Hi, I think there is a demand to dissect http2 traffic where all packets in a session is not captured. This is currently not possible. As the http2 protocol creates dynamic data for compression/decompression and if the packet adding a new index to the index table is not Present then that header element can not be decoded in the packet(s) where it occurs. Also the nghttp2 library stops processing the Header and is left in an error state(I think). I have modified the nghttp2 code to handle unknown indexes https://github.com/nghttp2/nghttp2/pull/1467 and modified Wireshark to use it https://code.wireshark.org/review/#/c/37203/ as this pull request is not yet accepted and of course no nghttp2 release including it exists, there is a problem to get this functionality. Could we roll our own windows version of nghttp2 as a start? I have built a modified library for my tests. Suggestions on how to proceed? For 5G who is a heavy user of http2 I think the ability to decode payloads are essential and this is a first step to fix that. Regards Anders |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
