我正在尝试为Google QUIC编写解剖器。我目前的执行方式存在三个问题。
这是图层的部分定义:
class gQUIC(Packet):
name = "gQUIC"
fields_desc = [ BitField("reserved", 0, 1)
Bitfield("multipath", 0, 1),
BitFieldLenField("packet_number_length", 1, 2,
length_of="packet_number"),
BitField("cid_present", 1, 1)
BitField("diversification_nonce_present", 0, 1),
BitField("reset", 0, 1),
BitField("version_present", 0, 1)
...
ConditionalField(
ByteField("packet_number", 1),
lambda pkt: pkt.packet_number_length == 0),
ConditionalField(
LEShortField("packet_number", 1),
lambda pkt: pkt.packet_number_length == 1),
ConditionalField(
LEIntField("packet_number", 1),
lambda pkt: pkt.packet_number_length == 2),
ConditionalField(
LEIntLenField("packet_number", 1, 6),
lambda pkt: pkt.packet_number_length == 3),
...
class STOP_WAITING(Packet):
name = "STOP_WAITING"
fields_desc = [ ByteField("frame_type", 6),
ByteField("sent_entrpy", 0),
ByteField("least_unacked_delta", 0) ]
Google QUIC数据包可以定义为:
Ethernet()/IP()/UDP(sport=1111, dport=443)/gQUIC(version_present=1, cid_present=1, packet_number_length=1, ...)/STOP_WAITING(sent_entropy=1, least_unacked_delta=4)
关于上述代码,我有三个问题:
ConditionalField
packet_number_length field?frame_type类中的STOP_WAITING必须始终设置为6。
有没有办法指定这个?使用某些东西是错误的
像STOP_WAITING(frame_type=3)。least_unacked_delta的数据类型中
STOP_WAITING类与用于packet_number的类相同
在gQUIC中。有没有办法使用packet_number_length的值
从STOP_WAITING内部的上一层开始定义
least_unacked_delta?