Wireshark-dev: Re: [Wireshark-dev] Adding verification functionality to SIP dissector

From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Thu, 23 Feb 2017 12:49:51 -0800
On Feb 23, 2017, at 11:56 AM, Erik de Jong <erikdejong@xxxxxxxxx> wrote:

> During my day job I have noticed that sometimes combinations of certain platforms have trouble dealing with SIP digest authorization. Reasons for this range from bugs in the SIP stack to wrong escapes for special characters in configuration files generated for automated set provisioning. I have written a Lua script that will allow me to enter credentials and check if the digest hash in a SIP authorization line is indeed the correct hash for those credentials.
> I've written a proof of concept where this functionality is added to the SIP dissector itself and I'm wondering whether this is appropriate to submit for review or that these kind of diagnostics are better left in an external script as it is not really a dissection of the packet.

1) We already do validation of checksums in dissectors.

2) Wireshark is a packet *analyzer*, not a packet *dissector*.

So there's no reason *not* to do digest hash checks in Wireshark, and if the dissector is the best place, there's no reason not to do them there.