I created a general Oracle protocol page, since I've not been able to find much to cleanly distinguish the different protocols that apparently get lumped into the Oracle family.
http://wiki.wireshark.org/Oracle Dissector was removed from the source tree in r48349 after being attached (with appropriate warnings) to the wiki page. On Sat, Mar 16, 2013 at 10:49 PM, Guy Harris <[email protected]> wrote: > > On Mar 16, 2013, at 7:17 PM, Evan Huus <[email protected]> wrote: > >> packet-sqloracle.c is currently not being built (not listed in either >> Makefile.common or CMakeLists.txt). >> >> It was mentioned in bug #8449 because Moshe noticed that it had a >> really egregious buffer overflow condition while doing random code >> review. >> >> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8449 >> >> Having taken a look at the dissector, it is an absolute mess. Tons of >> obvious bugs, bad practices, etc. There is no way it would be accepted >> as a patch, were it filed new today (and nobody seems to know who >> wrote it anyways). >> >> So, since nobody has complained about the fact that it's disabled, and >> it looks like nearly as much work to rewrite as it is to fix, I'm >> happy just removing it completely. > > I presume it's intended to dissect whatever protocol Oracle uses to send SQL > over the wire, probably encapsulated on top of TNS. > > Some poking around the Web found > > http://packetpushers.net/sqlnet-a-k-a-oracle-tns-and-firewalls/ > > which says a bit about how TNS works but just speaks of SQL being transported > atop it, with no other details of how that's done (or of whether services > *other* than SQL are transported over TNS or how you identify the service). > > I saw some stuff referring to an Oracle "net8" or "Net8" protocol - perhaps > that's version 8 of their SQL protocol - and a Google search for > > net8 protocol > > found, among other thing: > > http://www.pythian.com/blog/repost-oracle-protocol/ > > which doesn't *look* as if it's TNS, so it might be what runs atop TNS, or > might be an alternative to TNS, or.... > > It spoke of "TTCCode"s; Googling for "TTCCode" found some stuff and a lot of > irrelevant stuff, and Googling for > > TTCCode TTIPro > > found various bits of stuff for Java packages with names starting with > "oracle.jdbc", which *might* be Java code that puts Oracle SQL on the wire. > > This book: > > http://www.amazon.com/The-Oracle-Hackers-Handbook-ebook/dp/B000SEIC3K > > looks as if it has some protocol details as well. > > Oracle has some information at > > > http://docs.oracle.com/cd/A87860_01/doc/network.817/a76933/architec.htm > > but that's more of a software stack description than a protocol stack > description. > > The source file in question might have some useful information in combination > with various other bits of information about Net8/SQL*Net/TTC-7/whatever the > heck the name or names of the protocols are; perhaps either: > > it should be renamed as "oracle_sql.txt" with a huge comment saying > "this code is crap, but it might be one source of useful protocol information > in case anybody wants to make an Oracle SQL dissector" and left in the tree; > > we should create an "OracleSQL" page on the Wiki with that file as an > attachment and various links for the benefit of anybody trying to write an > Oracle SQL dissector; > > we should file a bug in Bugzilla saying "we need to dissect Oracle > SQL messages" and make that file an attachment. > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
