After looking at this, I'd have to say the DTLS decryption test is "flawed". It sets up a key to decifer traffic as HTTP, but it's not really HTTP, it's just a bunch of ASCII strings. I can change it to any of the valid dissectors and presuming the DTLS decyption is done correctly (which I presume is the real point of this test), that protocol will attempt to be dissected in the subsequent frames (and be caught by that protocol's filter).
Ideas on the best way to fix this so I can restore removing the "bogus" HTTP tree when it's not really HTTP?
-----Original Message-----
From: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
To: Developer support list for Wireshark <wireshark-dev@xxxxxxxxxxxxx>
Sent: Wed, Apr 23, 2014 3:06 am
Subject: Re: [Wireshark-dev] [Wireshark-commits] master fc5d8db: Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus tree is created when HTTP2 traffic is found.
On Wed, Apr 23, 2014 at 4:20 AM, Evan Huus <eapache@xxxxxxxxx> wrote:
> The DTLS decryption test has been failing for the last few days
> because of this. Not sure what the relation is, but...
When try to look the output of DTLS decryption test, it is empty (and
use HTTP filter..)
env $TS_DC_ENV $TSHARK $TS_DC_ARGS \
-Tfields -e data.data \
-r "$CAPTURE_DIR/snakeoil-dtls.pcap" -Y http \
| grep "69:74:20:77:6f:72:6b:20:21:0a" >
>
> On Sun, Apr 20, 2014 at 8:40 AM, Wireshark code review
> <code-review-do-not-reply@xxxxxxxxxxxxx> wrote:
>> URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=fc5d8db74dc473610b9fc6c0c4b571d4aa65264a
>> Submitter: Michael Mann (mmann78@xxxxxxxxxxxx)
>> Changed: branch: master
>> Repository: wireshark
>>
>> Commits:
>>
>> fc5d8db by Michael Mann (mmann78@xxxxxxxxxxxx):
>>
>> Create the HTTP tree after we're assured it's HTTP. Otherwise a bogus
tree is created when HTTP2 traffic is found.
>>
>> Change-Id: Ic315ed9b7d65fe70401945cb0cceda4af863d140
>> Reviewed-on: https://code.wireshark.org/review/1215
>> Reviewed-by: Alexis La Goutte <alexis.lagoutte@xxxxxxxxx>
>> Reviewed-by: Michael Mann <mmann78@xxxxxxxxxxxx>
>>
>>
>> Actions performed:
>>
>> from d0489f2 Clean up white space (replace tabs with 4 spaces).
>> adds fc5d8db Create the HTTP tree after we're assured it's HTTP.
Otherwise a bogus tree is created when HTTP2 traffic is found.
>>
>>
>> Summary of changes:
>> epan/dissectors/packet-http.c | 11 ++++++-----
>> 1 file changed, 6 insertions(+), 5 deletions(-)
>> ___________________________________________________________________________
>> Sent via: Wireshark-commits mailing list <wireshark-commits@xxxxxxxxxxxxx>
>> Archives: http://www.wireshark.org/lists/wireshark-commits
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-commits
>> mailto:wireshark-commits-request@xxxxxxxxxxxxx?subject=unsubscribe
> ___________________________________________________________________________
> Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe
