forked from osmocom/wireshark
![]() Previously users could only give a session key via uat:smb2_seskey_list:<id>,<seskey> which was used to generate the decryption keys, as long as the trace contained the session establishement. Users have often asked about how to decrypt traffic captured in the middle of an existing session but this wasn't possible. This commit extends uat:smb2_seskey_list with 2 extra columns to store decryption keys so that traffic can be decrypted at any point of the session. This has the side effect of changing the current syntax from: ... -o uat:smb2_seskey_list:<id>,<seskey> To: ... -o 'uat:smb2_seskey_list:<id>,<seskey>,"",""' (make sure the quoting is right) Change-Id: I810d464b6f3e749de39b4428d73e0d6be29f3152 Reviewed-on: https://code.wireshark.org/review/36135 Reviewed-by: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> |
||
---|---|---|
.. | ||
baseline | ||
captures | ||
config | ||
keys | ||
lua | ||
suite_dfilter | ||
suite_dissectors | ||
README.test | ||
conftest.py | ||
fixtures.py | ||
fixtures_ws.py | ||
hosts.custom | ||
hosts.global | ||
hosts.personal | ||
matchers.py | ||
sampleif.py | ||
subprocesstest.py | ||
suite_capture.py | ||
suite_clopts.py | ||
suite_decryption.py | ||
suite_dissection.py | ||
suite_extcaps.py | ||
suite_fileformats.py | ||
suite_follow.py | ||
suite_io.py | ||
suite_mergecap.py | ||
suite_nameres.py | ||
suite_outputformats.py | ||
suite_release.py | ||
suite_sharkd.py | ||
suite_text2pcap.py | ||
suite_unittests.py | ||
suite_wslua.py | ||
test.py | ||
travis-upload-artifacts.sh | ||
util_dump_dhcp_pcap.py |
README.test
Wireshark Tests The recommended steps to prepare for and to run tests: * Install two Python packages, pytest: `pip install pytest pytest-xdist` * Build programs (“wireshark”, “tshark”, etc.): `ninja` * Build additional programs for the “unittests” suite: `ninja test-programs` * Run tests in the build directory: `pytest` Replace `ninja test-programs` by `make test-programs` as needed. See the “Wireshark Tests” chapter of the Developer's Guide for details: https://www.wireshark.org/docs/wsdg_html_chunked/ChapterTests.html If you need to update the baseline files use the following commands (on a Linux system) mkdir ~/.config/wireshark/profiles/ctest TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap > test/baseline/dhcp.ek TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T json -r test/captures/dhcp.pcap > test/baseline/dhcp.json TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T jsonraw -r test/captures/dhcp.pcap > test/baseline/dhcp.jsonraw