Re: working with header data

[Guy Harris <guy () alum mit edu>]

On Oct 14, 2011, at 2:05 PM, Ed Beroset wrote:

> Guy Harris wrote:
> > On Oct 14, 2011, at 1:16 PM, Ed Beroset wrote:
> >
> > > if (PNODE_FINFO(tree)->hfinfo->id == hf_c1222_user_information)
> > > pkt_tree = proto_item_get_parent_nth(tree, 2); else return FALSE;
> >
> > None of that has anything to do with adding hf_c1222_crypto_good to
> > the protocol tree, which is what is relevant for making a
> > "c1222.crypto_good" field work; where is the code that adds that to
> > the tree?
>
> It does, but it's a bit indirect.  If the call to that function returns false, it's an indication that the encryption 
> validation failed for some reason.

If "that function" is canonify_unencrypted_header(), then, if it returns false, it's an indication that the 
canonicalization of the header failed for some reason, so you can't even try to do the crypto.  If that can be done in 
a different fashion, as per my earlier suggestion, that code shouldn't even exist.

The code that actually does the crypto is in dissect_epsem(), which should only be called after all the header fields 
have been dissected.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe