developer support list for Wireshark <wireshark-dev () wireshark org> Sent: Wed, Apr 23, 2014 3:06 am Subject: Re: [Wireshark-dev] [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. On Wed, Apr 23, 2014 at 4:20 AM, Evan Huus <eapache () gmail com> wrote:The DTLS decryption test has been failing for the last few days because of this. Not sure what the relation is, but...When try to look the output of DTLS decryption test, it is empty (and use HTTP filter..) env $TS_DC_ENV $TSHARK $TS_DC_ARGS \ -Tfields -e data.data \ -r "$CAPTURE_DIR/snakeoil-dtls.pcap" -Y http \ | grep "69:74:20:77:6f:72:6b:20:21:0a" >On Sun, Apr 20, 2014 at 8:40 AM, Wireshark code review <code-review-do-not-reply () wireshark org> wrote:URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fc5d8db74dc473610b9fc6c0c4b571d4aa65264a Submitter: Michael Mann (mmann78 () netscape net) Changed: branch: master Repository: wireshark Commits: fc5d8db by Michael Mann (mmann78 () netscape net): Create the HTTP tree after we're assured it's HTTP. Otherwise a bogustree is created when HTTP2 traffic is found.Change-Id: Ic315ed9b7d65fe70401945cb0cceda4af863d140 Reviewed-on: https://code.wireshark.org/review/1215 Reviewed-by: Alexis La Goutte <alexis.lagoutte () gmail com> Reviewed-by: Michael Mann <mmann78 () netscape net> Actions performed: from d0489f2 Clean up white space (replace tabs with 4 spaces). adds fc5d8db Create the HTTP tree after we're assured it's HTTP.Otherwise a bogus tree is created when HTTP2 traffic is found.Summary of changes: epan/dissectors/packet-http.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) ___________________________________________________________________________ Sent via: Wireshark-commits mailing list <wireshark-commits () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-commits Unsubscribe: https://wireshark.org/mailman/options/wireshark-commits mailto:wireshark-commits-request () wireshark org?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. Evan Huus (Apr 22)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. Alexis La Goutte (Apr 23)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. mmann78 (Apr 24)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. Evan Huus (Apr 24)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. Peter Wu (Apr 24)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. mmann78 (Apr 24)
- Re: [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found. Alexis La Goutte (Apr 23)