Wireshark · Wireshark-dev: Re: [Wireshark-dev] Questions regarding ssl_parse

Wireshark-dev: Re: [Wireshark-dev] Questions regarding ssl_parse_uat() in packet-ssl.c file

Date: Tue, 4 Nov 2014 16:00:54 -0500

On Tue, Nov 4, 2014 at 3:52 PM, Sara fahman <fflloorraa9@xxxxxxxxx> wrote:
> I'm trying to learn how this function works and I have some questions (I
> placed them below its following definition).
>
> static void
> ssl_parse_uat(void)
> {
>     wmem_stack_t   *tmp_stack;
>     guint           i;
>
>     ssl_set_debug(ssl_debug_file_name);
>
>     if (ssl_key_hash)
>     {
>         g_hash_table_foreach(ssl_key_hash, ssl_private_key_free, NULL);
>         g_hash_table_destroy(ssl_key_hash);
>     }
>
>     /* remove only associations created from key list */
>     tmp_stack = wmem_stack_new(NULL);
>     g_tree_foreach(ssl_associations, ssl_assoc_from_key_list, tmp_stack);
>     while (wmem_stack_count(tmp_stack) > 0) {
>         ssl_association_remove(ssl_associations, (SslAssociation
> *)wmem_stack_pop(tmp_stack));
>     }
>     wmem_destroy_stack(tmp_stack);
>
>     /* parse private keys string, load available keys and put them in key
> hash*/
>     ssl_key_hash =
> g_hash_table_new(ssl_private_key_hash,ssl_private_key_equal);
>
>
>     if (nssldecrypt > 0) {
>         for (i = 0; i < nssldecrypt; i++) {
>             ssldecrypt_assoc_t *ssl_uat = &(sslkeylist_uats[i]);
>             ssl_parse_key_list(ssl_uat, ssl_key_hash, ssl_associations,
> ssl_handle, TRUE);
>         }
>     }
>
>     ssl_debug_flush();
> }
>
> My Questions:
>
> What does removing the association created from key list mean?

The associations in the set can come from several locations (the key
list is one of these) - in this case we only want to remove the
associations that come from the key list and leave the other ones
alone.

> Where do the variable  nssldecrypt get updated? i.e : it is default value is
> zero when it changes? What does it represent?
> the same question for sslkeylist_uats? Does it represent the whole file that
> entered by the user or just an entry of the file?

These values are set by the UAT library (see how they are passed by
reference to uat_new on line 4074).

sslkeylist_uats represents an array of records, one record for each
entered by the user. nssldecrypt is the number of elements in the
array.

Hope this helps!
Evan

> Sorry if the answers for these questions are obvious but I'm still a
> beginner programmer in the learning phase.
>
> Thanks.
> Flora
>
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request@xxxxxxxxxxxxx?subject=unsubscribe

References:
- [Wireshark-dev] Questions regarding ssl_parse_uat() in packet-ssl.c file
  - From: Sara fahman

Prev by Date: [Wireshark-dev] Questions regarding ssl_parse_uat() in packet-ssl.c file
Next by Date: Re: [Wireshark-dev] Compilation error in ws_mempbrk_sse42.c
Previous by thread: [Wireshark-dev] Questions regarding ssl_parse_uat() in packet-ssl.c file
Next by thread: [Wireshark-dev] Tshark list invalid fields
Index(es):
- Date
- Thread