Added support for rtpproxy conversations (req/resp matching)

Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>

wireshark-0001-enable-Lua-support.patch

@@ -1,7 +1,7 @@
 From e8be5a7c24830ce686cec89dac060b3c0495b70e Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
 Date: Tue, 15 Dec 2009 08:36:27 +0000
-Subject: [PATCH 01/11] enable Lua support
+Subject: [PATCH 01/14] enable Lua support
 
 ---
  epan/wslua/template-init.lua | 2 +-

wireshark-0002-Customize-permission-denied-error.patch

@@ -1,7 +1,7 @@
 From a6168e1f1bdb639c0ffd15a5f4eed864814e0bce Mon Sep 17 00:00:00 2001
 From: Jan Safranek <jsafrane@redhat.com>
 Date: Fri, 26 Nov 2010 14:30:45 +0300
-Subject: [PATCH 02/11] Customize 'permission denied' error.
+Subject: [PATCH 02/14] Customize 'permission denied' error.
 
 Add Fedora-specific message to error output when dumpcap cannot be started
 because of permissions.

wireshark-0003-Load-correct-shared-object-name-in-python.patch

@@ -1,7 +1,7 @@
 From ec02325332d4e198b1ccd6955ed6a489a5a7c826 Mon Sep 17 00:00:00 2001
 From: Jan Safranek <jsafrane@redhat.com>
 Date: Thu, 9 Jun 2011 14:56:59 +0200
-Subject: [PATCH 03/11] Load correct shared object name in python.
+Subject: [PATCH 03/14] Load correct shared object name in python.
 
 This fixes following error message shown by wireshark/tshark when wireshark-devel
 was not installed:

wireshark-0004-fix-documentation-build-error.patch

@@ -1,7 +1,7 @@
 From 5dab288d99b6847ca5ecd98ae5bdb95402fa5cd0 Mon Sep 17 00:00:00 2001
 From: Peter Hatina <phatina@redhat.com>
 Date: Mon, 8 Apr 2013 13:03:24 +0200
-Subject: [PATCH 04/11] fix documentation build error
+Subject: [PATCH 04/14] fix documentation build error
 
 ---
  doc/asn2deb.pod | 1 +

wireshark-0005-fix-string-overrun-in-plugins-profinet.patch

@@ -1,7 +1,7 @@
 From 396979b80d273319cd69084e262567aae0024b25 Mon Sep 17 00:00:00 2001
 From: Peter Hatina <phatina@redhat.com>
 Date: Wed, 4 Sep 2013 10:03:57 +0200
-Subject: [PATCH 05/11] fix string overrun in plugins/profinet
+Subject: [PATCH 05/14] fix string overrun in plugins/profinet
 
 ---
  plugins/profinet/packet-dcom-cba.c | 2 +-

wireshark-0006-From-Peter-Lemenkov-via-https-bugs.wireshark.org-bug.patch

@@ -1,7 +1,7 @@
 From 3c9d2b8cefb0204bf2b83ac925e80e775945e57f Mon Sep 17 00:00:00 2001
 From: Evan Huus <eapache@gmail.com>
 Date: Sun, 18 Aug 2013 19:49:08 +0000
-Subject: [PATCH 06/11] From Peter Lemenkov via
+Subject: [PATCH 06/14] From Peter Lemenkov via
  https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8326
 
 Dissector for the Sippy RTPproxy controlling protocol. RTPproxy is a well-known

wireshark-0007-The-beginning-of-an-openflow-dissector.patch

@@ -1,7 +1,7 @@
 From 876cb9d160cd8cd4042cdc7a01981d0ae2dbee06 Mon Sep 17 00:00:00 2001
 From: Anders Broman <anders.broman@ericsson.com>
 Date: Thu, 11 Jul 2013 21:13:27 +0000
-Subject: [PATCH 07/11] The beginning of an openflow dissector.
+Subject: [PATCH 07/14] The beginning of an openflow dissector.
 
 svn path=/trunk/; revision=50513
 

wireshark-0008-adds-autoconf-macro-file.patch

@@ -1,7 +1,7 @@
 From 0422c8801690fa8dde284f4e8781f31d69b44326 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
 Date: Mon, 21 Dec 2009 11:19:39 +0000
-Subject: [PATCH 08/11] adds autoconf macro file
+Subject: [PATCH 08/14] adds autoconf macro file
 
 updated autoconf macros and pkgconfig file in wireshark-devel to reflect current config.h Resolves: #746655
 ---

wireshark-0009-Restore-Fedora-specific-groups.patch

@@ -1,7 +1,7 @@
 From f49769f56e1e6a22ca235e8f2b73337309ddcfa2 Mon Sep 17 00:00:00 2001
 From: Peter Lemenkov <lemenkov@gmail.com>
 Date: Fri, 13 Sep 2013 14:36:55 +0400
-Subject: [PATCH 09/11] Restore Fedora-specific groups
+Subject: [PATCH 09/14] Restore Fedora-specific groups
 
 Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
 ---

wireshark-0010-Add-pkgconfig-entry.patch

@@ -1,7 +1,7 @@
 From 224cd146ec71d0ff7bdff3e8d7707ca603220410 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Radek=20Vok=C3=A1l?= <rvokal@fedoraproject.org>
 Date: Thu, 17 Dec 2009 09:17:07 +0000
-Subject: [PATCH 10/11] Add pkgconfig entry
+Subject: [PATCH 10/14] Add pkgconfig entry
 
 ---
  Makefile.am     |  3 +++

wireshark-0011-Install-autoconf-related-file.patch

@@ -1,7 +1,7 @@
 From fa0c546efa38a9f112257b3b3a1be15ba4cb3d4b Mon Sep 17 00:00:00 2001
 From: Peter Lemenkov <lemenkov@gmail.com>
 Date: Fri, 13 Sep 2013 15:25:12 +0400
-Subject: [PATCH 11/11] Install autoconf-related file
+Subject: [PATCH 11/14] Install autoconf-related file
 
 ---
  Makefile.am           |   3 ++

wireshark-0013-Manual-backport-of-r52142-and-r52144-to-fix-collisio.patch

@@ -1,5 +1,17 @@
+From fc0f3e37918f727956df096fc301a0e62926c1c0 Mon Sep 17 00:00:00 2001
+From: Evan Huus <eapache@gmail.com>
+Date: Sun, 22 Sep 2013 16:42:21 +0000
+Subject: [PATCH 13/14] Manual backport of r52142 and r52144 to fix collision
+ between gluster defines and system header dirent.h
+
+svn path=/trunk-1.10/; revision=52173
+---
+ epan/dissectors/packet-gluster.h   | 18 +++++++++---------
+ epan/dissectors/packet-glusterfs.c | 18 +++++++++---------
+ 2 files changed, 18 insertions(+), 18 deletions(-)
+
 diff --git a/epan/dissectors/packet-gluster.h b/epan/dissectors/packet-gluster.h
-index f023f62..d0d4651 100644
+index e3c43d1..fc69e6c 100644
 --- a/epan/dissectors/packet-gluster.h
 +++ b/epan/dissectors/packet-gluster.h
 @@ -356,15 +356,15 @@ enum gf_fop_procnum {
@@ -28,7 +40,7 @@ index f023f62..d0d4651 100644
  
  
 diff --git a/epan/dissectors/packet-glusterfs.c b/epan/dissectors/packet-glusterfs.c
-index 5f18258..299e783 100644
+index 56f9093..29ff0dc 100644
 --- a/epan/dissectors/packet-glusterfs.c
 +++ b/epan/dissectors/packet-glusterfs.c
 @@ -2002,15 +2002,15 @@ static value_string_ext glusterfs3_1_fop_proc_vals_ext = VALUE_STRING_EXT_INIT(g
@@ -56,3 +68,6 @@ index 5f18258..299e783 100644
  	{ 0, NULL }
  };
  static value_string_ext glusterfs_entry_type_names_ext = VALUE_STRING_EXT_INIT(glusterfs_entry_type_names);
+-- 
+1.8.3.1
+

wireshark-0014-Added-basic-conversation-support.patch

@@ -0,0 +1,178 @@
+From af2f5b8cf5af44ab721ff55b3fd826d3067fe3b4 Mon Sep 17 00:00:00 2001
+From: Peter Lemenkov <lemenkov@gmail.com>
+Date: Tue, 1 Oct 2013 13:35:57 +0400
+Subject: [PATCH 14/14] Added basic conversation support
+
+Loosely based on a work done by Pascal Quantin <pascal.quantin@gmail.com> (see
+svn rev. 52306).
+
+This was backported from master. See this link for the original patch:
+
+https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9211
+
+Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
+---
+ epan/dissectors/packet-rtpproxy.c | 84 +++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 84 insertions(+)
+
+diff --git a/epan/dissectors/packet-rtpproxy.c b/epan/dissectors/packet-rtpproxy.c
+index 7148d58..9f271b1 100644
+--- a/epan/dissectors/packet-rtpproxy.c
++++ b/epan/dissectors/packet-rtpproxy.c
+@@ -32,6 +32,7 @@
+ 
+ #include <epan/packet.h>
+ #include <epan/prefs.h>
++#include <epan/conversation.h>
+ 
+ static int proto_rtpproxy = -1;
+ 
+@@ -60,6 +61,19 @@ static int hf_rtpproxy_reply = -1;
+ static int hf_rtpproxy_version_request = -1;
+ static int hf_rtpproxy_version_supported = -1;
+ 
++/* Request/response tracking */
++static int hf_rtpproxy_request_in = -1;
++static int hf_rtpproxy_response_in = -1;
++
++typedef struct _rtpproxy_info {
++	guint32 req_frame;
++	guint32 resp_frame;
++} rtpproxy_info_t;
++
++typedef struct _rtpproxy_conv_info {
++	emem_tree_t *trans;
++} rtpproxy_conv_info_t;
++
+ static const value_string commandtypenames[] = {
+ 	{ 'V', "Handshake/Ping" },
+ 	{ 'v', "Handshake/Ping" },
+@@ -150,6 +164,33 @@ rtpptoxy_add_tag(proto_tree *rtpproxy_tree, tvbuff_t *tvb, guint begin, guint re
+ 	return (end == realsize ? -1 : (gint)end);
+ }
+ 
++void
++rtpproxy_add_tid(gboolean is_request, tvbuff_t *tvb, packet_info *pinfo, proto_tree *rtpproxy_tree, rtpproxy_conv_info_t *rtpproxy_conv, gchar* cookie)
++{
++	rtpproxy_info_t *rtpproxy_info;
++	proto_item *pi;
++
++	if (!PINFO_FD_VISITED(pinfo)) {
++		if (is_request){
++			rtpproxy_info = se_new(rtpproxy_info_t);
++			rtpproxy_info->req_frame = PINFO_FD_NUM(pinfo);
++			rtpproxy_info->resp_frame = 0;
++			se_tree_insert_string(rtpproxy_conv->trans, cookie, rtpproxy_info, 0);
++		} else {
++			rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
++			if (rtpproxy_info) {
++				rtpproxy_info->resp_frame = PINFO_FD_NUM(pinfo);
++			}
++		}
++	} else {
++		rtpproxy_info = (rtpproxy_info_t *)se_tree_lookup_string(rtpproxy_conv->trans, cookie, 0);
++		if (rtpproxy_info && (is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame)) {
++			pi = proto_tree_add_uint(rtpproxy_tree, is_request ? hf_rtpproxy_response_in : hf_rtpproxy_request_in, tvb, 0, 0, is_request ? rtpproxy_info->resp_frame : rtpproxy_info->req_frame);
++			PROTO_ITEM_SET_GENERATED(pi);
++		}
++	}
++}
++
+ static void
+ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ {
+@@ -161,6 +202,9 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 	guint8* rawstr;
+ 	proto_item *ti;
+ 	proto_tree *rtpproxy_tree;
++	conversation_t *conversation;
++	rtpproxy_conv_info_t *rtpproxy_conv;
++	gchar* cookie = NULL;
+ 
+ 	/* Clear out stuff in the info column - we''l set it later */
+ 	col_clear(pinfo->cinfo, COL_INFO);
+@@ -171,6 +215,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 	/* Extract Cookie */
+ 	offset = tvb_find_guint8(tvb, offset, -1, ' ');
+ 	proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_cookie, tvb, 0, offset, ENC_ASCII | ENC_NA);
++	cookie = tvb_get_ephemeral_string(tvb, 0, offset);
+ 
+ 	/* Skip whitespace */
+ 	offset = tvb_skip_wsp(tvb, offset+1, -1);
+@@ -188,6 +233,15 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 	else
+ 		col_set_str(pinfo->cinfo, COL_PROTOCOL, "RTPproxy (no LF)");
+ 
++	/* Try to create conversation */
++	conversation = find_or_create_conversation(pinfo);
++	rtpproxy_conv = (rtpproxy_conv_info_t *)conversation_get_proto_data(conversation, proto_rtpproxy);
++	if (!rtpproxy_conv) {
++		rtpproxy_conv = se_new(rtpproxy_conv_info_t);
++		rtpproxy_conv->trans = se_tree_create_non_persistent(EMEM_TREE_TYPE_RED_BLACK, "rtpproxy transactions");;
++		conversation_add_proto_data(conversation, proto_rtpproxy, rtpproxy_conv);
++	}
++
+ 	/* Get payload string */
+ 	rawstr = tvb_get_ephemeral_string(tvb, offset, realsize - offset);
+ 
+@@ -198,6 +252,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 		case 's':
+ 			/* A specific case - long statistics answer */
+ 			/* %COOKIE% sessions created %NUM0% active sessions: %NUM1% */
++			rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ 			if ('e' == tvb_get_guint8(tvb, offset+1)){
+ 				col_add_fstr(pinfo->cinfo, COL_INFO, "Reply: %s", rawstr);
+ 				ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_reply, tvb, offset, -1, ENC_NA);
+@@ -216,6 +271,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 		case 'r':
+ 		case 'c':
+ 		case 'q':
++			rtpproxy_add_tid(TRUE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ 			col_add_fstr(pinfo->cinfo, COL_INFO, "Request: %s", rawstr);
+ 			ti = proto_tree_add_item(rtpproxy_tree, hf_rtpproxy_request, tvb, offset, -1, ENC_NA);
+ 			rtpproxy_tree = proto_item_add_subtree(ti, ett_rtpproxy_request);
+@@ -358,6 +414,7 @@ dissect_rtpproxy(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
+ 		case '7':
+ 		case '8':
+ 		case '9':
++			rtpproxy_add_tid(FALSE, tvb, pinfo, rtpproxy_tree, rtpproxy_conv, cookie);
+ 			if (tmp == 'e')
+ 				col_add_fstr(pinfo->cinfo, COL_INFO, "Error reply: %s", rawstr);
+ 			else
+@@ -728,6 +785,33 @@ proto_register_rtpproxy(void)
+ 				HFILL
+ 			}
+ 		},
++		{
++			&hf_rtpproxy_request_in,
++			{
++				"Request In",
++				"rtpproxy.request_in",
++				FT_FRAMENUM,
++				BASE_NONE,
++				NULL,
++				0x0,
++				NULL,
++				HFILL
++			}
++
++		},
++		{
++			&hf_rtpproxy_response_in,
++			{
++				"Response In",
++				"rtpproxy.response_in",
++				FT_FRAMENUM,
++				BASE_NONE,
++				NULL,
++				0x0,
++				NULL,
++				HFILL
++			}
++		}
+ 	};
+ 
+ 	/* Setup protocol subtree array */
+-- 
+1.8.3.1
+

wireshark.spec

@@ -21,7 +21,7 @@
 Summary:	Network traffic analyzer
 Name:		wireshark
 Version:	1.10.2
-Release:	7%{?dist}
+Release:	8%{?dist}
 License:	GPL+
 Group:		Applications/Internet
 Source0:	http://wireshark.org/download/src/%{name}-%{version}.tar.bz2
@@ -47,7 +47,11 @@ Patch10:	wireshark-0010-Add-pkgconfig-entry.patch
 Patch11:	wireshark-0011-Install-autoconf-related-file.patch
 # Fedora-specific
 Patch12:	wireshark-0012-tmp-dir.patch
-Patch13:	wireshark-0013-dirent-symbols-clash.patch
+# Backported from upstream. See also https://bugzilla.redhat.com/1007139
+Patch13:	wireshark-0013-Manual-backport-of-r52142-and-r52144-to-fix-collisio.patch
+# Backported to 1.10.0 from the patch from this ticket:
+# https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9211
+Patch14:	wireshark-0014-Added-basic-conversation-support.patch
 
 Url:		http://www.wireshark.org/
 BuildRequires:	libpcap-devel >= 0.9
@@ -155,6 +159,7 @@ and plugins.
 %patch11 -p1 -b .install_autoconf
 %patch12 -p1 -b .tmp_dir
 %patch13 -p1 -b .dirent_clash
+%patch14 -p1 -b .rtpproxy_conversations
 
 %build
 %ifarch s390 s390x sparcv9 sparc64
@@ -349,6 +354,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %{_datadir}/aclocal/*
 
 %changelog
+* Tue Oct 01 2013 Peter Lemenkov <lemenkov@gmail.com> - 1.10.0-8
+- Added support for rtpproxy conversations (req/resp matching)
+
 * Tue Sep 24 2013 Peter Hatina <phatina@redhat.com> - 1.10.2-7
 - fix build error caused by symbols clash