ssl: fix SSL keylog file live-capture use case

Patch "ssl,dtls: simplify keyfile handling" did not account for the use
case where packets are captured and decrypted on the fly using
SSLKEYLOGFILE.

This patch restores that functionality by reading additional lines from
the keylog file when needed (to preserve the benefit of not having to
read the full file) and by watching the open file for deletions.

"Deletion" is detected by comparing st_dev and st_ino. Since these may
be useless on Windows, the size is also checked.

Change-Id: Ieadaef1426a9270587293db28f4dda33b3d17334
Reviewed-on: https://code.wireshark.org/review/3190
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Evan Huus <eapache@gmail.com>
Petri-Dish: Evan Huus <eapache@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

1 files changed, 7 insertions, 3 deletions

diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h
index 75f95499e3..8342e03d5f 100644
--- a/epan/dissectors/packet-ssl-utils.h
+++ b/epan/dissectors/packet-ssl-utils.h
@@ -575,9 +575,13 @@ ssl_get_data_info(int proto, packet_info *pinfo, gint key);
 
 /* initialize/reset per capture state data (ssl sessions cache) */
 extern void
-ssl_common_init(ssl_master_key_map_t *master_key_map,
-                StringInfo *decrypted_data, StringInfo *compressed_data,
-                const ssl_common_options_t *options);
+ssl_common_init(ssl_master_key_map_t *master_key_map, FILE **ssl_keylog_file,
+                StringInfo *decrypted_data, StringInfo *compressed_data);
+
+/* tries to update the secrets cache from the given filename */
+extern void
+ssl_load_keyfile(const gchar *ssl_keylog_filename, FILE **keylog_file,
+                 const ssl_master_key_map_t *mk_map);
 
 /* parse ssl related preferences (private keys and ports association strings) */
 extern void