Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-commits: [Wireshark-commits] master 52a6671: wiretap: add read/write support for Decrypti

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Tue, 20 Nov 2018 05:12:43 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=52a667143929ace46929bfb6ad15b6a856cdbe77
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

52a6671 by Peter Wu (peter@xxxxxxxxxxxxx):

    wiretap: add read/write support for Decryption Secrets Block (DSB)
    
    Support reading and writing pcapng files with DSBs. A DSB may occur
    multiple times but should appear before packets that need those
    decryption secrets (so it cannot be moved to the end like NRB). The TLS
    dissector will be updated in the future to make use of these secrets.
    pcapng spec update: https://github.com/pcapng/pcapng/pull/54
    
    As DSBs may be interleaved with packets, do not even try to read it in
    pcapng_open (as is done for IDBs). Instead process them during the
    sequential read, appending them to the 'wtap::dsbs' array.
    
    Writing is more complicated, secrets may initially not be available when
    'wtap_dumper' is created. As they may become available in 'wtap::dsbs'
    as more packets are read, allow 'wtap_dumper::dsbs_growing' to reference
    this array. This saves every user from checking/dumping DSBs.
    
    If the wtap user needs to insert extra DSBs (while preserving existing
    DSBs), they can set the 'wtap_dumper::dsbs_initial' field.
    
    The test file was creating using a patched editcap (future patch) and
    combined using mergecap (which required a change to preserve the DSBs).
    
    Change-Id: I74e4ee3171bd852a89ea0f6fbae9e0f65ed6eda9
    Ping-Bug: 15252
    Reviewed-on: https://code.wireshark.org/review/30692
    Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
    Petri-Dish: Peter Wu <peter@xxxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  ad21e31   CMake: disable -Wmissing-field-initializers for broken compilers
     add  52a6671   wiretap: add read/write support for Decryption Secrets Block (DSB)


Summary of changes:
 epan/dissectors/file-pcapng.c  |  50 +++++++++++++-
 test/captures/tls12-dsb.pcapng | Bin 0 -> 10260 bytes
 test/keys/tls12-dsb-1.keys     |   2 +
 test/keys/tls12-dsb-2.keys     |   1 +
 test/suite_fileformats.py      |  47 +++++++++++++
 wiretap/CMakeLists.txt         |   1 +
 wiretap/file_access.c          |   4 ++
 wiretap/merge.c                |  33 ++++++++-
 wiretap/merge.h                |   1 +
 wiretap/pcapng.c               | 149 ++++++++++++++++++++++++++++++++++++++++-
 wiretap/pcapng.h               |   9 +++
 wiretap/pcapng_module.h        |   1 +
 wiretap/secrets-types.h        |  19 ++++++
 wiretap/wtap-int.h             |  21 ++++--
 wiretap/wtap.c                 |   5 ++
 wiretap/wtap.h                 |  25 +++++++
 wiretap/wtap_opttypes.c        |  36 ++++++++++
 wiretap/wtap_opttypes.h        |   1 +
 18 files changed, 394 insertions(+), 11 deletions(-)
 create mode 100644 test/captures/tls12-dsb.pcapng
 create mode 100644 test/keys/tls12-dsb-1.keys
 create mode 100644 test/keys/tls12-dsb-2.keys
 create mode 100644 wiretap/secrets-types.h
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube