diff options
author | Peter Wu <peter@lekensteyn.nl> | 2018-11-17 13:56:12 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2018-11-20 05:12:37 +0000 |
commit | 52a667143929ace46929bfb6ad15b6a856cdbe77 (patch) | |
tree | 97dfedc45dd07c47116ba06cb13457f04a5d48df /wiretap/wtap_opttypes.c | |
parent | ad21e3121f3307ee6cc2b4a2b296ef6dd83152ed (diff) |
wiretap: add read/write support for Decryption Secrets Block (DSB)
Support reading and writing pcapng files with DSBs. A DSB may occur
multiple times but should appear before packets that need those
decryption secrets (so it cannot be moved to the end like NRB). The TLS
dissector will be updated in the future to make use of these secrets.
pcapng spec update: https://github.com/pcapng/pcapng/pull/54
As DSBs may be interleaved with packets, do not even try to read it in
pcapng_open (as is done for IDBs). Instead process them during the
sequential read, appending them to the 'wtap::dsbs' array.
Writing is more complicated, secrets may initially not be available when
'wtap_dumper' is created. As they may become available in 'wtap::dsbs'
as more packets are read, allow 'wtap_dumper::dsbs_growing' to reference
this array. This saves every user from checking/dumping DSBs.
If the wtap user needs to insert extra DSBs (while preserving existing
DSBs), they can set the 'wtap_dumper::dsbs_initial' field.
The test file was creating using a patched editcap (future patch) and
combined using mergecap (which required a change to preserve the DSBs).
Change-Id: I74e4ee3171bd852a89ea0f6fbae9e0f65ed6eda9
Ping-Bug: 15252
Reviewed-on: https://code.wireshark.org/review/30692
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'wiretap/wtap_opttypes.c')
-rw-r--r-- | wiretap/wtap_opttypes.c | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/wiretap/wtap_opttypes.c b/wiretap/wtap_opttypes.c index 91690d0e69..c50879e6a6 100644 --- a/wiretap/wtap_opttypes.c +++ b/wiretap/wtap_opttypes.c @@ -972,6 +972,27 @@ static void idb_copy_mand(wtap_block_t dest_block, wtap_block_t src_block) } } +static void dsb_create(wtap_block_t block) +{ + block->mandatory_data = g_new0(wtapng_dsb_mandatory_t, 1); +} + +static void dsb_free_mand(wtap_block_t block) +{ + wtapng_dsb_mandatory_t *mand = (wtapng_dsb_mandatory_t *)block->mandatory_data; + g_free(mand->secrets_data); +} + +static void dsb_copy_mand(wtap_block_t dest_block, wtap_block_t src_block) +{ + wtapng_dsb_mandatory_t *src = (wtapng_dsb_mandatory_t *)src_block->mandatory_data; + wtapng_dsb_mandatory_t *dst = (wtapng_dsb_mandatory_t *)dest_block->mandatory_data; + dst->secrets_type = src->secrets_type; + dst->secrets_len = src->secrets_len; + g_free(dst->secrets_data); + dst->secrets_data = (guint8 *)g_memdup(src->secrets_data, src->secrets_len); +} + void wtap_opttypes_initialize(void) { static wtap_blocktype_t shb_block = { @@ -1082,6 +1103,16 @@ void wtap_opttypes_initialize(void) NULL }; + static wtap_blocktype_t dsb_block = { + WTAP_BLOCK_DSB, + "DSB", + "Decryption Secrets Block", + dsb_create, + dsb_free_mand, + dsb_copy_mand, + NULL + }; + static wtap_blocktype_t nrb_block = { WTAP_BLOCK_NG_NRB, /* block_type */ "NRB", /* name */ @@ -1227,6 +1258,11 @@ void wtap_opttypes_initialize(void) wtap_opttype_option_register(&isb_block, OPT_ISB_FILTERACCEPT, &isb_filteraccept); wtap_opttype_option_register(&isb_block, OPT_ISB_OSDROP, &isb_osdrop); wtap_opttype_option_register(&isb_block, OPT_ISB_USRDELIV, &isb_usrdeliv); + + /* + * Register the DSB, currently no options are defined. + */ + wtap_opttype_block_register(WTAP_BLOCK_DSB, &dsb_block); } void wtap_opttypes_cleanup(void) |