Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ja4: Fix parsing of tshark --version output #165

Merged
merged 1 commit into from
Sep 10, 2024
Merged

ja4: Fix parsing of tshark --version output #165

merged 1 commit into from
Sep 10, 2024

Conversation

vvv
Copy link
Collaborator

@vvv vvv commented Sep 10, 2024
edited
Loading

Problem

cargo test fails on CI:

test tls::tests::test_client_stats_into_out ... ok
test test_insta ... FAILED

failures:

---- test_insta stdout ----
thread 'test_insta' panicked at ja4/src/lib.rs:233:34:
called `Result::unwrap()` on an `Err` value: ParseTsharkSemver(Error("unexpected character '.' after patch version number"))
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace


failures:
    test_insta

test result: FAILED. 16 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.15s

Analysis

The Rust ja4 app parses the output of tshark --version. The app expected the version number to be followed by a space, e.g. "TShark (Wireshark) 4.4.0 (v4.4.0-0-g009a163470b5).\n". It failed on "TShark (Wireshark) 4.4.0.\n".

Solution

Improve the parsing logic.

@vvv vvv self-assigned this Sep 10, 2024
@igr001-galactica igr001-galactica merged commit 126df0f into FoxIO-LLC:main Sep 10, 2024
9 checks passed
@vvv vvv deleted the fix-ci branch September 10, 2024 20:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@vvv vvv

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vvv @igr001-galactica