diff options
author | Guy Harris <guy@alum.mit.edu> | 2019-02-19 01:01:48 -0800 |
---|---|---|
committer | Guy Harris <guy@alum.mit.edu> | 2019-02-19 09:57:52 +0000 |
commit | 28f49a0a9a9956c23a632f9f0ae4596544894d34 (patch) | |
tree | d621e0ae96427983f96911f78c51d42af70f0569 /editcap.c | |
parent | 3b8bf168e63e3acc534e098bc121e1c91d7d0b7f (diff) |
Add --discard-all-secrets to remove decryption secrets.
Bug: 15435
Change-Id: I78503c9c31ab3eda39908b91dca3ef3fb9af34bf
Reviewed-on: https://code.wireshark.org/review/32100
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'editcap.c')
-rw-r--r-- | editcap.c | 28 |
1 files changed, 28 insertions, 0 deletions
@@ -170,6 +170,7 @@ static gboolean rem_vlan = FALSE; static gboolean dup_detect = FALSE; static gboolean dup_detect_by_time = FALSE; static gboolean skip_radiotap = FALSE; +static gboolean remove_all_secrets = FALSE; static int do_strict_time_adjustment = FALSE; static struct time_adjustment strict_time_adj = {NSTIME_INIT_ZERO, 0}; /* strict time adjustment */ @@ -837,6 +838,10 @@ print_usage(FILE *output) fprintf(output, " list the encapsulation types.\n"); fprintf(output, " --inject-secrets <type>,<file> Insert decryption secrets from <file>. List\n"); fprintf(output, " supported secret types with \"--inject-secrets help\".\n"); + fprintf(output, " --discard-all-secrets Discard all decryption secrets from the input file\n"); + fprintf(output, " when writing the output file. Does not discard\n"); + fprintf(output, " secrets added by \"--inject-secrets\" in the same\n"); + fprintf(output, " command line.\n"); fprintf(output, "\n"); fprintf(output, "Miscellaneous:\n"); fprintf(output, " -h display this help and exit.\n"); @@ -1013,11 +1018,13 @@ main(int argc, char *argv[]) #define LONGOPT_SKIP_RADIOTAP_HEADER 0x8101 #define LONGOPT_SEED 0x8102 #define LONGOPT_INJECT_SECRETS 0x8103 +#define LONGOPT_DISCARD_ALL_SECRETS 0x8104 static const struct option long_options[] = { {"novlan", no_argument, NULL, LONGOPT_NO_VLAN}, {"skip-radiotap-header", no_argument, NULL, LONGOPT_SKIP_RADIOTAP_HEADER}, {"seed", required_argument, NULL, LONGOPT_SEED}, {"inject-secrets", required_argument, NULL, LONGOPT_INJECT_SECRETS}, + {"discard-all-secrets", no_argument, NULL, LONGOPT_DISCARD_ALL_SECRETS}, {"help", no_argument, NULL, 'h'}, {"version", no_argument, NULL, 'V'}, {0, 0, 0, 0 } @@ -1149,6 +1156,12 @@ main(int argc, char *argv[]) break; } + case LONGOPT_DISCARD_ALL_SECRETS: + { + remove_all_secrets = TRUE; + break; + } + case 'a': { guint frame_number; @@ -1469,6 +1482,13 @@ main(int argc, char *argv[]) wtap_dump_params_init(¶ms, wth); + /* + * Discard any secrets we read in while opening the file. + */ + if (remove_all_secrets) { + wtap_dump_params_discard_decryption_secrets(¶ms); + } + if (dsb_filenames) { for (guint k = 0; k < dsb_filenames->len; k++) { guint32 secrets_type_id = g_array_index(dsb_types, guint32, k); @@ -1982,6 +2002,14 @@ main(int argc, char *argv[]) } } + if (remove_all_secrets) { + /* + * Discard any secrets we've read since the last packet + * we wrote. + */ + wtap_dump_discard_decryption_secrets(pdh); + } + /* Attempt to dump out current frame to the output file */ if (!wtap_dump(pdh, rec, buf, &write_err, &write_err_info)) { cfile_write_failure_message("editcap", argv[optind], |