Hi Sadik,
On Fri, Sep 08, 2017 at 05:15:19PM +0200, Sadik Sikder wrote:
> Thanks Mr. Peter for you kind help and cooperation...
> i have figured-out how should i write my own decryption function . i have
> some confusion or problem to understand... i am giving a example what i
> would like to know.
> in epan/packet-ssl.c file, i have a seen a method called:
> void
> ssl_load_keyfile(const gchar *ssl_keylog_filename, FILE **keylog_file,
> const ssl_master_key_map_t *mk_map)
>
> or
> void
> ssl_debug_printf(const gchar* fmt, ...)
> {
> va_list ap;
>
> if (!ssl_debug_file)
> return;
>
> va_start(ap, fmt);
> vfprintf(ssl_debug_file, fmt, ap);
> va_end(ap);
> }
>
> here ssl_load_keyfile or ssl_debug_print() are methods. i havenot found
> where these method are called into main function. similar this problem i
> have faced several situations. In order to overcome the situation what
> should i follow? how can i or which file/folder contains main functions
> regarding epan/packet-ssl.c, epan/packet-ssl-utils.c?
Wireshark has a lot of dissectors and functionality, as far as
functionality is concerned, you need to start looking at "dissect_ssl".
See the first step of
https://www.wireshark.org/lists/wireshark-dev/201709/msg00006.html
which says:
The program flow in the common case (SSLv3/TLS) is as follows:
1. dissect_ssl is the entrypoint (commonly called from TCP dissector).
...
the main function is located in wireshark-qt.cpp (or tshark.c if you use
tshark).
Specifically for ssl_debug_printf, these are called in multiple
functions in epan/dissectors/packet-ssl.c and
epan/dissectors/packet-ssl-utils.c. Have you tried a simple text search
in these files?
> i have used Eclipse IDE to track of these methods to figure-out main
> function but i was unable to find the main functions regarding
> packet-ssl.c, packet-ssl-utils.c and packet-ssl-utils.h.
I suggest you to use a debugger, set a breakpoint starting in
dissect_ssl (or whatever function you are interested in). Then run the
the "console" version of Wireshark using the capture and keys from the
source directory:
tshark -r test/captures/dhe1.pcapng.gz -o ssl.keylog_file:test/keys/dhe1_keylog.dat
--
Kind regards,
Peter Wu
https://lekensteyn.nl