Anders Broman wrote:
Should we look into the possibility of adding a preference to the PRES
dissector where you can "force" a certain context to be dissected by a
higher layer dissector such as MMS?
How would you identify the context if you don't have the presentation
context identifier?
What we might *really* want is a mechanism by which a dissector that
fails to find a sub-dissector can, if it would make sense for the user
to explicitly indicate the sub-dissector to be used, can indicate that?
This would create a data structure for the current frame (it wouldn't
have to be persistent, as it'd be recreated whenever the frame was
selected) with some indication of what to display as the item to be
"decoded as", something to indicate which of the dissectors should be
offered as choices, and a routine to call back. At least in Wireshark,
the "Decode As" code would add additional tabs to the dialog for this,
and would call the callback if you click "OK" and have selected that tab.
In the case of the PRES dissector, the "item to be decoded as" would be
something to indicate to the user that it's the context, the list of
dissectors would be all the dissectors registered with
register_ber_oid_dissector(), and the callback would internally
associate the OID for the selected dissector with the context.
We might be able to use this for the DCE RPC "decode as" function as well.
(In fact, we could have dissectors use this even in cases where a
sub-dissector *was* found, if we want to allow users to override the
decision; that might let us get rid of the "Decode as" code that knows
about Ethertypes, IP protocols, and TCP/UDP ports, if we add a few more
items to the data structure in question.
