Ethereal-dev: Re: [Ethereal-dev] external plugin and exported symbols

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Paolo Abeni <00918190@xxxxxxxxx>
Date: Sun, 05 Feb 2006 17:48:03 +0100
Hi,

Hi, 
On Sun, 2006-02-05 at 04:33 +0100, Joerg Mayer wrote: 
> On Sun, Feb 05, 2006 at 01:01:56AM +0100, Joerg Mayer wrote:
> > Please change the way you format functions:
> > Write
> > static void
> > function(...)
> > instead of
> > static void function(...)
> > etc.
> > 
> > Also, I've attached a list of warnings I get when compiling packet-ssl.c
> > and packet-ssl-utils.c. Please try to fix (most of) them.
> > Also, gcc has an option to check the format functions, please include
> > them where appropriate (see epan/proto.h, search for GNUC_FORMAT_CHECK).
> ...
> 
> One more thing: Currently, each time tethereal is started the following
> message is printed:
> can't open file /usr/share/ethereal-ssl-decrypt/server.key 
> Please get rid of this message, and especially of that hard coded path.

I checked out svn revision 17164 and tryed to fix the issue you
reported. Quite anomaly, with the fresh checkout source I got a list of
warning shorter or the one you reported.
Anyway with the attached patch the code compiles on my machine without
any warning. I suppose there are still some fix to be applied to the
config.nmake file to enable the decryption on windows build (but
building gnutls under windows with vc6 is quite a scary thing).

Thanks for the feedback and moreover for trying my patch.

Regards,

Paolo 




Gruppo Telecom Italia - Direzione e coordinamento di Telecom Italia S.p.A.

====================================================================
CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please send an e_mail to
MailAdmin@xxxxxxxxx. Thank you
====================================================================
Index: gtk/ssl-dlg.c
===================================================================
--- gtk/ssl-dlg.c	(revision 17164)
+++ gtk/ssl-dlg.c	(working copy)
@@ -137,7 +137,7 @@
 }
 
 static int
-ssl_queue_packet_data(void *tapdata, packet_info *pinfo, epan_dissect_t *edt, const void *ssl)
+ssl_queue_packet_data(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _U_, const void *ssl)
 {
     follow_info_t* follow_info = tapdata;
     SslDecryptedRecord* rec;
Index: epan/dissectors/packet-ssl-utils.c
===================================================================
--- epan/dissectors/packet-ssl-utils.c	(revision 17164)
+++ epan/dissectors/packet-ssl-utils.c	(working copy)
@@ -34,7 +34,8 @@
 /* hmac abstraction layer */
 #define SSL_HMAC gcry_md_hd_t
 
-inline void ssl_hmac_init(SSL_HMAC* md, const void * key, int len, int algo)
+static inline void 
+ssl_hmac_init(SSL_HMAC* md, const void * key, int len, int algo)
 {
     if (*(md)) 
         gcry_md_close(*(md)); 
@@ -42,72 +43,88 @@
     gcry_md_setkey (*(md), key, len);
 }
 
-inline void ssl_hmac_update(SSL_HMAC* md, const void* data, int len)
+static inline void 
+ssl_hmac_update(SSL_HMAC* md, const void* data, int len)
 {
     gcry_md_write(*(md), data, len);
 }
-inline void ssl_hmac_final(SSL_HMAC* md, unsigned char* data, unsigned int* datalen)
+static inline void 
+ssl_hmac_final(SSL_HMAC* md, unsigned char* data, unsigned int* datalen)
 { 
     int algo = gcry_md_get_algo (*(md));
     unsigned int len = gcry_md_get_algo_dlen(algo);
     memcpy(data, gcry_md_read(*(md), algo), len);
     *datalen =len;
 }
-inline void ssl_hmac_cleanup(SSL_HMAC* md) { gcry_md_close(*(md)); }
+static inline void 
+ssl_hmac_cleanup(SSL_HMAC* md) 
+{ 
+    gcry_md_close(*(md)); 
+}
 
 /* memory digest abstraction layer*/
 #define SSL_MD gcry_md_hd_t
 
-inline void ssl_md_init(SSL_MD* md, int algo)
+static inline void 
+ssl_md_init(SSL_MD* md, int algo)
 {
     if (*(md)) 
         gcry_md_close(*(md));
     gcry_md_open(md,algo, 0); 
 }
-inline void ssl_md_update(SSL_MD* md, unsigned char* data, int len) 
+static inline void 
+ssl_md_update(SSL_MD* md, unsigned char* data, int len) 
 { 
     gcry_md_write(*(md), data, len); 
 }
-inline void ssl_md_final(SSL_MD* md, unsigned char* data, unsigned int* datalen)
+static inline void 
+ssl_md_final(SSL_MD* md, unsigned char* data, unsigned int* datalen)
 { 
     int algo = gcry_md_get_algo (*(md));
     int len = gcry_md_get_algo_dlen (algo);
     memcpy(data, gcry_md_read(*(md),  algo), len);
     *datalen = len;
 }
-inline void ssl_md_cleanup(SSL_MD* md) { gcry_md_close(*(md)); }
+static inline void 
+ssl_md_cleanup(SSL_MD* md) { gcry_md_close(*(md)); }
 
 /* md5 /sha abstraction layer */
 #define SSL_SHA_CTX gcry_md_hd_t
 #define SSL_MD5_CTX gcry_md_hd_t
 
-void ssl_sha_init(SSL_SHA_CTX* md)
+static void 
+ssl_sha_init(SSL_SHA_CTX* md)
 {
     if (*(md)) 
         gcry_md_close(*(md));
     gcry_md_open(md,GCRY_MD_SHA1, 0); 
 }
-inline void ssl_sha_update(SSL_SHA_CTX* md, unsigned char* data, int len) 
+static inline void 
+ssl_sha_update(SSL_SHA_CTX* md, unsigned char* data, int len) 
 { 
     gcry_md_write(*(md), data, len);
 }
-inline void ssl_sha_final(unsigned char* buf, SSL_SHA_CTX* md)
+static inline void 
+ssl_sha_final(unsigned char* buf, SSL_SHA_CTX* md)
 {
     memcpy(buf, gcry_md_read(*(md),  GCRY_MD_SHA1), 
         gcry_md_get_algo_dlen(GCRY_MD_SHA1));
 }
 
-inline int ssl_md5_init(SSL_MD5_CTX* md)
+static inline int 
+ssl_md5_init(SSL_MD5_CTX* md)
 {
     if (*(md)) 
         gcry_md_close(*(md));
     return gcry_md_open(md,GCRY_MD_MD5, 0); 
 }
-inline void ssl_md5_update(SSL_MD5_CTX* md, unsigned char* data, int len)
+static inline void 
+ssl_md5_update(SSL_MD5_CTX* md, unsigned char* data, int len)
 {
     gcry_md_write(*(md), data, len);
 }
-inline void ssl_md5_final(unsigned char* buf, SSL_MD5_CTX* md)
+static inline void 
+ssl_md5_final(unsigned char* buf, SSL_MD5_CTX* md)
 {
     memcpy(buf, gcry_md_read(*(md),  GCRY_MD_MD5), 
         gcry_md_get_algo_dlen(GCRY_MD_MD5));
@@ -115,7 +132,8 @@
 
 
 /* stream cipher abstraction layer*/
-int ssl_cipher_init(gcry_cipher_hd_t *cipher, int algo, unsigned char* sk, 
+static int 
+ssl_cipher_init(gcry_cipher_hd_t *cipher, int algo, unsigned char* sk, 
         unsigned char* iv, int mode)
 {
     int gcry_modes[]={
@@ -133,22 +151,26 @@
         return -1;
     return 0;
 }
-inline int ssl_cipher_decrypt(gcry_cipher_hd_t *cipher, unsigned char * out, int outl, 
+static inline int 
+ssl_cipher_decrypt(gcry_cipher_hd_t *cipher, unsigned char * out, int outl, 
                    const unsigned char * in,int inl)
 {
     return gcry_cipher_decrypt ( *(cipher), out, outl, in, inl);
 }
-inline int ssl_get_digest_by_name(const char*name)
+static inline int 
+ssl_get_digest_by_name(const char*name)
 {
     return gcry_md_map_name(name);
 }
-inline int ssl_get_cipher_by_name(const char* name)
+static inline int 
+ssl_get_cipher_by_name(const char* name)
 {
     return gcry_cipher_map_name(name);
 }
 
 /* private key abstraction layer */
-inline int ssl_get_key_len(SSL_PRIVATE_KEY* pk) {return gcry_pk_get_nbits (pk); }
+static inline int 
+ssl_get_key_len(SSL_PRIVATE_KEY* pk) {return gcry_pk_get_nbits (pk); }
 
 gcry_err_code_t
 _gcry_rsa_decrypt (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
@@ -158,7 +180,8 @@
 
 /* decrypt data with private key. Store decrypted data directly into input
  * buffer */
-int ssl_private_decrypt(unsigned int len, unsigned char* encr_data, SSL_PRIVATE_KEY* pk)
+int 
+ssl_private_decrypt(unsigned int len, unsigned char* encr_data, SSL_PRIVATE_KEY* pk)
 {
     int rc;
     size_t decr_len = 0;
@@ -281,7 +304,24 @@
     return decr_len;
 }
 
+/* stringinfo interface */
+static int 
+ssl_data_alloc(StringInfo* str, unsigned int len)
+{
+    str->data = g_malloc(len);
+    if (!str->data)
+        return -1;
+    str->data_len = len;
+    return 0;
+}
 
+void 
+ssl_data_set(StringInfo* str, unsigned char* data, unsigned int len)
+{
+    memcpy(str->data, data, len);
+    str->data_len = len;
+}
+
 #define PRF(ssl,secret,usage,rnd1,rnd2,out) ((ssl->version_netorder==SSLV3_VERSION)? \
         ssl3_prf(secret,usage,rnd1,rnd2,out): \
         tls_prf(secret,usage,rnd1,rnd2,out))
@@ -345,7 +385,8 @@
 #define MAX_BLOCK_SIZE 16
 #define MAX_KEY_SIZE 32
 
-int ssl_find_cipher(int num,SslCipherSuite* cs)
+int 
+ssl_find_cipher(int num,SslCipherSuite* cs)
 {
     SslCipherSuite *c;
     
@@ -359,7 +400,8 @@
     return -1;
 }
 
-static int tls_hash(StringInfo* secret,
+static int 
+tls_hash(StringInfo* secret,
         StringInfo* seed, int md, StringInfo* out)
 {
     guint8 *ptr=out->data;
@@ -398,7 +440,8 @@
     return (0);
 }    
 
-static int tls_prf(StringInfo* secret, const char *usage,
+static int 
+tls_prf(StringInfo* secret, const char *usage,
         StringInfo* rnd1, StringInfo* rnd2, StringInfo* out)
 {
     StringInfo seed, sha_out, md5_out;
@@ -455,7 +498,8 @@
     return r;    
 }
 
-static int ssl3_generate_export_iv(StringInfo* r1,
+static int 
+ssl3_generate_export_iv(StringInfo* r1,
         StringInfo* r2, StringInfo* out)
 {
     SSL_MD5_CTX md5;
@@ -472,7 +516,8 @@
     return(0);
 }
 
-static int ssl3_prf(StringInfo* secret, const char* usage,
+static int 
+ssl3_prf(StringInfo* secret, const char* usage,
         StringInfo* r1,
         StringInfo* r2,StringInfo* out)
 {
@@ -530,7 +575,8 @@
     return(0);
 }
 
-int ssl_create_decoder(SslDecoder *dec, SslCipherSuite *cipher_suite, 
+static int 
+ssl_create_decoder(SslDecoder *dec, SslCipherSuite *cipher_suite, 
         guint8 *mk, guint8 *sk, guint8 *iv)
 {
     int ciph=0;
@@ -562,7 +608,8 @@
     return 0;    
 }
 
-int ssl_generate_keyring_material(SslDecryptSession*ssl_session)
+int 
+ssl_generate_keyring_material(SslDecryptSession*ssl_session)
 {
     StringInfo key_block;
     guint8 _iv_c[MAX_BLOCK_SIZE],_iv_s[MAX_BLOCK_SIZE];
@@ -768,7 +815,8 @@
     return -1;
 }
 
-int ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session, 
+int 
+ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session, 
     StringInfo* entrypted_pre_master, SSL_PRIVATE_KEY *pk)
 {
     int i;
@@ -827,7 +875,8 @@
     return(0);
 }
 
-static int tls_check_mac(SslDecoder*decoder, int ct,int ver, guint8* data,
+static int 
+tls_check_mac(SslDecoder*decoder, int ct,int ver, guint8* data,
         guint32 datalen, guint8* mac)
 {
     SSL_HMAC hm;
@@ -868,7 +917,8 @@
     return(0);
 }
 
-int ssl3_check_mac(SslDecoder*decoder,int ct,guint8* data,
+int 
+ssl3_check_mac(SslDecoder*decoder,int ct,guint8* data,
         guint32 datalen, guint8* mac)
 {
     SSL_MD mc;
@@ -923,7 +973,8 @@
     return(0);
 }
   
-int ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct,
+int 
+ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct,
         const unsigned char* in, int inl,unsigned char*out,int* outl)
 {
     int pad, worklen;
@@ -979,7 +1030,8 @@
 
 /* old relase of gnutls does not define the appropriate macros, so get 
  * them from the string*/
-void ssl_get_version(int* major, int* minor, int* patch)
+static void 
+ssl_get_version(int* major, int* minor, int* patch)
 {
     const char* str = gnutls_check_version(NULL);
     
@@ -988,7 +1040,8 @@
 }
 
 
-SSL_PRIVATE_KEY* ssl_load_key(FILE* fp)
+SSL_PRIVATE_KEY* 
+ssl_load_key(FILE* fp)
 {    
     /* gnutls make our work much harded, since we have to work internally with
      * s-exp formatted data, but PEM loader export only in "gnutls_datum" 
@@ -1121,48 +1174,60 @@
 #endif    
 }
 
+#ifdef SSL_DECRYPT_DEBUG
 static FILE* myout=NULL;
-void ssl_lib_init(void)
+#endif
+void 
+ssl_lib_init(void)
 {
     gnutls_global_init();
 
+#ifdef SSL_DECRYPT_DEBUG    
 #ifdef _WIN32
     /* we don't have standard I/O file available, open a log */
     myout = fopen("ssl-decrypt.txt","w");
     if (!myout)
 #endif
         myout = stderr;
+#endif    
 }
 
 
 #else
 /* no libgnutl: dummy operation to keep interface consistent*/
-void ssl_lib_init(void)
+void 
+ssl_lib_init(void)
 {
 }
 
-SSL_PRIVATE_KEY* ssl_load_key(FILE* fp) 
+SSL_PRIVATE_KEY* 
+ssl_load_key(FILE* fp) 
 {
     ssl_debug_printf("ssl_load_key: impossible without glutls. fp %p\n",fp);
     return NULL;
 }
-void ssl_free_key(SSL_PRIVATE_KEY* key)
+
+void 
+ssl_free_key(SSL_PRIVATE_KEY* key _U_)
 {
 }
 
-int ssl_find_cipher(int num,SslCipherSuite* cs) 
+int 
+ssl_find_cipher(int num,SslCipherSuite* cs) 
 {
     ssl_debug_printf("ssl_find_cipher: dummy without glutls. num %d cs %p\n",
         num,cs);
     return 0; 
 }
-int ssl_generate_keyring_material(SslDecryptSession*ssl) 
+int 
+ssl_generate_keyring_material(SslDecryptSession*ssl) 
 {
     ssl_debug_printf("ssl_generate_keyring_material: impossible without glutls. ssl %p\n",
         ssl);
     return 0; 
 }
-int ssl_decrypt_pre_master_secret(SslDecryptSession* ssl_session, 
+int 
+ssl_decrypt_pre_master_secret(SslDecryptSession* ssl_session, 
     StringInfo* entrypted_pre_master, SSL_PRIVATE_KEY *pk)
 {
     ssl_debug_printf("ssl_decrypt_pre_master_secret: impossible without glutls."
@@ -1171,7 +1236,8 @@
     return 0;
 }
 
-int ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct, 
+int 
+ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct, 
         const unsigned char* in, int inl,unsigned char*out,int* outl)
 {
     ssl_debug_printf("ssl_decrypt_record: impossible without gnutls. ssl %p"
@@ -1183,7 +1249,8 @@
 #endif
 
 /* get ssl data for this session. if no ssl data is found allocate a new one*/
-void ssl_session_init(SslDecryptSession* ssl_session)
+void 
+ssl_session_init(SslDecryptSession* ssl_session)
 {
     ssl_debug_printf("ssl_session_init: initializing ptr %p size %d\n", 
         ssl_session, sizeof(SslDecryptSession));
@@ -1195,35 +1262,9 @@
     ssl_session->master_secret.data_len = 48;
 }
 
-int ssl_data_init(StringInfo* str, unsigned char* src, unsigned int len)
-{
-    str->data = g_realloc(str->data,len);
-    if (!str->data)
-        return -1;
-    if (src)
-        memcpy(str->data, src,len);
-    str->data_len = len;
-    return 0;
-}
-
-int ssl_data_alloc(StringInfo* str, unsigned int len)
-{
-    str->data = g_malloc(len);
-    if (!str->data)
-        return -1;
-    str->data_len = len;
-    return 0;
-}
-
-int ssl_data_set(StringInfo* str, unsigned char* data, unsigned int len)
-{
-    memcpy(str->data, data, len);
-    str->data_len = len;
-    return 0;
-}
-
 #ifdef SSL_DECRYPT_DEBUG
-void ssl_debug_printf(const char* fmt, ...)
+void 
+ssl_debug_printf(const char* fmt, ...)
 {
   va_list ap;
   int ret=0;
@@ -1233,8 +1274,8 @@
   fflush(myout);
 }
 
-
-void ssl_print_text_data(const char* name, const unsigned char* data, int len)
+void 
+ssl_print_text_data(const char* name, const unsigned char* data, int len)
 {
     int i;
     fprintf(myout,"%s: ",name);
@@ -1245,7 +1286,8 @@
     fflush(myout);
 }
 
-void ssl_print_data(const char* name, const unsigned char* data, int len)
+void 
+ssl_print_data(const char* name, const unsigned char* data, int len)
 {
     int i;
     fprintf(myout,"%s[%d]:\n",name, len);
@@ -1258,7 +1300,8 @@
     fflush(myout);
 }
 
-void ssl_print_string(const char* name, const StringInfo* data)
+void 
+ssl_print_string(const char* name, const StringInfo* data)
 {
     ssl_print_data(name, data->data, data->data_len);
 }
Index: epan/dissectors/packet-ssl-utils.h
===================================================================
--- epan/dissectors/packet-ssl-utils.h	(revision 17164)
+++ epan/dissectors/packet-ssl-utils.h	(working copy)
@@ -28,7 +28,6 @@
 #ifdef HAVE_LIBGNUTLS
 
 #ifdef _WIN32
-/* #include <gnutls_conf.h> */
 #include <gcrypt_conf.h>
 #endif
 
@@ -36,6 +35,7 @@
 #include <gcrypt.h>
 #include <gnutls/x509.h>
 #include <gnutls/openssl.h>
+#include <epan/gnuc_format_check.h>
 
 /* #define SSL_FAST 1 */
 #define SSL_DECRYPT_DEBUG
@@ -139,31 +139,87 @@
 
 } SslDecryptSession;
 
-void ssl_lib_init(void);
-void ssl_session_init(SslDecryptSession*);
-int ssl_data_alloc(StringInfo* str, unsigned int len);
-int ssl_data_set(StringInfo* data, unsigned char* src, unsigned int len);
+/** Initialize decryption engine/ssl layer. To be called once per execution */
+extern void 
+ssl_lib_init(void);
 
-SSL_PRIVATE_KEY* ssl_load_key(FILE* fp);
-void ssl_free_key(SSL_PRIVATE_KEY*);
+/** Initialize an ssl session struct
+ @param ssl pointer to ssl session struct to be initialized */
+extern void 
+ssl_session_init(SslDecryptSession* ssl);
 
-int ssl_find_cipher(int num,SslCipherSuite* cs);
+/** set the data and len for the stringInfo buffer. buf should be big enough to
+ * contain the provided data
+ @param buf the buffer to update
+ @param src the data source 
+ @param len the source data len */
+extern void 
+ssl_data_set(StringInfo* buf, unsigned char* src, unsigned int len);
 
-int ssl_generate_keyring_material(SslDecryptSession*ssl_session);
+/** Load an RSA private key from specified file
+ @param fp the file that contain the key data
+ @return a pointer to the loaded key on success, or NULL */
+extern SSL_PRIVATE_KEY* 
+ssl_load_key(FILE* fp);
 
-int ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session, 
+/** Deallocate the memory used for specified key 
+ @param pointer to the key to be freed */
+extern void 
+ssl_free_key(SSL_PRIVATE_KEY* key);
+
+/* Search for the specified cipher souite id 
+ @param num the id of the cipher suite to be searched 
+ @param cs pointer to the cipher suite struct to be filled 
+ @return 0 if the cipher suite is found, -1 elsewhere */
+extern int 
+ssl_find_cipher(int num,SslCipherSuite* cs);
+
+/* Expand the pre_master_secret to generate all the session information 
+ * (master secret, session keys, ivs)
+ @param ssl_session the store for all the session data
+ @return 0 on success */
+extern int 
+ssl_generate_keyring_material(SslDecryptSession*ssl_session);
+
+/* Try to decrypt in place the encrypted pre_master_secret
+ @param ssl_session the store for the decrypted pre_master_secret
+ @param entrypted_pre_master the rsa encrypted pre_master_secret
+ @param pk the private key to be used for decryption
+ @return 0 on success */
+extern int 
+ssl_decrypt_pre_master_secret(SslDecryptSession*ssl_session, 
     StringInfo* entrypted_pre_master, SSL_PRIVATE_KEY *pk);
 
-int ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct, 
+/* Try to decrypt an ssl record
+ @param ssl_session the store all the session data
+ @param decoder the stream decoder to be used
+ @param ct the content type of this ssl record
+ @param in a pinter to the ssl record to be decrypted
+ @param inl the record lenght
+ @param out a pointer to the store for the decrypted data
+ @param outl the decrypted data len 
+ @return 0 on success */
+extern int 
+ssl_decrypt_record(SslDecryptSession*ssl,SslDecoder* decoder, int ct, 
         const unsigned char* in, int inl,unsigned char*out,int* outl);
 
 #ifdef SSL_DECRYPT_DEBUG
-void ssl_debug_printf(const char* fmt,...);
-void ssl_print_data(const char* name, const unsigned char* data, int len);
-void ssl_print_string(const char* name, const StringInfo* data);
-void ssl_print_text_data(const char* name, const unsigned char* data, int len);
+extern void 
+ssl_debug_printf(const char* fmt,...) GNUC_FORMAT_CHECK(printf,1,2);
+extern void 
+ssl_print_data(const char* name, const unsigned char* data, int len);
+extern void 
+ssl_print_string(const char* name, const StringInfo* data);
+extern void 
+ssl_print_text_data(const char* name, const unsigned char* data, int len);
 #else
-static inline char* ssl_debug_printf(const char* fmt,...) { return fmt; }
+
+/* No debug: nullify debug operation*/
+static inline const char* 
+ssl_debug_printf(const char* fmt,...) GNUC_FORMAT_CHECK(printf,1,2)
+{ 
+    return fmt; 
+}
 #define ssl_print_data(a, b, c)
 #define ssl_print_string(a, b)
 #define ssl_print_text_data(a, b, c)
Index: epan/dissectors/packet-ssl.c
===================================================================
--- epan/dissectors/packet-ssl.c	(revision 17164)
+++ epan/dissectors/packet-ssl.c	(working copy)
@@ -217,13 +217,7 @@
     char* info;
 } SslAssociation;
 
-#ifdef _WIN32
-#define TEST_DIR "\\Program Files\\Ethereal\\esp_data\\"
-#else
-#define TEST_DIR "/usr/share/ethereal-ssl-decrypt/"
-#endif
-static char* ssl_keys_list = "127.0.0.1:443:"TEST_DIR"server.key,"
-    "127.0.0.1:4433:"TEST_DIR"server.pem";
+static char* ssl_keys_list = NULL;
 static char* ssl_ports_list = NULL;
 
 typedef struct _SslService {
@@ -238,7 +232,8 @@
 static StringInfo ssl_decrypted_data = {NULL, 0};
 
 /* Hash Functions for ssl sessions table and private keys table*/
-static gint  ssl_equal (gconstpointer v, gconstpointer v2)
+static gint  
+ssl_equal (gconstpointer v, gconstpointer v2)
 {
     const StringInfo *val1 = (const StringInfo *)v;
     const StringInfo *val2 = (const StringInfo *)v2;
@@ -250,7 +245,8 @@
     return 0;
 }
 
-static guint ssl_hash  (gconstpointer v)
+static guint 
+ssl_hash  (gconstpointer v)
 {    
     guint l,hash = 0;
     StringInfo* id = (StringInfo*) v;
@@ -261,7 +257,8 @@
     return hash;
 }
 
-static gint  ssl_private_key_equal (gconstpointer v, gconstpointer v2)
+static gint 
+ssl_private_key_equal (gconstpointer v, gconstpointer v2)
 {
     const SslService *val1 = (const SslService *)v;
     const SslService *val2 = (const SslService *)v2;
@@ -273,7 +270,8 @@
     return 0;
 }
 
-static guint ssl_private_key_hash  (gconstpointer v)
+static guint 
+ssl_private_key_hash  (gconstpointer v)
 {    
     const SslService *key = (const SslService *)v;
     guint l,hash = key->port, len = key->addr.len;
@@ -287,14 +285,16 @@
 
 /* private key table entries have a scope 'larger' then packet capture,
  * so we can't relay on se_alloc** function */
-static void ssl_private_key_free(gpointer id, gpointer key, gpointer dummy)
+static void 
+ssl_private_key_free(gpointer id, gpointer key, gpointer dummy _U_)
 {
     g_free(id);
     ssl_free_key((SSL_PRIVATE_KEY*) key);
 }
 
 /* handling of association between ssl ports and clear text protocol */
-static void ssl_association_add(unsigned int port, unsigned int ctport, 
+static void 
+ssl_association_add(unsigned int port, unsigned int ctport, 
         const char* info)
 {
     dissector_table_t tcp_dissectors = find_dissector_table( "tcp.port");
@@ -313,23 +313,26 @@
     g_tree_insert(ssl_associations, (gpointer)port, assoc);
 }
 
-static gint ssl_association_cmp(gconstpointer a, gconstpointer b)
+static gint 
+ssl_association_cmp(gconstpointer a, gconstpointer b)
 {
     return (gint)a-(gint)b;
 }
 
-static inline SslAssociation* ssl_association_find(unsigned int port)
+static inline 
+SslAssociation* ssl_association_find(unsigned int port)
 {
     register SslAssociation* ret = g_tree_lookup(ssl_associations, (gpointer)port);
     ssl_debug_printf("ssl_association_find: port %d found %p\n", port, ret);
     return ret;
 }
 
-static gint ssl_association_remove_handle (gpointer key, 
-    gpointer  data, gpointer  user_data)
+static gint 
+ssl_association_remove_handle (gpointer key _U_, 
+    gpointer  data, gpointer  user_data _U_)
 {
     SslAssociation* assoc = (SslAssociation*) data;
-    ssl_debug_printf("ssl_association_remove_handle removing ptr %p handle\n",
+    ssl_debug_printf("ssl_association_remove_handle removing ptr %p handle %p\n",
         data, assoc->handle);
     if (assoc->handle)
         dissector_delete("tcp.port", assoc->ssl_port, assoc->handle);
@@ -1706,7 +1709,7 @@
             new_tvb = tvb_new_real_data(decrypted->data, 
                 decrypted->data_len, decrypted->data_len);
             tvb_set_free_cb(new_tvb, g_free);
-            //tvb_set_child_real_data_tvbuff(tvb, new_tvb);
+            /* tvb_set_child_real_data_tvbuff(tvb, new_tvb); */
             
             /* find out a dissector using server port*/
             if (association && association->handle) {
@@ -2133,7 +2136,7 @@
 
     }
     
-    // XXXX
+    /* XXXX */
     return session_id_length+33;
 }
 
@@ -2960,7 +2963,7 @@
                                              plurality(session_id_length, "", "s"));
             }
             
-            //PAOLO: get session id and reset session state for key [re]negotiation
+            /* PAOLO: get session id and reset session state for key [re]negotiation */
             if (ssl)
             {
                 tvb_memcpy(tvb,ssl->session_id.data, offset, session_id_length);
@@ -2981,14 +2984,14 @@
                                 tvb, offset, challenge_length, 0);
             if (ssl)
             {
-                //PAOLO: get client random data; we get at most 32 bytes from 
-                // challenge
+                /* PAOLO: get client random data; we get at most 32 bytes from 
+                 challenge */
                 int max = challenge_length > 32? 32: challenge_length;
                 
                 ssl_debug_printf("client random len: %d padded to 32\n",
                     challenge_length);
                 
-                // client random is padded with zero and 'right' aligned
+                /* client random is padded with zero and 'right' aligned */
                 memset(ssl->client_random.data, 0, 32 - max);
                 tvb_memcpy(tvb, &ssl->client_random.data[32 - max], offset, max);
                 ssl->client_random.data_len = 32;