Couple of thoughts from a quick skim of the code/git history: 1. I presume giop_complete_request_list is for matching request/reply. Grepping its use will probably give you some clues as to where to look. 2. I'd recommend using the latest dev branch (master or at least master-2.0). Any fixes you find would need to be applied there (master) first and then backported to 1.12 (and 2.0) 3. It's possible some work was already done related to this (see bug 11123 in Bugzilla). There have also been other GIOP dissector improvements since 1.12. -----Original Message----- From: Andy Ling <andy.l...@s-a-m.com> To: 'wireshark-dev@wireshark.org' <wireshark-dev@wireshark.org> Sent: Fri, Oct 30, 2015 10:27 am Subject: [Wireshark-dev] GIOP dissector reply decode
I’m currently using Wireshark 1.12.5 built on Windows 7 using Visual C++ 12 I am adding a GIOP plugin for our internal IDL using the following command to generate the plugin C code C:\Python27\omniorb\omniORB-4.1.6\bin\x86_win32\omniidl.exe -p d:\wireshark-1.12.5\tools -b wireshark_be Q_Quentin.idl > packet-q_quentin.c I am finding that the dissector is getting confused when trying to decode replies. It looks like it is only checking the GIOP request ID to determine which request a reply is for. So when there are multiple machines making requests, the same request ID can get used for different requests. When this happens the replies can get decoded wrongly. In fact multiple threads from a single source IP can use the same GIOP request ID on different ports. This can confuse the reply decode too. I have had a quick look through the dissector code and can’t work out what is doing this. So can someone point me in the right direction and maybe give me some clues about where and whether this can be fixed. Regards Andy Ling This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
