Re: "[UNVERIFIED SENDER]Re: "[UNVERIFIED SENDER]Re: Hierarchy of fields & offsets

["Sultan, Hassan via Wireshark-dev" <wireshark-dev () wireshark org>]

> -----Original Message-----
> From: Guy Harris [mailto:guy () alum mit edu]
> Sent: Tuesday, July 25, 2017 7:06 PM
> To: Sultan, Hassan <sultah () amazon com>
> Cc: Developer support list for Wireshark <wireshark-dev () wireshark org>
> Subject: "[UNVERIFIED SENDER]Re: "[UNVERIFIED SENDER]Re: [Wireshark-dev]
> Hierarchy of fields & offsets
>
> On Jul 25, 2017, at 5:58 PM, Sultan, Hassan <sultah () amazon com> wrote:
...
> For people in the former group, the right way to do the field would be as an
> FT_NONE, with the three items underneath it, and with the FT_NONE item being
> composed of two disconnected ranges.  The blob data itself could just be
> dissected as NTLMSSP or GSSAPI, without an FT_BYTES field; the top-level
> protocol item should have all the blob's data in it.
>
> For people in the latter group, the right way to do it would be to have separate
> fields for the length and offset, not under the item for the security blob, with the
> security blob as a separate item - which, again, could just be NTLMSSP or
> GSSAPI, without an FT_BYTES field.

Ok cool, would anyone object if I submitted a patch moving them out of the blob ?

Thanks,

Hassan
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe