Ethereal-dev: [Ethereal-dev] Suppport inhouse use

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Wed, 31 Aug 2005 14:00:12 +0200 (CEST)
Hi,

With the risk of getting flamed I want to float this idea. Currently
Ethereal can 'leak' information to the world by refering back to the Wiki
as online protocol reference. This is nice, but not so for proprietary
protocol dissectors. One careless, over zealous worker could create a
public page on it. How about registering a protocol dissector as
proprietary and block certain actions, like Wiki access, on it.

This is a code snippet I wipped together to do this.

>>epan/proto.c

int
proto_register_protocol(char *name, char *short_name, char *filter_name)
{
    ........

    /* Add this protocol to the list of known protocols; the list
       is sorted by protocol short name. */
    protocol = g_malloc(sizeof (protocol_t));
    protocol->name = name;
    protocol->short_name = short_name;
    protocol->filter_name = filter_name;
    protocol->fields = NULL;
    protocol->is_enabled = TRUE; /* protocol is enabled by default */
    protocol->can_toggle = TRUE;
    /* list will be sorted later by name, when all protocols completed registering */
    protocols = g_list_append(protocols, protocol);

    /* Here we do allocate a new header_field_info struct */
    hfinfo = g_mem_chunk_alloc(gmc_hfinfo);
    hfinfo->name = name;
    hfinfo->abbrev = filter_name;
    hfinfo->type = FT_PROTOCOL;
    hfinfo->strings = protocol;
    hfinfo->bitmask = 0;
    hfinfo->bitshift = 0;
    hfinfo->ref_count = 0;
    hfinfo->blurb = "";
    hfinfo->parent = -1; /* this field differentiates protos and fields */
+   hfinfo->proprietary = FALSE;

    proto_id = proto_register_field_init(hfinfo, hfinfo->parent);
    protocol->proto_id = proto_id;
    return proto_id;
}

+int
+proto_register_proprietary_protocol(char *name, char *short_name, char *filter_name)
+{
+   int proto_id = proto_register_protocol(name, short_name, filter_name);
+   protocol_t *protocol = find_protocol_by_id(proto_id);
+
+   if (!((protocol == NULL) || (protocol->fields == NULL))) {
+       protocol->fields->data->hinfo->proprietary = TRUE;
+   }
+
+   return proto_id;
+}

>>gtk/main.c

void
selected_ptree_info_cb(GtkWidget *widget _U_, gpointer data _U_)
{
    int field_id;
    gchar *proto_abbrev;
+   gboolean proto_proprietary;
    gpointer  dialog;

    if (cfile.finfo_selected) {
        /* convert selected field to protocol abbreviation */
        /* XXX - could this conversion be simplified? */
        field_id = cfile.finfo_selected->hfinfo->id;
        /* if the selected field isn't a protocol, get it's parent */
        if(!proto_registrar_is_protocol(field_id)) {
            field_id = proto_registrar_get_parent(cfile.finfo_selected->hfinfo->id);
        }

        proto_abbrev = proto_registrar_get_abbrev(field_id);
+       proto_proprietary = proto_registrar_get_proprietary(field_id);

+       /* Filter out proprietary protocols */
+       if (proto_proprtetary)
+            /* appologize to the user that the wiki page cannot be opened */
+           dialog = simple_dialog(ESD_TYPE_CONFIRMATION, ESD_BTN_CANCEL,
+           .........
+       } else {
            /* ask the user if the wiki page really should be opened */
            dialog = simple_dialog(ESD_TYPE_CONFIRMATION, ESD_BTNS_OK_CANCEL,
            .........
+       }
    ........
}

Let me hear what you think,
(running for cover)
Jaap