2 # -*- coding: utf-8 -*-
4 # By Gerald Combs <gerald@wireshark.org>
6 # Ported from a set of Bash scripts which were copyright 2005 Ulf Lamping
8 # SPDX-License-Identifier: GPL-2.0-or-later
10 '''Dissection tests'''
17 @fixtures.mark_usefixtures('test_env')
18 @fixtures.uses_fixtures
19 class case_dissect_http2(subprocesstest.SubprocessTestCase):
20 def test_http2_data_reassembly(self, cmd_tshark, features, dirs, capture_file):
21 '''HTTP2 data reassembly'''
22 if not features.have_nghttp2:
23 self.skipTest('Requires nghttp2.')
24 key_file = os.path.join(dirs.key_dir, 'http2-data-reassembly.keys')
25 self.runProcess((cmd_tshark,
26 '-r', capture_file('http2-data-reassembly.pcap'),
27 '-o', 'tls.keylog_file: {}'.format(key_file),
28 '-d', 'tcp.port==8443,tls',
29 '-Y', 'http2.data.data matches "PNG" && http2.data.data matches "END"',
31 self.assertTrue(self.grepOutput('DATA'))
33 @fixtures.mark_usefixtures('test_env')
34 @fixtures.uses_fixtures
35 class case_dissect_tcp(subprocesstest.SubprocessTestCase):
36 def check_tcp_out_of_order(self, cmd_tshark, dirs, extraArgs=[]):
37 capture_file = os.path.join(dirs.capture_dir, 'http-ooo.pcap')
38 self.runProcess([cmd_tshark,
40 '-otcp.reassemble_out_of_order:TRUE',
43 self.assertEqual(self.countOutput('HTTP'), 5)
44 # TODO PDU /1 (segments in frames 1, 2, 4) should be reassembled in
45 # frame 4, but it is currently done in frame 6 because the current
46 # implementation reassembles only contiguous segments and PDU /2 has
47 # segments in frames 6, 3, 7.
48 self.assertTrue(self.grepOutput(r'^\s*6\s.*PUT /1 HTTP/1.1'))
49 self.assertTrue(self.grepOutput(r'^\s*7\s.*GET /2 HTTP/1.1'))
50 self.assertTrue(self.grepOutput(r'^\s*10\s.*PUT /3 HTTP/1.1'))
51 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /4 HTTP/1.1'))
52 self.assertTrue(self.grepOutput(r'^\s*15\s.*PUT /5 HTTP/1.1'))
54 def test_tcp_out_of_order_onepass(self, cmd_tshark, dirs):
55 self.check_tcp_out_of_order(cmd_tshark, dirs)
57 @unittest.skip("MSP splitting is not implemented yet")
58 def test_tcp_out_of_order_twopass(self, cmd_tshark, dirs):
59 self.check_tcp_out_of_order(cmd_tshark, dirs, extraArgs=['-2'])
61 def test_tcp_out_of_order_twopass_with_bug(self, cmd_tshark, capture_file):
62 # TODO fix the issue below, remove this and enable
63 # "test_tcp_out_of_order_twopass"
64 self.runProcess((cmd_tshark,
65 '-r', capture_file('http-ooo.pcap'),
66 '-otcp.reassemble_out_of_order:TRUE',
70 self.assertEqual(self.countOutput('HTTP'), 3)
71 self.assertTrue(self.grepOutput(r'^\s*7\s.*PUT /1 HTTP/1.1'))
72 self.assertTrue(self.grepOutput(r'^\s*7\s.*GET /2 HTTP/1.1'))
73 # TODO ideally this should not be concatenated.
74 # Normally a multi-segment PDU (MSP) covers only a single PDU, but OoO
75 # segments can extend MSP such that it covers two (or even more) PDUs.
76 # Until MSP splitting is implemented, two PDUs are shown in a single
77 # packet (and in case of -2, they are only shown in the last packet).
78 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /3 HTTP/1.1'))
79 self.assertTrue(self.grepOutput(r'^\s*11\s.*PUT /4 HTTP/1.1'))
80 self.assertTrue(self.grepOutput(r'^\s*15\s.*PUT /5 HTTP/1.1'))
82 def test_tcp_out_of_order_data_after_syn(self, cmd_tshark, capture_file):
83 '''Test when the first non-empty segment is OoO.'''
84 proc = self.runProcess((cmd_tshark,
85 '-r', capture_file('dns-ooo.pcap'),
86 '-otcp.reassemble_out_of_order:TRUE',
87 '-Y', 'dns', '-Tfields', '-edns.qry.name',
89 self.assertEqual(proc.stdout_str.strip(), 'example.com')
git.samba.org / metze / wireshark / wip.git / blob