Wireshark PIDL generated dissectors

Matthieu Patou mat at samba.org
Sun Oct 6 02:29:50 MDT 2013

On 10/03/2013 08:04 PM, ronnie sahlberg wrote:
>> What do you propose?
> There is very little overlap between samba needs and wireshark needs for PIDL.
> It is probably better to continue running two separate forks of PIDL,
> one for samba and one for wireshark.
> Switching to samba PIDL seems to be a lot of work for miniscule gain.
> And who will do the work?
I don't know what is the samba PIDL and the wireshark PIDL.

For me there is only one pidl and it's in the samba repository. Then we 
have a 2 big use case:

* Samba
* Wireshark

No later than 3 days ago I did huge changes to the code for the 
Wireshark dissector so that it starts to be able to parse byte-pipe 
dce-rpc and also parse inline arrays so yes the development on pidl to 
generate more dissectors continue.

By the way I take the chance of this thread to underline that it's very 
hard to get the attention of the wireshark developpers to actually push 
patches (much harder than the Samba actually ...).

I'm not sure that your patch will apply cleanly on the current version 
on the NDR.pm for wireshark, I'll port it if needed in the Samba tree.

By the way it would be nice if other dev in wireshark understand the 
term "autogenerated" because I spotted  on the packet-dcerpc-frsrpc.c 
not less than 5 manual changes since the last time ronnie pushed the 
last version of the regenerated file:

commit c58d4ce28e00994ee54418c00ffddc3d1d701b21
Author: pascal <pascal at f5534014-38df-0310-8fa8-9805f1628bb7>
Date:   Sat Mar 2 22:54:39 2013 +0000

     From Ed Beroset via 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8416 :
     Remove C++ incompatibilities from most of the dcerpc code
     git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@48023 

commit 1e7435e4be8b92828974ff779dfff1bace76db2e
Author: morriss <morriss at f5534014-38df-0310-8fa8-9805f1628bb7>
Date:   Thu Sep 20 02:03:38 2012 +0000

     We always HAVE_CONFIG_H so don't bother checking whether we have it 
or not.
     git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@45017 

commit 85cfa7da0e396f6322b7ca5835354744d1f002be
Author: morriss <morriss at f5534014-38df-0310-8fa8-9805f1628bb7>
Date:   Wed Aug 8 03:28:02 2012 +0000

     Add SVN Id.
     git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@44323 

commit dc45bf2a9b3a9c8cfcd55ba3c639ea8a1d4c698f
Author: cmaynard <cmaynard at f5534014-38df-0310-8fa8-9805f1628bb7>
Date:   Sun Apr 29 23:39:55 2012 +0000

     Fix a clang warning due to 'type' not being initialized.
     git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@42341 

commit 15681f4c667c0778ff50eedb2eda9f97e5cbf270
Author: etxrab <etxrab at f5534014-38df-0310-8fa8-9805f1628bb7>
Date:   Mon Sep 12 14:30:41 2011 +0000

     Leading white space in the field descriptive name is not allowed.
     git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@38976 

At this stupid game, manual changes are pretty sure to lose, and if 
someone is not paying attention next regeneration will override the 
manual changes.

For thoses I already took care of them here:
http://comments.gmane.org/gmane.network.samba.cvs/78414 (changeset 

Last but not least I will grab the opportunity of having some wireshark 
devs listening to complain about the lack of feedback when publishing 
patches in wireshark's bugzilla.
I tried several time in the past to get  my patches for dce-rpc 
dissectors pushed and got no response my only way to get my patches was 
to get ronnie pushing them.
It would be nice if it wouldn't have to be that way because :
1) sometime ronnie also ignore my requests (I sent update last week but 
no feedback)
2) It's quite annoying to have fixes that we know are good and will 
result in a much better dissection but nobody can take advantage of them 
because they are not integrated in wireshark's source tree.

> On Thu, Oct 3, 2013 at 7:58 PM, Andrew Bartlett <abartlet at samba.org> wrote:
>> On Thu, 2013-10-03 at 19:44 -0700, ronnie sahlberg wrote:
>>> Cool.
>>> And we contact you when samba-PIDL no longer can generate compileable
>>> wireshark dissectors?
>> Contacting the Samba Team would seem to be the correct approach.
>> Given Matthieu was working on generated dissectors only last week, it
>> does not seem totally unreasonable.
>> What do you propose?
>> Andrew Bartlett
>> --
>> Andrew Bartlett
>> http://samba.org/~abartlet/
>> Authentication Developer, Samba Team           http://samba.org
>> Samba Developer, Catalyst IT                   http://catalyst.net.nz

Matthieu Patou
Samba Team

More information about the samba-technical mailing list