Re: Passing information to a sub dissector

[Richard Sharpe <realrichardsharpe () gmail com>]

On Thu, Feb 17, 2022 at 8:54 AM Jérôme HAMM
<jerome.hamm () planete-sciences org> wrote:
> Hi
>
> What is the return value of the main dissector function (the one that gets registered with register_dissector) 
> supposed to be?

I don't know :-)

> What is supposed to be in its void* data parameter? (I checked the doc but didn't find an answer)

I believe that this is supposed to be an agreement between the caller
and the dissectors behind the dissector table, if that is what you are
referring to. Have a look at the IEEE802.11 dissector for some
example. Hmmm, on second thoughts, it is so damn large that you might
struggle to find any useful info.

Have a look at add_tag_relay_capabilities in that dissector. The
caller sets up the data structure how it wants to and the called
function has to know that.

> Is there a standard way to pass data to a sub-dissector (for example, two sftp streams could be opened in the same 
> ssh session, how do I tell the subdissector with which "conversation" it should work)?

Conversation info should probably be in the pinfo, but if not, pass in
enough info to find the conversation.

-- 
Regards,
Richard Sharpe
(何以解憂？唯有杜康。--曹操)(传说杜康是酒的发明者)
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe