Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 2825] New: Patch: expanded dissection of the kademlia prot

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 22 Aug 2008 02:28:10 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2825

           Summary: Patch: expanded dissection of the kademlia protocol
                    (eDonkey Dissector)
           Product: Wireshark
           Version: unspecified
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: Minor
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: stefan.monhof@xxxxxxxxxxxxxxx



Stefan Monhof <stefan.monhof@xxxxxxxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2176|                            |review_for_checkin?
               Flag|                            |


Created an attachment (id=2176)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2176)
patch-file for expanded kademlia dissection

Build Information:
wireshark 1.0.99 (SVN Rev 26047)

Copyright 1998-2008 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.9, with GLib 2.16.4, with libpcap 0.9.8, with libz
1.2.3.3, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, with GnuTLS 2.0.4, with Gcrypt 1.2.4,
without
Kerberos, without PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Linux 2.6.24-19-generic, with libpcap version 0.9.8.

Built using gcc 4.2.3 (Ubuntu 4.2.3-2ubuntu7).

--
eDonkey Dissector for the kademlia protocol
Modified and added on the basis of information and names from the eMule 0.49a
source code

changes:
- fixed: display of kademlia hash (bug #2348)
- added: information on the meaning of the values of kad version, parameter of
message types KADEMLIA_REQ and KADEMLIA2_REQ, metatag sourcetype and metatag
encryption
- added: peer id, target id, recipients id, file id, keyword hash as variants
of kademlia hash (searchable as string now)
- added: xor between target id and recipients id
- fixed: ip adresses in taglist now displayed in dotted-decimal (instead of
int)
- fixed: some values in taglist were displayed in octal, it's hex now
- fixed: message type KADEMLIA2_BOOTSTRAP_REQ was wrongly marked as malformed
- added: differences in dissecting peer list 1.0 and peer list 2.0
- fixed: dissection of KADEMLIA2_SEARCH_KEY_REQ and KADEMLIA2_SEARCH_RES
- added: source-publishing and keyword-publishing in KADEMLIA_PUBLISH_REQ
- fixed: decompressed data are not displayed in a subtree anymore


The patch is tested on Windows XP SP3 (WinPcap 4.0.2, libpcap 0.9.5) and Ubuntu
8.04 (see build information).
FuzzTest is running at the moment, but it has not returned any problems for the
first 26000 tests.


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube