tshark调用栈解析——https模块（从下往上看）

libwireshark.dll!ssl_print_decrypted_app_data(const char * name, const unsigned char * data, unsigned int len) 行 4880    C

——次函数是我自己增加的打印消息，可以打印ssl解密后的内容
     libwireshark.dll!dissect_ssl_payload(tvbuff * tvb, _packet_info * pinfo, int offset, _proto_node * tree, _SslSession * session) 行 1365    C
     libwireshark.dll!dissect_ssl3_record(tvbuff * tvb, _packet_info * pinfo, _proto_node * tree, unsigned int offset, _SslSession * session, int is_from_server, int * need_desegmentation, _SslDecryptSession * ssl, const int first_record_in_frame) 行 1762    C
     libwireshark.dll!dissect_ssl(tvbuff * tvb, _packet_info * pinfo, _proto_node * tree, void * data) 行 776    C
     libwireshark.dll!call_dissector_through_handle(dissector_handle * handle, tvbuff * tvb, _packet_info * pinfo, _proto_node * tree, void * data) 行 618    C
     libwireshark.dll!call_dissector_work(dissector_handle * handle, tvbuff * tvb, _packet_info * pinfo_arg, _proto_node * tree, int add_proto_name, void * data) 行 706    C

——call_dissector_through_handle根据注册的协议名称，可以找到对应的协议处理函数

static int call_dissector_through_handle(dissector_handle_t handle, tvbuff_t *tvb,                   packet_info *pinfo, proto_tree *tree, void *data) {     const char *saved_proto;     int         len;     saved_proto = pinfo->current_proto;     if (handle->protocol != NULL) {         pinfo->current_proto =             proto_get_protocol_short_name(handle->protocol);     }     if (handle->is_new) {         len = (*handle->dissector.new_d)(tvb, pinfo, tree, data);     } else {