Ethereal-dev: [Ethereal-dev] Enhancement request to http dissector

Note: This archive is from the project's previous web site, This list is no longer active.

From: Yaniv Kaul <[email protected]>
Date: Tue, 13 Jul 2004 14:54:59 +0200
In some cases, what begins as HTTP turns to HTTPS. The easiest example is HTTPS via a proxy connection. Today, Ethereal tries to dissect it as HTTP, then when SSL begins it switches to show only 'Continuation' - the data only.
I suggest that it will try to dissect it as SSL.
To do it in a clever way, I'd like to use packet-ssl's functions ssl_looks_like_sslv2() / ssl_looks_like_sslv3() in order to determine first if it might be indeed SSL.
To do so, I'd like to:
(1) Move the zillion #define's in packet-ssl.c to packet-ssl.h (a good practice anyway?) (2) COPY the above mentioned functions from packet-ssl.c to packet-http.c and use it them (and include packet-ssl.h for the definitions).
The call for those functions (and if successful to the ssl dissector) 
would be done from packet-http.c, I'm not really sure where exactly I 
should do it (I'd like to as soon as possible once failed to identify it 
as HTTP - perhaps around line 271)
I'd like to get comments about it before I'll do it.