On Thu, Feb 17, 2022 at 8:54 AM Jérôme HAMM
<jerome.hamm@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> Hi
>
> What is the return value of the main dissector function (the one that gets registered with register_dissector) supposed to be?
I don't know :-)
> What is supposed to be in its void* data parameter? (I checked the doc but didn't find an answer)
I believe that this is supposed to be an agreement between the caller
and the dissectors behind the dissector table, if that is what you are
referring to. Have a look at the IEEE802.11 dissector for some
example. Hmmm, on second thoughts, it is so damn large that you might
struggle to find any useful info.
Have a look at add_tag_relay_capabilities in that dissector. The
caller sets up the data structure how it wants to and the called
function has to know that.
> Is there a standard way to pass data to a sub-dissector (for example, two sftp streams could be opened in the same ssh session, how do I tell the subdissector with which "conversation" it should work)?
Conversation info should probably be in the pinfo, but if not, pass in
enough info to find the conversation.
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)(传说杜康是酒的发明者)
