2 # -*- coding: utf-8 -*-
4 # By Gerald Combs <gerald@wireshark.org>
6 # Ported from a set of Bash scripts which were copyright 2005 Ulf Lamping
8 # SPDX-License-Identifier: GPL-2.0-or-later
10 '''Dissection tests'''
17 class case_dissect_http2(subprocesstest.SubprocessTestCase):
18 def test_http2_data_reassembly(self):
19 '''HTTP2 data reassembly'''
20 if not config.have_nghttp2:
21 self.skipTest('Requires nghttp2.')
22 capture_file = os.path.join(config.capture_dir, 'http2-data-reassembly.pcap')
23 key_file = os.path.join(config.key_dir, 'http2-data-reassembly.keys')
24 self.runProcess((config.cmd_tshark,
26 '-o', 'tls.keylog_file: {}'.format(key_file),
27 '-d', 'tcp.port==8443,tls',
28 '-Y', 'http2.data.data matches "PNG" && http2.data.data matches "END"',
31 self.assertTrue(self.grepOutput('DATA'))
33 class case_dissect_tcp(subprocesstest.SubprocessTestCase):
34 def check_tcp_out_of_order(self, extraArgs=[]):
35 capture_file = os.path.join(config.capture_dir, 'http-ooo.pcap')
36 self.runProcess([config.cmd_tshark,
38 '-otcp.reassemble_out_of_order:TRUE',
42 self.assertEqual(self.countOutput('HTTP'), 5)
43 # TODO PDU /1 (segments in frames 1, 2, 4) should be reassembled in
44 # frame 4, but it is currently done in frame 6 because the current
45 # implementation reassembles only contiguous segments and PDU /2 has
46 # segments in frames 6, 3, 7.
47 self.assertTrue(self.grepOutput(r'^\s*6\s.*PUT /1 HTTP/1.1'))
48 self.assertTrue(self.grepOutput(r'^\s*7\s.*GET /2 HTTP/1.1'))
49 self.assertTrue(self.grepOutput(r'^\s*10\s.*PUT /3 HTTP/1.1'))
50 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /4 HTTP/1.1'))
51 self.assertTrue(self.grepOutput(r'^\s*15\s.*PUT /5 HTTP/1.1'))
53 def test_tcp_out_of_order_onepass(self):
54 self.check_tcp_out_of_order()
56 @unittest.skip("MSP splitting is not implemented yet")
57 def test_tcp_out_of_order_twopass(self):
58 self.check_tcp_out_of_order(extraArgs=['-2'])
60 def test_tcp_out_of_order_twopass_with_bug(self):
61 # TODO fix the issue below, remove this and enable
62 # "test_tcp_out_of_order_twopass"
63 capture_file = os.path.join(config.capture_dir, 'http-ooo.pcap')
64 self.runProcess((config.cmd_tshark,
66 '-otcp.reassemble_out_of_order:TRUE',
71 self.assertEqual(self.countOutput('HTTP'), 3)
72 self.assertTrue(self.grepOutput(r'^\s*7\s.*PUT /1 HTTP/1.1'))
73 self.assertTrue(self.grepOutput(r'^\s*7\s.*GET /2 HTTP/1.1'))
74 # TODO ideally this should not be concatenated.
75 # Normally a multi-segment PDU (MSP) covers only a single PDU, but OoO
76 # segments can extend MSP such that it covers two (or even more) PDUs.
77 # Until MSP splitting is implemented, two PDUs are shown in a single
78 # packet (and in case of -2, they are only shown in the last packet).
79 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /3 HTTP/1.1'))
80 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /4 HTTP/1.1'))
81 self.assertTrue(self.grepOutput(r'^\s*15\s.*PUT /5 HTTP/1.1'))
83 def test_tcp_out_of_order_data_after_syn(self):
84 '''Test when the first non-empty segment is OoO.'''
85 capture_file = os.path.join(config.capture_dir, 'dns-ooo.pcap')
86 proc = self.runProcess((config.cmd_tshark,
88 '-otcp.reassemble_out_of_order:TRUE',
89 '-Y', 'dns', '-Tfields', '-edns.qry.name',
92 self.assertEqual(proc.stdout_str.strip(), 'example.com')