Hi Sadik, On Fri, Sep 08, 2017 at 05:15:19PM +0200, Sadik Sikder wrote: > Thanks Mr. Peter for you kind help and cooperation... > i have figured-out how should i write my own decryption function . i have > some confusion or problem to understand... i am giving a example what i > would like to know. > in epan/packet-ssl.c file, i have a seen a method called: > void > ssl_load_keyfile(const gchar *ssl_keylog_filename, FILE **keylog_file, > const ssl_master_key_map_t *mk_map) > > or > void > ssl_debug_printf(const gchar* fmt, ...) > { > va_list ap; > > if (!ssl_debug_file) > return; > > va_start(ap, fmt); > vfprintf(ssl_debug_file, fmt, ap); > va_end(ap); > } > > here ssl_load_keyfile or ssl_debug_print() are methods. i havenot found > where these method are called into main function. similar this problem i > have faced several situations. In order to overcome the situation what > should i follow? how can i or which file/folder contains main functions > regarding epan/packet-ssl.c, epan/packet-ssl-utils.c?
Wireshark has a lot of dissectors and functionality, as far as functionality is concerned, you need to start looking at "dissect_ssl". See the first step of https://www.wireshark.org/lists/wireshark-dev/201709/msg00006.html which says: The program flow in the common case (SSLv3/TLS) is as follows: 1. dissect_ssl is the entrypoint (commonly called from TCP dissector). ... the main function is located in wireshark-qt.cpp (or tshark.c if you use tshark). Specifically for ssl_debug_printf, these are called in multiple functions in epan/dissectors/packet-ssl.c and epan/dissectors/packet-ssl-utils.c. Have you tried a simple text search in these files? > i have used Eclipse IDE to track of these methods to figure-out main > function but i was unable to find the main functions regarding > packet-ssl.c, packet-ssl-utils.c and packet-ssl-utils.h. I suggest you to use a debugger, set a breakpoint starting in dissect_ssl (or whatever function you are interested in). Then run the the "console" version of Wireshark using the capture and keys from the source directory: tshark -r test/captures/dhe1.pcapng.gz -o ssl.keylog_file:test/keys/dhe1_keylog.dat -- Kind regards, Peter Wu https://lekensteyn.nl ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe