a release
build without any modification.
--
With best regards
Max Dmitrichenko
___
Sent via:Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives:https://www.wireshark.org/lists/wireshark-d
to this. But if you protocol is
encrypted or compressed, such event poisons the state of decoder or
decompressor and most of times it is unrecoverable.
Does wireshark have anything to handle this? If not is there any demand for
such functionality from dissectors' authors?
--
With best regards
Max
2012/2/10 Martin Wilck martin.wi...@ts.fujitsu.com
Hello,
I just stumbled upon the known problem SSL decryption breaks after
retransmission
(http://www.wireshark.org/lists/wireshark-dev/200805/msg00067.html) with
wireshark 1.6.5.
I wonder if a patch for this issue is available? Is anybody
2012/2/10 Martin Wilck martin.wi...@ts.fujitsu.com
On 02/10/2012 12:13 PM, Max Dmitrichenko wrote:
I have made a patch and put it into the bug tracker about half a year
ago.
Thanks - I assume you're talking about
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5971 ?
Yep!
--
Max
2012/2/10 Martin Wilck martin.wi...@ts.fujitsu.com
On 02/10/2012 01:09 PM, Max Dmitrichenko wrote:
Thanks - I assume you're talking about
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5971 ?
Yep!
I built wireshark with this patch applied, but it didn't solve my
problem. I
2011/12/6 Andriy Beregovenko j...@jet.kiev.ua:
I'm truing to create custom dissector. Data in protocol is crypted with rc4,
so I use internal implementation of RC4 encription and it works fine. Of
course I read [0] before writing code :)
But I got strange behaivor with result displaing. At
2011/10/7 Marcel Haas inf...@fh-worms.de:
And i have the next problem. Damn wireshark kick my ass :)
I have some packets witch are compress witz zlib.
I want to uncompress them.
I read the dev-guid about transformed data but i dont have a clue.
I were testing some stuff but with no good
2011/6/8 Fernandez, Rafael rafael.fernan...@citadelgroup.com:
Which release may I apply this patch to?
It was done for the trunk revision 37461. Try to apply it to the HEAD
and if it fails, I'll renovate it. If you need, I can also try to
modify some existing dissector to make use the introduced
Hi!
I've just submitted a patch [1] to the bugzilla and wish to discuss it here.
The patch was born after the discussion [2] happened about a month
ago. There we came to the conclusion that everything works fine until
application level PDU is fragmented and the first fragment is lost and
Hi Sreenivasulu,
2011/5/11 Sreenivasulu Yellamaraju sreenivasulu.yellamar...@csr.com:
If you confirm, I can think of buying it as it seems to be not a freeware.
aircrack-ng toolset is actually open source. Look here:
http://www.aircrack-ng.org/
But if you want to use it under Windows you need
2011/5/6 Jeff Morriss jeff.morriss...@gmail.com:
Oh, those out-of-order packets are quite possibly the problem: see the
recent discussion here on Handling TCP packets reordering.
Would love to fix this problem somehow, but I'm lack of knowledge of
wireshark's core :(
--
Max
Hi!
I'm continue to write dissector for an encrypted protocol. Everything
works fine until I receive an out-of-order TCP segment, i.e. previous
was lost.
Since I'm trying to decrypt it, I fail with it and break the whole
decryption context. Is there any way to:
1) Detect that this packet is out
2011/5/5 Jeff Morriss jeff.morriss...@gmail.com:
Sake Blok wrote:
On 4 mei 2011, at 22:11, Jeff Morriss wrote:
I would think desegment_tcp() should be able to handle this by not
calling your dissector for an out-of-order segment: it should be able to
only call your dissector once it has a
2011/5/5 Jeff Morriss jeff.morriss...@gmail.com:
I did stumble across a (apparently unrelated) problem in that it will fail
if you see a gap while the subdissector is returning
DESEGMENT_ONE_MORE_SEGMENT (as HTTP does until it gets all the headers): in
that case TCP has to assume that the
2011/5/3 ronnie sahlberg ronniesahlb...@gmail.com:
I think registering a destructor for an allocated is very useful, but
it would be very uncommon.
Most allocations never need a destructur, so it shouldnt be made
mandatory in the allocation functions.
As it is implemented now, it's not
15 matches
Mail list logo
