osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Add --discard-all-secrets to remove decryption secrets. 

Bug: 15435
Change-Id: I78503c9c31ab3eda39908b91dca3ef3fb9af34bf
Reviewed-on: https://code.wireshark.org/review/32100
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot
Reviewed-by: Guy Harris <guy@alum.mit.edu>
This commit is contained in:
Guy Harris 2019-02-19 01:01:48 -08:00
parent 3b8bf168e6
commit 28f49a0a9a
5 changed files with 76 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/editcap.pod
View File

@ -29,6 +29,7 @@ S<[ B<-t> E<lt>time adjustmentE<gt> ]>
S<[ B<-T> E<lt>encapsulation typeE<gt> ]>
S<[ B<-v> ]>
S<[ B<--inject-secrets> E<lt>secrets typeE<gt>,E<lt>fileE<gt> ]>
S<[ B<--discard-all-secrets> ]>
I<infile>
I<outfile>
S<[ I<packet#>[-I<packet#>] ... ]>
@ -349,6 +350,12 @@ I<tls> TLS Key Log as described at L<https://developer.mozilla.org/NSS_Key_Log_F
This option may be specified multiple times. The available options for
E<lt>secrets typeE<gt> can be listed with B<--inject-secrets help>.
=item --discard-all-secrets
Discard all decryption secrets from the input file when writing the
output file. Does not discard secrets added by B<--inject-secrets> in
the same command line.
=back
=head1 EXAMPLES

28
editcap.c
View File

@ -170,6 +170,7 @@ static gboolean rem_vlan = FALSE;
static gboolean dup_detect = FALSE;
static gboolean dup_detect_by_time = FALSE;
static gboolean skip_radiotap = FALSE;
static gboolean remove_all_secrets = FALSE;
static int do_strict_time_adjustment = FALSE;
static struct time_adjustment strict_time_adj = {NSTIME_INIT_ZERO, 0}; /* strict time adjustment */
@ -837,6 +838,10 @@ print_usage(FILE *output)
fprintf(output, " list the encapsulation types.\n");
fprintf(output, " --inject-secrets <type>,<file> Insert decryption secrets from <file>. List\n");
fprintf(output, " supported secret types with \"--inject-secrets help\".\n");
fprintf(output, " --discard-all-secrets Discard all decryption secrets from the input file\n");
fprintf(output, " when writing the output file. Does not discard\n");
fprintf(output, " secrets added by \"--inject-secrets\" in the same\n");
fprintf(output, " command line.\n");
fprintf(output, "\n");
fprintf(output, "Miscellaneous:\n");
fprintf(output, " -h display this help and exit.\n");
@ -1013,11 +1018,13 @@ main(int argc, char *argv[])
#define LONGOPT_SKIP_RADIOTAP_HEADER 0x8101
#define LONGOPT_SEED 0x8102
#define LONGOPT_INJECT_SECRETS 0x8103
#define LONGOPT_DISCARD_ALL_SECRETS 0x8104
static const struct option long_options[] = {
{"novlan", no_argument, NULL, LONGOPT_NO_VLAN},
{"skip-radiotap-header", no_argument, NULL, LONGOPT_SKIP_RADIOTAP_HEADER},
{"seed", required_argument, NULL, LONGOPT_SEED},
{"inject-secrets", required_argument, NULL, LONGOPT_INJECT_SECRETS},
{"discard-all-secrets", no_argument, NULL, LONGOPT_DISCARD_ALL_SECRETS},
{"help", no_argument, NULL, 'h'},
{"version", no_argument, NULL, 'V'},
{0, 0, 0, 0 }
@ -1149,6 +1156,12 @@ main(int argc, char *argv[])
break;
}
case LONGOPT_DISCARD_ALL_SECRETS:
{
remove_all_secrets = TRUE;
break;
}
case 'a':
{
guint frame_number;
@ -1469,6 +1482,13 @@ main(int argc, char *argv[])
wtap_dump_params_init(&params, wth);
/*
* Discard any secrets we read in while opening the file.
*/
if (remove_all_secrets) {
wtap_dump_params_discard_decryption_secrets(&params);
}
if (dsb_filenames) {
for (guint k = 0; k < dsb_filenames->len; k++) {
guint32 secrets_type_id = g_array_index(dsb_types, guint32, k);
@ -1982,6 +2002,14 @@ main(int argc, char *argv[])
}
}
if (remove_all_secrets) {
/*
* Discard any secrets we've read since the last packet
* we wrote.
*/
wtap_dump_discard_decryption_secrets(pdh);
}
/* Attempt to dump out current frame to the output file */
if (!wtap_dump(pdh, rec, buf, &write_err, &write_err_info)) {
cfile_write_failure_message("editcap", argv[optind],

22
wiretap/file_access.c
View File

@ -2718,6 +2718,28 @@ wtap_dump_set_addrinfo_list(wtap_dumper *wdh, addrinfo_lists_t *addrinfo_lists)
return TRUE;
}
void
wtap_dump_discard_decryption_secrets(wtap_dumper *wdh)
{
/*
* This doesn't free the data, as it might be pointed to
* from other structures; it merely marks all of them as
* having been written to the file, so that they don't
* get written by wtap_dump().
*
* XXX - our APIs for dealing with some metadata, such as
* resolved names, decryption secrets, and interface
* statistics is not very well oriented towards one-pass
* programs; this needs to be cleaned up. See bug 15502.
*/
if (wdh->dsbs_growing) {
/*
* Pretend we've written all of them.
*/
wdh->dsbs_growing_written = wdh->dsbs_growing->len;
}
}
gboolean wtap_dump_get_needs_reload(wtap_dumper *wdh) {
return wdh->needs_reload;
}

7
wiretap/wtap.c
View File

@ -327,6 +327,13 @@ wtap_dump_params_init(wtap_dump_params *params, wtap *wth)
params->dsbs_growing = wth ? wth->dsbs : NULL;
}
void
wtap_dump_params_discard_decryption_secrets(wtap_dump_params *params)
{
params->dsbs_initial = NULL;
params->dsbs_growing = NULL;
}
void
wtap_dump_params_cleanup(wtap_dump_params *params)
{

12
wiretap/wtap.h
View File

@ -1997,6 +1997,16 @@ gboolean wtap_dump_supports_comment_types(int filetype, guint32 comment_types);
WS_DLL_PUBLIC
void wtap_dump_params_init(wtap_dump_params *params, wtap *wth);
/**
* Remove any decryption secret information from the per-file information;
* used if we're stripping decryption secrets as we write the file.
*
* @param params The parameters for wtap_dump_* from which to remove the
* decryption secrets..
*/
WS_DLL_PUBLIC
void wtap_dump_params_discard_decryption_secrets(wtap_dump_params *params);
/**
* Free memory associated with the wtap_dump_params when it is no longer in
* use by wtap_dumper.
@ -2083,6 +2093,8 @@ WS_DLL_PUBLIC
gboolean wtap_dump_set_addrinfo_list(wtap_dumper *wdh, addrinfo_lists_t *addrinfo_lists);
WS_DLL_PUBLIC
gboolean wtap_dump_get_needs_reload(wtap_dumper *wdh);
WS_DLL_PUBLIC
void wtap_dump_discard_decryption_secrets(wtap_dumper *wdh);
/**
* Closes open file handles and frees memory associated with wdh. Note that