Re: [Wireshark-dev] [PATCH] Enhancements to dissecting proxy CONNECT sessions
Hi Stephen, Committed as SVN revision 21618. Thanks for the improvements to that feature! Sorry for the delay in checking it in. Thank you for picking up my patch. The real problem that I am trying to solve is a little difficult for me. It's SSL connections over a HTTP-proxy. When there is segmentation in the SSL records, the packets is marked as Malformed. I spent quite some time in the code to get a grasp on this issue, but I think I must surrender. I asked the guy who reported it on the users-list to add a bug for it though. Hopefully someone else with a little more knowledge of the inner workings of the http-dissector could fix it. Cheers, Sake PS Sometimes I get a little demotivated when it looks like patches are overlooked while ton's of other patches are committed. But then again, it is voluntary for everyone, so I don't want to nag about it to much. In the end, my patches always get committed so maybe I should just be a little more relaxed with it :) ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [PATCH] Enhancements to dissecting proxy CONNECT sessions
Committed as SVN revision 21618. Thanks for the improvements to that feature! Sorry for the delay in checking it in. On Sat, Apr 28, 2007 at 10:27:40AM +0200, Sake Blok wrote: Hi, Could someone review the patch I sent in about two weeks ago, it looks like it has been overlooked. Thanks, Sake On Mon, Apr 23, 2007 at 07:49:16PM +0200, Sake Blok wrote: Hi, Is anyone reviewing the patch I sent last week? Cheers, Sake On Tue, Apr 17, 2007 at 11:43:25AM +0200, Sake Blok wrote: Hi, At the moment I'm looking into a problem that James Small has reported on the users-list: http://www.wireshark.org/lists/wireshark-users/200704/msg00047.html Although the problem seems to be a non-functional re-assembly of the SSL packets when they are proxied. I will take some time to get familiar with the re-assembly code in wireshark... While looking into the http-dissector I improved a few things on how it dissects a proxy CONNECT session. This is what I have changed: - added the fields hf_http_proxy_connect_host and -port - changed proto_tree_add_text to proto_tree_add_string and -uint so that it's possible to filter on them - make these two fields PROTO_ITEM_SET_GENERATED - removed the alteration of the ports within pinfo, now the ports in the column info are not changed to the port used to connect to the backend server. It is now possible to use follow-tcp-stream again on proxied ssl sessions. The patch has been tested on FC4. Could someone review this patch? Cheers, Sake ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
Re: [Wireshark-dev] [PATCH] Enhancements to dissecting proxy CONNECT sessions
Hi, Is anyone reviewing the patch I sent last week? Cheers, Sake On Tue, Apr 17, 2007 at 11:43:25AM +0200, Sake Blok wrote: Hi, At the moment I'm looking into a problem that James Small has reported on the users-list: http://www.wireshark.org/lists/wireshark-users/200704/msg00047.html Although the problem seems to be a non-functional re-assembly of the SSL packets when they are proxied. I will take some time to get familiar with the re-assembly code in wireshark... While looking into the http-dissector I improved a few things on how it dissects a proxy CONNECT session. This is what I have changed: - added the fields hf_http_proxy_connect_host and -port - changed proto_tree_add_text to proto_tree_add_string and -uint so that it's possible to filter on them - make these two fields PROTO_ITEM_SET_GENERATED - removed the alteration of the ports within pinfo, now the ports in the column info are not changed to the port used to connect to the backend server. It is now possible to use follow-tcp-stream again on proxied ssl sessions. The patch has been tested on FC4. Could someone review this patch? Cheers, Sake ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
[Wireshark-dev] [PATCH] Enhancements to dissecting proxy CONNECT sessions
Hi, At the moment I'm looking into a problem that James Small has reported on the users-list: http://www.wireshark.org/lists/wireshark-users/200704/msg00047.html Although the problem seems to be a non-functional re-assembly of the SSL packets when they are proxied. I will take some time to get familiar with the re-assembly code in wireshark... While looking into the http-dissector I improved a few things on how it dissects a proxy CONNECT session. This is what I have changed: - added the fields hf_http_proxy_connect_host and -port - changed proto_tree_add_text to proto_tree_add_string and -uint so that it's possible to filter on them - make these two fields PROTO_ITEM_SET_GENERATED - removed the alteration of the ports within pinfo, now the ports in the column info are not changed to the port used to connect to the backend server. It is now possible to use follow-tcp-stream again on proxied ssl sessions. The patch has been tested on FC4. Could someone review this patch? Cheers, Sake proxy-connect.patch.gz Description: application/gunzip ___ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev