---- On Thu, 10 May 2012 10:26:46 -0600 Tobias Weiss wrote ----
>I'm using conversation tracking and ran into an issue. My code looks like this (as suggested in the README.developer):
>
>conv = find_conversation(pinfo->fd->num,
> &pinfo->src,
> &pinfo->dst,
> pinfo->ptype,
> pinfo->srcport,
> pinfo->destport,
> 0);
>
>if(conv != NULL) { get conversation data }
>else { create conversation data with se_alloc() and add it to the conversation }
>
>When the dissectors main function is called for the first time, find_conversation() returns a non-null pointer! As far as I understood it should return 0 as conversation_new() was never called for this address/port combination yet. What am I missing here?
Using a dissector I wrote, packet-exec.c, as an example, I first called find_or_create_conversation(), then conversation_get_proto_data() and then check the return of that second function to see if I need to create the data:
conversation = find_or_create_conversation(pinfo);
/* Retrieve information from conversation
* or add it if it isn't there yet
*/
hash_info = conversation_get_proto_data(conversation, proto_exec);
if(!hash_info){
hash_info = se_alloc(sizeof(exec_hash_entry_t));
<<< set the variables here >>>
conversation_add_proto_data(conversation, proto_exec, hash_info);
}
