Wireshark · Ethereal-dev: [Ethereal-dev] [PATCH] cleanup debug code in ssl dissector

Ethereal-dev: [Ethereal-dev] [PATCH] cleanup debug code in ssl dissector

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Paolo Abeni <00918190@xxxxxxxxx>

Date: Fri, 10 Feb 2006 17:32:02 +0100

Hi,

The attached patch cleanup the debug infrastructure for ssl dissector.
Debug messages are by default off and can be enabled via the ssl
dissector preference. Debug output can be directed to stderr or file.

The patch is quite similar to a previous one I posted, but this one is
slightly less intrusive.

Paolo


Gruppo Telecom Italia - Direzione e coordinamento di Telecom Italia S.p.A.

====================================================================
CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please send an e_mail to
MailAdmin@xxxxxxxxx. Thank you
====================================================================

Index: gtk/ssl-dlg.c
===================================================================
--- gtk/ssl-dlg.c	(revision 17244)
+++ gtk/ssl-dlg.c	(working copy)
@@ -141,8 +141,6 @@
     SslDecryptedRecord* rec;
     int proto_ssl = (int) ssl;
     StringInfo* data = p_get_proto_data(pinfo->fd, proto_ssl);
-    /*ssl_debug_printf("ssl_queue_packet_data: pinfo %p proto_ssl %d data %p\n",
-        pinfo, proto_ssl, data);*/
 
     /* skip packet without decrypted data payload*/    
     if (!data)
@@ -169,8 +167,6 @@
     rec->data = data;
     follow_info->ssl_decrypted_data = g_list_append(
         follow_info->ssl_decrypted_data,rec);
-    /*ssl_debug_printf("ssl_queue_packet_data: ssl_decrypted_data %p data len %d\n",
-        follow_info->ssl_decrypted_data, data->data_len);*/
 
     return 0;
 }
@@ -482,7 +478,6 @@
     for (cur = follow_info->ssl_decrypted_data; cur; cur = g_list_next(cur))
         if (cur->data)
         {
-            /*ssl_debug_printf("follow_destroy_cb: freeing chunk %p\n", cur->data);*/
             g_free(cur->data);
             cur->data = NULL;
         }
@@ -588,9 +583,6 @@
 
     iplen = (follow_info->is_ipv6) ? 16 : 4;
     
-    /*ssl_debug_printf("follow_read_stream: iplen %d list %p\n", iplen,
-        follow_info->ssl_decrypted_data);*/
-
     for (cur = follow_info->ssl_decrypted_data; cur; cur = g_list_next(cur)) {
         SslDecryptedRecord* rec = cur->data;
 	skip = FALSE;
@@ -611,9 +603,6 @@
             size_t nchars = rec->data->data_len;
             char* buffer = (char*) rec->data->data;
             
-            /*ssl_debug_printf("follow_read_stream: chunk len %d is_server %d\n", 
-                nchars, rec->is_server);*/
-            
             switch (follow_info->show_type) {
     
             case SHOW_ASCII:
Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c	(revision 17244)
+++ epan/dissectors/packet-ssl-utils.c	(working copy)
@@ -1180,22 +1180,10 @@
 #endif
 }
 
-#ifdef SSL_DECRYPT_DEBUG
-static FILE* myout=NULL;
-#endif
 void 
 ssl_lib_init(void)
 {
     gnutls_global_init();
-
-#ifdef SSL_DECRYPT_DEBUG    
-#ifdef _WIN32
-    /* we don't have standard I/O file available, open a log */
-    myout = fopen("ssl-decrypt.txt","w");
-    if (!myout)
-#endif /* _WIN32 */
-        myout = stderr;
-#endif /* SSL_DECRYPT_DEBUG */
 }
 
 #else /* HAVE_LIBGNUTLS */
@@ -1268,41 +1256,70 @@
 }
 
 #ifdef SSL_DECRYPT_DEBUG
+
+static FILE* ssl_debug_file=NULL;
+
 void 
+ssl_set_debug(char* name)
+{
+    static int debug_file_must_be_closed = 0;
+    int use_stderr = name?(strcmp(name, SSL_DEBUG_USE_STDERR) == 0):0;
+    
+    if (debug_file_must_be_closed)
+        fclose(ssl_debug_file);
+    if (use_stderr)    
+        ssl_debug_file = stderr;    
+    else if (!name || (strcmp(name, "") ==0))
+        ssl_debug_file = NULL;
+    else
+        ssl_debug_file = fopen(name, "w");    
+    if (!use_stderr && ssl_debug_file)
+        debug_file_must_be_closed = 1;
+}
+
+
+void 
 ssl_debug_printf(const char* fmt, ...)
 {
-  va_list ap;
-  int ret=0;
-  va_start(ap, fmt);
-  ret += vfprintf(myout, fmt, ap);
-  va_end(ap);
-  fflush(myout);
+    va_list ap;
+    int ret=0;
+    if (!ssl_debug_file)  
+        return;
+    
+    va_start(ap, fmt);
+    ret += vfprintf(ssl_debug_file, fmt, ap);
+    va_end(ap);
+    fflush(ssl_debug_file);
 }
 
 void 
 ssl_print_text_data(const char* name, const unsigned char* data, int len)
 {
     int i;
-    fprintf(myout,"%s: ",name);
+    if (!ssl_debug_file)  
+        return;
+    fprintf(ssl_debug_file,"%s: ",name);
     for (i=0; i< len; i++) {
-      fprintf(myout,"%c",data[i]);
+      fprintf(ssl_debug_file,"%c",data[i]);
     }
-    fprintf(myout,"\n");
-    fflush(myout);
+    fprintf(ssl_debug_file,"\n");
+    fflush(ssl_debug_file);
 }
 
 void 
 ssl_print_data(const char* name, const unsigned char* data, int len)
 {
     int i;
-    fprintf(myout,"%s[%d]:\n",name, len);
+    if (!ssl_debug_file)  
+        return;
+    fprintf(ssl_debug_file,"%s[%d]:\n",name, len);
     for (i=0; i< len; i++) {
         if ((i>0) && (i%16 == 0))
-            fprintf(myout,"\n");
-        fprintf(myout,"%.2x ",data[i]&255);
+            fprintf(ssl_debug_file,"\n");
+        fprintf(ssl_debug_file,"%.2x ",data[i]&255);
     }
-    fprintf(myout,"\n");
-    fflush(myout);
+    fprintf(ssl_debug_file,"\n");
+    fflush(ssl_debug_file);
 }
 
 void 
Index: epan/dissectors/packet-ssl-utils.h
===================================================================
--- epan/dissectors/packet-ssl-utils.h	(revision 17244)
+++ epan/dissectors/packet-ssl-utils.h	(working copy)
@@ -38,6 +38,7 @@
 
 /* #define SSL_FAST 1 */
 #define SSL_DECRYPT_DEBUG
+#define SSL_DEBUG_USE_STDERR "-"
 
 #define SSL_CIPHER_CTX gcry_cipher_hd_t
 #ifdef SSL_FAST
@@ -211,6 +212,8 @@
 ssl_print_string(const char* name, const StringInfo* data);
 extern void 
 ssl_print_text_data(const char* name, const unsigned char* data, int len);
+extern void 
+ssl_set_debug(char* name);
 #else
 
 /* No debug: nullify debug operation*/
@@ -221,6 +224,8 @@
 #define ssl_print_data(a, b, c)
 #define ssl_print_string(a, b)
 #define ssl_print_text_data(a, b, c)
+#define ssl_set_debug(name)
+
 #endif
 
 #endif
Index: epan/dissectors/packet-ssl.c
===================================================================
--- epan/dissectors/packet-ssl.c	(revision 17244)
+++ epan/dissectors/packet-ssl.c	(working copy)
@@ -219,6 +219,7 @@
 
 static char* ssl_keys_list = NULL;
 static char* ssl_ports_list = NULL;
+static char* ssl_debug_file_name = NULL;
 
 typedef struct _SslService {
     address addr;
@@ -340,7 +341,8 @@
     return 0;
 }
 
-static inline int ssl_packet_from_server(unsigned int port)
+static inline int 
+ssl_packet_from_server(unsigned int port)
 {
     register int ret = ssl_association_find(port) != 0;
     ssl_debug_printf("ssl_packet_from_server: is from server %d\n", ret);    
@@ -348,7 +350,8 @@
 }    
 
 /* initialize/reset per capture state data (ssl sessions cache) */
-static void ssl_init(void)
+static void 
+ssl_init(void)
 {
     if (ssl_session_hash)
         g_hash_table_destroy(ssl_session_hash);
@@ -360,7 +363,8 @@
 }
 
 /* parse ssl related preferences (private keys and ports association strings) */
-static void ssl_parse(void)
+static void 
+ssl_parse(void)
 {
     if (ssl_key_hash)
     {
@@ -497,6 +501,8 @@
         } while (end != NULL);
         free(tmp);
     }
+    
+    ssl_set_debug(ssl_debug_file_name);
 
     /* [re] add ssl dissection to defaults ports */
     ssl_association_add(443, 80, "Hypertext transfer protocol");
@@ -506,7 +512,8 @@
 }
 
 /* store master secret into session data cache */
-static void ssl_save_session(SslDecryptSession* ssl)
+static void 
+ssl_save_session(SslDecryptSession* ssl)
 {
     /* allocate stringinfo chunks for session id and master secret data*/
     StringInfo* session_id = se_alloc0(sizeof(StringInfo) + ssl->session_id.data_len);
@@ -522,7 +529,8 @@
     ssl_print_string("ssl_save_session stored master secret", master_secret);
 }
 
-static void ssl_restore_session(SslDecryptSession* ssl)
+static void 
+ssl_restore_session(SslDecryptSession* ssl)
 {
     StringInfo* ms = g_hash_table_lookup(ssl_session_hash, &ssl->session_id);
     if (!ms) {

Follow-Ups:
- Re: [Ethereal-dev] [PATCH] cleanup debug code in ssl dissector
  - From: Joerg Mayer

Prev by Date: SV: [Ethereal-dev] SSL decryption and private keys
Next by Date: [Ethereal-dev] Ready made dll:s for Libcrypt anf gnutls?
Previous by thread: RE: [Ethereal-dev] Problem in building ethereal - help needed
Next by thread: Re: [Ethereal-dev] [PATCH] cleanup debug code in ssl dissector
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$