Re: "Wireshark-dev: Re: using pinfo structure to save data after first iteration"

[Anders Broman <anders.broman () ericsson com>]

Hi,
Isn’t a SRTP packet in essence an RTP packet with encrypted payload? So I don’t see why it should be a problem to 
process the packet in packet-rtp.c
On the first pass.

Tip p_get_proto_data() can be used for per packet data. Are you using the development version as there seems to be some 
basic stuff for SRTP already in the dissector.
Regards
Anders

From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of koundinya 
poluri
Sent: den 30 juni 2015 11:28
To: wireshark-dev
Subject: [Wireshark-dev] "Wireshark-dev: Re: using pinfo structure to save data after first iteration"

Hi, Anders,

I had a similar idea on how it should be done.I wanted to save some srtp related data once you processs the packets 
first time like creating a context which carries the ssrc and keys so that it can relate the packets to keys using the 
ssrc.But unfortunately wireshark cant differentiate between a rtp packet and srtp packet so it just processes the srtp 
packet as an rtp packet and changes the visited flag to one.

So cant use that flag which is generally used to differentiate the first iteration from the next ones.So i tried to put 
my own flag in the pinfo structure and modify it,but that did not work, as it looks like pinfo structure is a READ ONLY 
structure from a dissector's point of view.So how do I differentiate between iterations??

Is my understanding correct ?If so what is the solution to my problem?Thanks!

Also I am using UAT for entering keys!

-koundinya

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe