Open petersondrew opened 9 years ago
ashdnazg
commented
9 years ago Hmm, I was pretty sure WS reassembles the packets automatically and calls your protocol over the reassembled data, apparently this isn't so.
You can probably call the function directly from python using ctypes (through self._cal.wslib).
petersondrew
commented
9 years ago Thanks @ashdnazg. As some of the members I need access to (packet._p_ptvb, etc) are protected, would you be open to me adding a function to the Packet class to allow this sort of reassembly and submitting a PR?
ashdnazg
commented
9 years ago It's python, they're only 'protected' to mark that you shouldn't use them unless you know what you're doing :)
Regarding the PR, I don't think it can be added to the Packet class, as it needs to run before the entire dissection tree. When you call it from the packet, you probably force both length and dissection functions to be python functions, but these won't have an item dictionary or anything
I think the only solid way of implementing this is marking the length function in some way in the constructor (a new item? a field?). That will allow it to add the boilerplate code smartly in the C code and not break the entire flow of the items.
petersondrew
commented
9 years ago Yeah I figured as much, just didn't want to break too much intended encapsulation ;-)
As the message length is essentially an application level property, marking a FieldItem does make the most sense, I may submit a PR later.
Any ideas on how to accomplish this with pyreshark? https://www.wireshark.org/docs/wsdg_html_chunked/ChDissectReassemble.html#TcpDissectPdus Not sure if I'm missing something obvious or not.