Wireshark-dev: Re: [Wireshark-dev] [PATCH] Enhancements to dissecting proxy CONNECT sessions
From: Sake Blok <[email protected]>
Date: Mon, 23 Apr 2007 19:49:16 +0200
Hi,

Is anyone reviewing the patch I sent last week?

Cheers,


Sake


On Tue, Apr 17, 2007 at 11:43:25AM +0200, Sake Blok wrote:
> Hi,
> 
> At the moment I'm looking into a problem that James Small has reported
> on the users-list:
> 
> http://www.wireshark.org/lists/wireshark-users/200704/msg00047.html
> 
> Although the problem seems to be a non-functional re-assembly of
> the SSL packets when they are proxied. I will take some time to
> get familiar with the re-assembly code in wireshark...
> 
> While looking into the http-dissector I improved a few things on
> how it dissects a proxy CONNECT session. This is what I have changed:
> 
> - added the fields hf_http_proxy_connect_host and -port
> 
> - changed proto_tree_add_text to proto_tree_add_string and -uint
>   so that it's possible to filter on them
> 
> - make these two fields "PROTO_ITEM_SET_GENERATED"
> 
> - removed the alteration of the ports within pinfo, now the
>   ports in the column info are not changed to the port used to 
>   connect to the backend server. It is now possible to use 
>   follow-tcp-stream again on proxied ssl sessions.
> 
> The patch has been tested on FC4.
> 
> Could someone review this patch?
> 
> Cheers,
> 
> 
> Sake


> _______________________________________________
> Wireshark-dev mailing list
> [email protected]
> http://www.wireshark.org/mailman/listinfo/wireshark-dev