Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: wireshark dissector logformat revamp #2345

Closed
wants to merge 9 commits into from

Conversation

@niftynei
Copy link
Collaborator

@niftynei niftynei commented Feb 11, 2019

Improvements to the beta version of the wireshark plugin integration.

Wireshark plugin needs to be revamped to be able to take advantage of this new key output format, which is a work in progress. I'll update this PR once that is done.

tal_hexstr(NULL, &cs->rk, sizeof(cs->rk)),
tal_hexstr(NULL, &cs->r_ck, sizeof(cs->r_ck)));

if (fputs(keys, fp) == -1) {
Copy link
Collaborator Author

@niftynei niftynei Feb 12, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rustyrussell fputs fails the check-discouraged-functions check -- what would you recommend we replace it with?

Loading

previous iteration of the wireshark plugin used the length_mac
as the 'key' for the sending key. instead, let's map the
sending + receiving keys to the node's wireaddress, so that
wireshark can look them up by hostname.

sending key mapped as:    ->addr:port sending_key
receiving key mapped as:  <-addr:port receiving_key

currently borked -- updating the keys fails on delete.
@niftynei niftynei force-pushed the nifty/dissector branch 2 times, most recently from 55844d9 to 6010565 Feb 12, 2019
fclose(fp);
}

void dissector_remove_connection(const char *our_addr, const char *peer_addr)
Copy link
Collaborator Author

@niftynei niftynei Feb 12, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

currently unused...

Loading

niftynei and others added 5 commits Feb 12, 2019
Keeping a mapping of channels to keys in a single file isn't the
best idea. Instead, let's print out all the starting info for a
channel, and allow the wireshark plugin to increment the keys
for itself, in a round of merry brute force-age.

This pivot means that we now keep a directory of files, one
for each peer connection. On connect, we print the crypto state
to the file.

WIP: getting the IP address and port for the local socket. Coming soon!
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Print out local ip + socket as filename for keyset for a connection,
so that wireshark can figure out which connection the keys belong to.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants