Wireshark mailing list archives
Re: working with header data
From: Guy Harris <guy () alum mit edu>
Date: Mon, 17 Oct 2011 17:14:36 -0700
On Oct 14, 2011, at 2:05 PM, Ed Beroset wrote:
Guy Harris wrote:On Oct 14, 2011, at 1:16 PM, Ed Beroset wrote:if (PNODE_FINFO(tree)->hfinfo->id == hf_c1222_user_information) pkt_tree = proto_item_get_parent_nth(tree, 2); else return FALSE;None of that has anything to do with adding hf_c1222_crypto_good to the protocol tree, which is what is relevant for making a "c1222.crypto_good" field work; where is the code that adds that to the tree?It does, but it's a bit indirect. If the call to that function returns false, it's an indication that the encryption validation failed for some reason.
If "that function" is canonify_unencrypted_header(), then, if it returns false, it's an indication that the canonicalization of the header failed for some reason, so you can't even try to do the crypto. If that can be done in a different fashion, as per my earlier suggestion, that code shouldn't even exist. The code that actually does the crypto is in dissect_epsem(), which should only be called after all the header fields have been dissected. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- working with header data Ed Beroset (Oct 14)
- Re: working with header data Guy Harris (Oct 14)
- Re: working with header data Ed Beroset (Oct 14)
- Re: working with header data Guy Harris (Oct 14)
- Re: working with header data Ed Beroset (Oct 14)
- Re: working with header data Guy Harris (Oct 17)
- Re: working with header data Ed Beroset (Oct 17)
- Re: working with header data Ed Beroset (Oct 14)
- Re: working with header data Guy Harris (Oct 14)