|Main Archive Page > Month Archives > wireshark-dev archives|
I'm trying to add dissection of Kerberos encrypted HTTP sessions.
Mostly, it's OK (got the headers parsed correctly, would file a BZ for this
However, when I'm trying to work with the body, which is a MIME multipart,
it fails with exception.
The reason seems to be that it does not have the double CRLF which is
expected between headers and body of a MIME (?):
imf_find_field_end() seems to fail to find additional CRLF - before the
binary data (which is actually a Kerberos blob) appears.
Attached please find a small capture showing the problem - not sure who's
fault it is - or if it's fixable somehow in Wireshark.
See packet 8 (dissect as HTTP please).
Sent via: Wireshark-dev mailing list <email@example.com>