https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7014
Summary: Dissector submission for ActiveMQ OpenWire protocol
Product: Wireshark
Version: 1.6.6
Platform: All
OS/Version: All
Status: NEW
Severity: Enhancement
Priority: Low
Component: Wireshark
AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
ReportedBy: metatechbe@xxxxxxxxx
metatech <metatechbe@xxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #8117| |review_for_checkin?
Flags| |
Created attachment 8117
--> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=8117
First implementation of packet-openwire.c
Build Information:
NA
--
Here is a dissector for ActiveMQ OpenWire protocol.
A few words about the protocol :
OpenWire has two wire formats :
- "loose" : more verbose, less CPU-intensive, less network-intensive (1-pass)
- "tight" : more compact, more CPU-intensive, more network-intensive (2-pass)
This dissector only supports the "loose" syntax, which is not the default.
This dissector only supports version 6 of the protocol.
It can be changed on the broker in the activemq.xml file by specifying
"tightEncodingEnabled=false" :
There is a sample capture uploaded on the Wiki :
http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=openwire_sample.tar.gz
It contains 3 variants of the protocol :
1. "loose" and "nocache"
2. "loose" and "cache"
3. "tight" and "cache"
I performed 3000 runs of fuzz testing with success.
Patch was tested against Wireshark 1.6.5 and 1.6.6.
Please review.
Thanks.
metatech
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.