Wireshark mailing list archives
ssl decryption in a dissector
From: Sebastiano Di Paola <sebastiano.dipaola () gmail com>
Date: Tue, 30 Jul 2019 09:31:40 +0900
Hello, I'm trying to write a new dissector. The protocol is over TLS so in order to do dissection I need to decrypt TLS (dumping the key setting SSLKEYLOGFILE variable). So inside the new dissector I'm writing I need first to call the ssl decryption and then starting parsing payload bytes. What is the right way to use the API? I tried this...mimic the PROTOABBREV skeleton and then add ssl_dissector add in the proto_reg_handoff but it wil result in a crash with this error message Main Warn QObject::setParent: Cannot set parent, new parent is in a different thread void proto_reg_handoff_newproto(void) { dissector_handle_t newproto_handle; /* Use create_dissector_handle() to indicate that dissect_PROTOABBREV() * returns the number of bytes it dissected (or 0 if it thinks the packet * does not belong to PROTONAME). */ newproto_handle = create_dissector_handle(dissect_newproto, proto_ newproto ); ssl_dissector_add(NEWPROTO_TCP_PORT, newproto_handle); } I could made it work if in the void proto_register_newproto(void) I do these operations (not creating the handle dissector in the_reg_handoff_newproto) newproto_handle = register_dissector("newproto", dissect_newproto, proto_newproto); and in the reg_handoff_newproto I just make the call ssl_dissector_add(...) and then when the callback dissect_newproto is called then in the tvb buffer I can see the decrypted bytes (provided I set for TLS the right file with the dumped key). What is the proper way to achieve what I'm trying to do? Thanks a lot. Seba
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- ssl decryption in a dissector Sebastiano Di Paola (Jul 29)
- Re: ssl decryption in a dissector Peter Wu (Jul 30)
- Re: ssl decryption in a dissector Sebastiano Di Paola (Jul 30)
- Re: ssl decryption in a dissector Peter Wu (Jul 31)
- Re: ssl decryption in a dissector Sebastiano Di Paola (Jul 30)
- Re: ssl decryption in a dissector Peter Wu (Jul 30)