diff options
author | Martin Mathieson <martin.r.mathieson@googlemail.com> | 2014-04-28 22:29:53 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2014-04-30 05:01:12 +0000 |
commit | 266e0a9275f75d420bc70c02c23c9b8607d793e5 (patch) | |
tree | 1b4435528db14d4c1562736602958dc9f332fd78 /epan/dissectors/packet-ipsec.h | |
parent | faec7514cf2d16b71ede1d03d541ba34ce24f8fa (diff) |
Add an API for programmatically adding ESP SAs (most likely from a private
dissector).
Also, speed up ESP decryption in several ways:
- store gcrypt_cipher_hd in the SA struct, rather than continually
open, setkey and close for each PDU
- don't convert the key string from ascii to hex each time - do it upon
during update callback and keep
- do the decryption in-place, avoiding the need to allocate, memcpy and
free a separate buffer for encrypted data
- when matching addresses, avoid doing a strlen until after we check
whether or not we're matching against "*"
Change-Id: Ibb66663ec21326351abc761be78a0d57f7797fa5
Reviewed-on: https://code.wireshark.org/review/1421
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ipsec.h')
-rw-r--r-- | epan/dissectors/packet-ipsec.h | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/epan/dissectors/packet-ipsec.h b/epan/dissectors/packet-ipsec.h index 29f7f446d7..e8516a054d 100644 --- a/epan/dissectors/packet-ipsec.h +++ b/epan/dissectors/packet-ipsec.h @@ -23,9 +23,14 @@ #ifndef __PACKET_IPSEC_H__ #define __PACKET_IPSEC_H__ -/* XXX - TEMPORARILY EMPTY BECAUSE EXISTING FUNCTION WAS REMOVED, BUT A NEW ONE FOR - COMPLETELY DIFFERENT FUNCTIONALITY SHOULD REPLACE IT SHORTLY SO FILE SHOULDN'T - BE REMOVED - */ +/* Configure a new SA (programmatically, most likely from a private dissector). + The arugments here are deliberately in the same string formats as the UAT fields + in order to keep code paths common. + Note that an attempt to match with these entries will be made *before* entries + added through the UAT entry interface/file. */ +WS_DLL_PUBLIC void esp_sa_record_add_from_dissector(guint8 protocol, const gchar *srcIP, const char *dstIP, + gchar *spi, + guint8 encryption_algo, const gchar *encryption_key, + guint8 authentication_algo, const gchar *authentication_key); #endif |