Hi,
Can anyone give me a status on this patch?
Graeme
On 11/11/05, Graeme Lunt <graeme.lunt@xxxxxxxxx> wrote:
> Hi,
>
> Is this proposed patch still under review, or has it been missed or rejected?
>
> If the latter, any feedback?
>
> Thanks,
>
> Graeme
>
> > There are a number of circumstances when it useful to dissect an ASN.1 BER
> > encoded file.
> > For example, a X.509 certificate, a PKCS#12 file or a lump of X.400 content
> > from an MTA queue.
> >
> > So attached is patch for an ASN.1 BER capture file format.
> >
> > Briefly,
> >
> > * a file is determined to ASN.1 if
> > i) the first Tag is constructed and either a SET, SEQUENCE or
> > CONTEXT [<32]
> > ii) the associated Length matches the length of the file
> > (This algorithm may need to be tweaked.)
> >
> > * there is obviously only one "frame" which reflects the content of the file
> >
> > - the arrival time of the frame reflects the time on the file.
> >
> > * dissect_unknown_ber() has been significantly upgraded to handle arbitary
> > ASN.1
> >
> > * a heuristic based on the OIDs found in the ASN.1 has been added to see if
> > a better
> > dissection can be made. For example, if id-signedData is found, the ASN.1
> > can be
> > dissected as CMS.
> >
> > * the above heuristic can be turned off through a preference if it is making
> > the wrong
> > decision.
> >
> > The patch also includes a BER preference to allow the user to specify a file
> > that
> > contains OID information for OIDs that Ethereal hasn't already encoded.
> >
> > This is my first venture outside of dissectors, so let me know if I haven't
> > covered all the
> > bases for a new capture file format.
> >
> > Graeme
> >
> >
> >
>
