aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Wu <peter@lekensteyn.nl>2018-09-15 11:18:42 +0200
committerAnders Broman <a.broman58@gmail.com>2018-09-15 19:12:48 +0000
commit02fc8b4b1066e588ea5842be380f9f0983d5cf1f (patch)
tree45b788f54c7209a2cb3d187e0e91e28a03edabd8
parent203d875d3bf40280a3aefd31a549f8f937b5a50d (diff)
ssl,ssl-utils: remove PCT support
This protocol was superseded by SSLv3 and has been disabled in MS products long time ago. Change-Id: If29bcfad394ba55c7d6605626762c29055a02ae9 Reviewed-on: https://code.wireshark.org/review/29667 Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Gerald Combs <gerald@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
-rw-r--r--epan/dissectors/packet-ssl-utils.c78
-rw-r--r--epan/dissectors/packet-ssl-utils.h57
-rw-r--r--epan/dissectors/packet-ssl.c663
3 files changed, 10 insertions, 788 deletions
diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c
index bbf85c4..ab3ce3b 100644
--- a/epan/dissectors/packet-ssl-utils.c
+++ b/epan/dissectors/packet-ssl-utils.c
@@ -70,7 +70,6 @@ const value_string ssl_version_short_names[] = {
{ DTLSV1DOT0_VERSION, "DTLSv1.0" },
{ DTLSV1DOT2_VERSION, "DTLSv1.2" },
{ DTLSV1DOT0_OPENSSL_VERSION, "DTLS 1.0 (OpenSSL pre 0.9.8f)" },
- { PCT_VERSION, "PCT" },
{ 0x00, NULL }
};
@@ -412,17 +411,6 @@ static const value_string ssl_20_cipher_suites[] = {
{ 0x0700c0, "SSL2_DES_192_EDE3_CBC_WITH_MD5" },
{ 0x080080, "SSL2_RC4_64_WITH_MD5" },
- /* Microsoft's old PCT protocol. These are from Eric Rescorla's
- book "SSL and TLS" */
- { 0x800001, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509" },
- { 0x800003, "PCT_SSL_CERT_TYPE | PCT1_CERT_X509_CHAIN" },
- { 0x810001, "PCT_SSL_HASH_TYPE | PCT1_HASH_MD5" },
- { 0x810003, "PCT_SSL_HASH_TYPE | PCT1_HASH_SHA" },
- { 0x820001, "PCT_SSL_EXCH_TYPE | PCT1_EXCH_RSA_PKCS1" },
- { 0x830004, "PCT_SSL_CIPHER_TYPE_1ST_HALF | PCT1_CIPHER_RC4" },
- { 0x842840, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_40 | PCT1_MAC_BITS_128" },
- { 0x848040, "PCT_SSL_CIPHER_TYPE_2ND_HALF | PCT1_ENC_BITS_128 | PCT1_MAC_BITS_128" },
- { 0x8f8001, "PCT_SSL_COMPAT | PCT_VERSION_1" },
{ 0x00, NULL }
};
@@ -1111,72 +1099,6 @@ static const value_string ssl_31_ciphersuite[] = {
value_string_ext ssl_31_ciphersuite_ext = VALUE_STRING_EXT_INIT(ssl_31_ciphersuite);
-
-const value_string pct_msg_types[] = {
- { PCT_MSG_CLIENT_HELLO, "Client Hello" },
- { PCT_MSG_SERVER_HELLO, "Server Hello" },
- { PCT_MSG_CLIENT_MASTER_KEY, "Client Master Key" },
- { PCT_MSG_SERVER_VERIFY, "Server Verify" },
- { PCT_MSG_ERROR, "Error" },
- { 0x00, NULL }
-};
-
-const value_string pct_cipher_type[] = {
- { PCT_CIPHER_DES, "DES" },
- { PCT_CIPHER_IDEA, "IDEA" },
- { PCT_CIPHER_RC2, "RC2" },
- { PCT_CIPHER_RC4, "RC4" },
- { PCT_CIPHER_DES_112, "DES 112 bit" },
- { PCT_CIPHER_DES_168, "DES 168 bit" },
- { 0x00, NULL }
-};
-
-const value_string pct_hash_type[] = {
- { PCT_HASH_MD5, "MD5" },
- { PCT_HASH_MD5_TRUNC_64, "MD5_TRUNC_64"},
- { PCT_HASH_SHA, "SHA"},
- { PCT_HASH_SHA_TRUNC_80, "SHA_TRUNC_80"},
- { PCT_HASH_DES_DM, "DES_DM"},
- { 0x00, NULL }
-};
-
-const value_string pct_cert_type[] = {
- { PCT_CERT_NONE, "None" },
- { PCT_CERT_X509, "X.509" },
- { PCT_CERT_PKCS7, "PKCS #7" },
- { 0x00, NULL }
-};
-const value_string pct_sig_type[] = {
- { PCT_SIG_NONE, "None" },
- { PCT_SIG_RSA_MD5, "MD5" },
- { PCT_SIG_RSA_SHA, "RSA SHA" },
- { PCT_SIG_DSA_SHA, "DSA SHA" },
- { 0x00, NULL }
-};
-
-const value_string pct_exch_type[] = {
- { PCT_EXCH_RSA_PKCS1, "RSA PKCS#1" },
- { PCT_EXCH_RSA_PKCS1_TOKEN_DES, "RSA PKCS#1 Token DES" },
- { PCT_EXCH_RSA_PKCS1_TOKEN_DES3, "RSA PKCS#1 Token 3DES" },
- { PCT_EXCH_RSA_PKCS1_TOKEN_RC2, "RSA PKCS#1 Token RC-2" },
- { PCT_EXCH_RSA_PKCS1_TOKEN_RC4, "RSA PKCS#1 Token RC-4" },
- { PCT_EXCH_DH_PKCS3, "DH PKCS#3" },
- { PCT_EXCH_DH_PKCS3_TOKEN_DES, "DH PKCS#3 Token DES" },
- { PCT_EXCH_DH_PKCS3_TOKEN_DES3, "DH PKCS#3 Token 3DES" },
- { PCT_EXCH_FORTEZZA_TOKEN, "Fortezza" },
- { 0x00, NULL }
-};
-
-const value_string pct_error_code[] = {
- { PCT_ERR_BAD_CERTIFICATE, "PCT_ERR_BAD_CERTIFICATE" },
- { PCT_ERR_CLIENT_AUTH_FAILED, "PCT_ERR_CLIENT_AUTH_FAILE" },
- { PCT_ERR_ILLEGAL_MESSAGE, "PCT_ERR_ILLEGAL_MESSAGE" },
- { PCT_ERR_INTEGRITY_CHECK_FAILED, "PCT_ERR_INTEGRITY_CHECK_FAILED" },
- { PCT_ERR_SERVER_AUTH_FAILED, "PCT_ERR_SERVER_AUTH_FAILED" },
- { PCT_ERR_SPECS_MISMATCH, "PCT_ERR_SPECS_MISMATCH" },
- { 0x00, NULL }
-};
-
/* http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-1 */
const value_string tls_hello_extension_types[] = {
{ SSL_HND_HELLO_EXT_SERVER_NAME, "server_name" }, /* RFC 6066 */
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h
index 01e0b33..31ef008 100644
--- a/epan/dissectors/packet-ssl-utils.h
+++ b/epan/dissectors/packet-ssl-utils.h
@@ -77,55 +77,6 @@ typedef enum {
#define SSL2_HND_REQUEST_CERTIFICATE 0x07
#define SSL2_HND_CLIENT_CERTIFICATE 0x08
-#define PCT_VERSION_1 0x8001
-
-#define PCT_MSG_CLIENT_HELLO 0x01
-#define PCT_MSG_SERVER_HELLO 0x02
-#define PCT_MSG_CLIENT_MASTER_KEY 0x03
-#define PCT_MSG_SERVER_VERIFY 0x04
-#define PCT_MSG_ERROR 0x05
-
-#define PCT_CH_OFFSET_V1 0xa
-
-#define PCT_CIPHER_DES 0x01
-#define PCT_CIPHER_IDEA 0x02
-#define PCT_CIPHER_RC2 0x03
-#define PCT_CIPHER_RC4 0x04
-#define PCT_CIPHER_DES_112 0x05
-#define PCT_CIPHER_DES_168 0x06
-
-#define PCT_HASH_MD5 0x0001
-#define PCT_HASH_MD5_TRUNC_64 0x0002
-#define PCT_HASH_SHA 0x0003
-#define PCT_HASH_SHA_TRUNC_80 0x0004
-#define PCT_HASH_DES_DM 0x0005
-
-#define PCT_CERT_NONE 0x00
-#define PCT_CERT_X509 0x01
-#define PCT_CERT_PKCS7 0x02
-
-#define PCT_SIG_NONE 0x0000
-#define PCT_SIG_RSA_MD5 0x0001
-#define PCT_SIG_RSA_SHA 0x0002
-#define PCT_SIG_DSA_SHA 0x0003
-
-#define PCT_EXCH_RSA_PKCS1 0x01
-#define PCT_EXCH_RSA_PKCS1_TOKEN_DES 0x02
-#define PCT_EXCH_RSA_PKCS1_TOKEN_DES3 0x03
-#define PCT_EXCH_RSA_PKCS1_TOKEN_RC2 0x04
-#define PCT_EXCH_RSA_PKCS1_TOKEN_RC4 0x05
-#define PCT_EXCH_DH_PKCS3 0x06
-#define PCT_EXCH_DH_PKCS3_TOKEN_DES 0x07
-#define PCT_EXCH_DH_PKCS3_TOKEN_DES3 0x08
-#define PCT_EXCH_FORTEZZA_TOKEN 0x09
-
-#define PCT_ERR_BAD_CERTIFICATE 0x01
-#define PCT_ERR_CLIENT_AUTH_FAILED 0x02
-#define PCT_ERR_ILLEGAL_MESSAGE 0x03
-#define PCT_ERR_INTEGRITY_CHECK_FAILED 0x04
-#define PCT_ERR_SERVER_AUTH_FAILED 0x05
-#define PCT_ERR_SPECS_MISMATCH 0x06
-
#define SSL_HND_HELLO_EXT_SERVER_NAME 0
#define SSL_HND_HELLO_EXT_MAX_FRAGMENT_LENGTH 1
#define SSL_HND_HELLO_EXT_CLIENT_CERTIFICATE_URL 2
@@ -226,13 +177,6 @@ extern const value_string ssl_31_signature_algorithm[];
extern const value_string ssl_31_client_certificate_type[];
extern const value_string ssl_31_public_value_encoding[];
extern value_string_ext ssl_31_ciphersuite_ext;
-extern const value_string pct_msg_types[];
-extern const value_string pct_cipher_type[];
-extern const value_string pct_hash_type[];
-extern const value_string pct_cert_type[];
-extern const value_string pct_sig_type[];
-extern const value_string pct_exch_type[];
-extern const value_string pct_error_code[];
extern const value_string tls_hello_extension_types[];
extern const value_string tls_hash_algorithm[];
extern const value_string tls_signature_algorithm[];
@@ -258,7 +202,6 @@ typedef struct _StringInfo {
#define SSL_WRITE_KEY 1
#define SSL_VER_UNKNOWN 0
-#define PCT_VERSION 0x8001 /* PCT_VERSION_1 from http://graphcomp.com/info/specs/ms/pct.htm */
#define SSLV2_VERSION 0x0002 /* not in record layer, SSL_CLIENT_SERVER from
http://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html */
#define SSLV3_VERSION 0x300
diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c
index 8bbd9d3..65402f3 100644
--- a/epan/dissectors/packet-ssl.c
+++ b/epan/dissectors/packet-ssl.c
@@ -22,12 +22,6 @@
*
* See RFC 2246 for SSL 3.1/TLS 1.0 specs.
*
- * See (among other places)
- *
- * http://www.graphcomp.com/info/specs/ms/pct.htm
- *
- * for PCT 1 draft specs.
- *
* See
*
* http://research.sun.com/projects/crypto/draft-ietf-tls-ecc-05.txt
@@ -130,7 +124,6 @@ static gint hf_ssl2_record = -1;
static gint hf_ssl2_record_is_escape = -1;
static gint hf_ssl2_record_padding_length = -1;
static gint hf_ssl2_msg_type = -1;
-static gint hf_pct_msg_type = -1;
static gint hf_tls_alert_message = -1;
static gint hf_tls_alert_message_level = -1;
static gint hf_tls_alert_message_description = -1;
@@ -156,62 +149,6 @@ static gint hf_ssl2_handshake_session_id_hit = -1;
static gint hf_ssl2_handshake_cert_type = -1;
static gint hf_ssl2_handshake_connection_id_len = -1;
static gint hf_ssl2_handshake_connection_id = -1;
-static gint hf_pct_handshake_cipher_spec = -1;
-static gint hf_pct_handshake_hash_spec = -1;
-static gint hf_pct_handshake_cert_spec = -1;
-static gint hf_pct_handshake_cert = -1;
-static gint hf_pct_handshake_server_cert = -1;
-static gint hf_pct_handshake_exch_spec = -1;
-static gint hf_pct_handshake_hash = -1;
-static gint hf_pct_handshake_cipher = -1;
-static gint hf_pct_handshake_exch = -1;
-static gint hf_pct_handshake_sig = -1;
-static gint hf_pct_msg_error_type = -1;
-
-/* Generated from convert_proto_tree_add_text.pl */
-static int hf_ssl_pct_client_version = -1;
-static int hf_ssl_pct_pad = -1;
-static int hf_ssl_pct_client_session_id_data = -1;
-static int hf_ssl_pct_challenge_data = -1;
-static int hf_ssl_pct_ch_offset = -1;
-static int hf_ssl_pct_cipher_specs_length = -1;
-static int hf_ssl_pct_hash_specs_length = -1;
-static int hf_ssl_pct_cert_specs_length = -1;
-static int hf_ssl_pct_exch_specs_length = -1;
-static int hf_ssl_pct_iv_length = -1;
-static int hf_ssl_pct_encryption_key_length = -1;
-static int hf_ssl_pct_mac_key_length_in_bits = -1;
-static int hf_ssl_pct_iv_data = -1;
-static int hf_ssl_pct_server_version = -1;
-static int hf_ssl_pct_sh_restart_session_ok_flag = -1;
-static int hf_ssl_pct_sh_client_auth_req_flag = -1;
-static int hf_ssl_pct_connection_id_data = -1;
-static int hf_ssl_pct_server_certificate_length = -1;
-static int hf_ssl_pct_client_cert_specs_length = -1;
-static int hf_ssl_pct_client_sig_specs_length = -1;
-static int hf_ssl_pct_response_length = -1;
-static int hf_ssl_pct_client_cert_specs = -1;
-static int hf_ssl_pct_client_signature = -1;
-static int hf_ssl_pct_server_response = -1;
-static int hf_ssl_pct_clear_key_length = -1;
-static int hf_ssl_pct_encrypted_key_length = -1;
-static int hf_ssl_pct_verify_prelude_length = -1;
-static int hf_ssl_pct_client_cert_length = -1;
-static int hf_ssl_pct_clear_key_data = -1;
-static int hf_ssl_pct_encrypted_key_data = -1;
-static int hf_ssl_pct_verify_prelude_data = -1;
-static int hf_ssl_pct_client_certificate_data = -1;
-static int hf_ssl_pct_response_data = -1;
-static int hf_ssl_pct_server_session_id_data = -1;
-static int hf_ssl_pct_server_response_length = -1;
-static int hf_ssl_pct_error_information_length = -1;
-static int hf_ssl_pct_specs_mismatch_cipher = -1;
-static int hf_ssl_pct_specs_mismatch_hash = -1;
-static int hf_ssl_pct_specs_mismatch_cert = -1;
-static int hf_ssl_pct_specs_mismatch_exch = -1;
-static int hf_ssl_pct_specs_mismatch_client_cert = -1;
-static int hf_ssl_pct_specs_mismatch_client_sig = -1;
-static int hf_ssl_pct_error_information_data = -1;
static int hf_tls_reassembled_in = -1;
static int hf_tls_reassembled_length = -1;
@@ -241,10 +178,6 @@ static gint ett_tls_alert = -1;
static gint ett_tls_handshake = -1;
static gint ett_tls_heartbeat = -1;
static gint ett_tls_certs = -1;
-static gint ett_pct_cipher_suites = -1;
-static gint ett_pct_hash_suites = -1;
-static gint ett_pct_cert_suites = -1;
-static gint ett_pct_exch_suites = -1;
static gint ett_tls_segments = -1;
static gint ett_tls_segment = -1;
@@ -253,10 +186,7 @@ static expert_field ei_ssl3_heartbeat_payload_length = EI_INIT;
static expert_field ei_tls_unexpected_message = EI_INIT;
/* Generated from convert_proto_tree_add_text.pl */
-static expert_field ei_ssl_pct_ch_offset = EI_INIT;
-static expert_field ei_ssl_pct_server_version = EI_INIT;
static expert_field ei_tls_ignored_unknown_record = EI_INIT;
-static expert_field ei_ssl_pct_client_version = EI_INIT;
/* not all of the hf_fields below make sense for TLS but we have to provide
them anyways to comply with the api (which was aimed for ip fragment
@@ -581,35 +511,17 @@ static void dissect_ssl2_hnd_client_hello(tvbuff_t *tvb, packet_info *pinfo,
guint32 offset,
SslDecryptSession *ssl);
-static void dissect_pct_msg_client_hello(tvbuff_t *tvb, packet_info *pinfo,
- proto_tree *tree,
- guint32 offset);
-
/* client master key dissector */
static void dissect_ssl2_hnd_client_master_key(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset);
-static void dissect_pct_msg_client_master_key(tvbuff_t *tvb,
- proto_tree *tree,
- guint32 offset);
/* server hello dissector */
static void dissect_ssl2_hnd_server_hello(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset, packet_info *pinfo);
-static void dissect_pct_msg_server_hello(tvbuff_t *tvb,
- proto_tree *tree,
- guint32 offset, packet_info *pinfo);
-static void dissect_pct_msg_server_verify(tvbuff_t *tvb,
- proto_tree *tree,
- guint32 offset);
-
-static void dissect_pct_msg_error(tvbuff_t *tvb,
- proto_tree *tree,
- guint32 offset);
-
/*
* Support Functions
*
@@ -621,9 +533,6 @@ static gint ssl_looks_like_sslv3(tvbuff_t *tvb, const guint32 offset);
static gint ssl_looks_like_valid_v2_handshake(tvbuff_t *tvb,
const guint32 offset,
const guint32 record_length);
-static gint ssl_looks_like_valid_pct_handshake(tvbuff_t *tvb,
- const guint32 offset,
- const guint32 record_length);
/*********************************************************************
*
@@ -746,7 +655,6 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
*/
switch (session->version) {
case SSLV2_VERSION:
- case PCT_VERSION:
offset = dissect_ssl2_record(tvb, pinfo, ssl_tree,
offset, session,
&need_desegmentation,
@@ -816,7 +724,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_)
if (ssl_looks_like_sslv2(tvb, offset))
{
- /* looks like sslv2 or pct client hello */
+ /* looks like sslv2 client hello */
offset = dissect_ssl2_record(tvb, pinfo, ssl_tree,
offset, session,
&need_desegmentation,
@@ -2669,13 +2577,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
*/
if (session->version == SSL_VER_UNKNOWN)
{
- if (ssl_looks_like_valid_pct_handshake(tvb,
- (initial_offset +
- record_length_length),
- record_length)) {
- session->version = PCT_VERSION;
- }
- else if (msg_type >= 2 && msg_type <= 8)
+ if (msg_type >= 2 && msg_type <= 8)
{
session->version = SSLV2_VERSION;
}
@@ -2685,30 +2587,21 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
* conversation, then set a version for just this frame
* (e.g., on a client hello)
*/
- col_set_str(pinfo->cinfo, COL_PROTOCOL,
- (session->version == PCT_VERSION) ? "PCT" : "SSLv2");
+ col_set_str(pinfo->cinfo, COL_PROTOCOL, "SSLv2");
/* see if the msg_type is valid; if not the payload is
* probably encrypted, so note that fact and bail
*/
- msg_type_str = try_val_to_str(msg_type,
- (session->version == PCT_VERSION)
- ? pct_msg_types : ssl_20_msg_types);
+ msg_type_str = try_val_to_str(msg_type, ssl_20_msg_types);
if (!msg_type_str
- || ((session->version != PCT_VERSION) &&
- !ssl_looks_like_valid_v2_handshake(tvb, initial_offset
- + record_length_length,
- record_length))
- || ((session->version == PCT_VERSION) &&
- !ssl_looks_like_valid_pct_handshake(tvb, initial_offset
+ || (!ssl_looks_like_valid_v2_handshake(tvb, initial_offset
+ record_length_length,
record_length)))
{
if (ssl_record_tree)
{
proto_item_set_text(ssl_record_tree, "%s Record Layer: %s",
- (session->version == PCT_VERSION)
- ? "PCT" : "SSLv2",
+ "SSLv2",
"Encrypted Data");
/* Unlike SSLv3, the SSLv2 record layer does not have a
@@ -2732,8 +2625,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
if (ssl_record_tree)
{
proto_item_set_text(ssl_record_tree, "%s Record Layer: %s",
- (session->version == PCT_VERSION)
- ? "PCT" : "SSLv2",
+ "SSLv2",
msg_type_str);
}
}
@@ -2784,14 +2676,11 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
/* add the message type */
if (ssl_record_tree)
{
- proto_tree_add_item(ssl_record_tree,
- (session->version == PCT_VERSION)
- ? hf_pct_msg_type : hf_ssl2_msg_type,
+ proto_tree_add_item(ssl_record_tree, hf_ssl2_msg_type,
tvb, offset, 1, ENC_BIG_ENDIAN);
}
offset += 1; /* move past msg_type byte */
- if (session->version != PCT_VERSION)
{
/* dissect the message (only handle client hello right now) */
switch (msg_type) {
@@ -2820,30 +2709,6 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree,
break;
}
}
- else
- {
- /* dissect the message */
- switch (msg_type) {
- case PCT_MSG_CLIENT_HELLO:
- dissect_pct_msg_client_hello(tvb, pinfo, ssl_record_tree, offset);
- break;
- case PCT_MSG_SERVER_HELLO:
- dissect_pct_msg_server_hello(tvb, ssl_record_tree, offset, pinfo);
- break;
- case PCT_MSG_CLIENT_MASTER_KEY:
- dissect_pct_msg_client_master_key(tvb, ssl_record_tree, offset);
- break;
- case PCT_MSG_SERVER_VERIFY:
- dissect_pct_msg_server_verify(tvb, ssl_record_tree, offset);
- break;
- case PCT_MSG_ERROR:
- dissect_pct_msg_error(tvb, ssl_record_tree, offset);
- break;
-
- default: /* unknown */
- break;
- }
- }
return (initial_offset + record_length_length + record_length);
}
@@ -2985,329 +2850,6 @@ dissect_ssl2_hnd_client_hello(tvbuff_t *tvb, packet_info *pinfo,
}
static void
-dissect_pct_msg_client_hello(tvbuff_t *tvb, packet_info *pinfo,
- proto_tree *tree, guint32 offset)
-{
- guint16 CH_CLIENT_VERSION, CH_OFFSET, CH_CIPHER_SPECS_LENGTH, CH_HASH_SPECS_LENGTH, CH_CERT_SPECS_LENGTH, CH_EXCH_SPECS_LENGTH, CH_KEY_ARG_LENGTH, mac_key_length;
- proto_item *CH_CIPHER_SPECS_ti, *CH_HASH_SPECS_ti, *CH_CERT_SPECS_ti, *CH_EXCH_SPECS_ti, *ti;
- proto_tree *CH_CIPHER_SPECS_tree, *CH_HASH_SPECS_tree, *CH_CERT_SPECS_tree, *CH_EXCH_SPECS_tree;
- gint i;
-
- CH_CLIENT_VERSION = tvb_get_ntohs(tvb, offset);
- ti = proto_tree_add_item(tree, hf_ssl_pct_client_version, tvb, offset, 2, ENC_BIG_ENDIAN);
- if (CH_CLIENT_VERSION != PCT_VERSION_1)
- expert_add_info_format(pinfo, ti, &ei_ssl_pct_client_version, "Client Version, should be %x in PCT version 1", PCT_VERSION_1);
- offset += 2;
-
- proto_tree_add_item(tree, hf_ssl_pct_pad, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- proto_tree_add_item(tree, hf_ssl_pct_client_session_id_data, tvb, offset, 32, ENC_NA);
- offset += 32;
-
- proto_tree_add_item(tree, hf_ssl_pct_challenge_data, tvb, offset, 32, ENC_NA);
- offset += 32;
-
- CH_OFFSET = tvb_get_ntohs(tvb, offset);
- ti = proto_tree_add_item(tree, hf_ssl_pct_ch_offset, tvb, offset, 2, ENC_BIG_ENDIAN);
- if (CH_OFFSET != PCT_CH_OFFSET_V1)
- expert_add_info_format(pinfo, ti, &ei_ssl_pct_ch_offset, "should be %d in PCT version 1", PCT_CH_OFFSET_V1);
- offset += 2;
-
- CH_CIPHER_SPECS_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_cipher_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CH_HASH_SPECS_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_hash_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CH_CERT_SPECS_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_cert_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CH_EXCH_SPECS_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_exch_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CH_KEY_ARG_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_iv_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- if (CH_CIPHER_SPECS_LENGTH) {
- CH_CIPHER_SPECS_ti = proto_tree_add_item(tree, hf_pct_handshake_cipher_spec, tvb, offset, CH_CIPHER_SPECS_LENGTH, ENC_NA);
- CH_CIPHER_SPECS_tree = proto_item_add_subtree(CH_CIPHER_SPECS_ti, ett_pct_cipher_suites);
-
- for(i=0; i<(CH_CIPHER_SPECS_LENGTH/4); i++) {
- proto_tree_add_item(CH_CIPHER_SPECS_tree, hf_pct_handshake_cipher, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- proto_tree_add_item(CH_CIPHER_SPECS_tree, hf_ssl_pct_encryption_key_length, tvb, offset, 1, ENC_NA);
- offset += 1;
- mac_key_length = tvb_get_guint8(tvb, offset) + 64;
- proto_tree_add_uint(CH_CIPHER_SPECS_tree, hf_ssl_pct_mac_key_length_in_bits, tvb, offset, 1, mac_key_length);
- offset += 1;
- }
- }
-
- if (CH_HASH_SPECS_LENGTH) {
- CH_HASH_SPECS_ti = proto_tree_add_item(tree, hf_pct_handshake_hash_spec, tvb, offset, CH_HASH_SPECS_LENGTH, ENC_NA);
- CH_HASH_SPECS_tree = proto_item_add_subtree(CH_HASH_SPECS_ti, ett_pct_hash_suites);
-
- for(i=0; i<(CH_HASH_SPECS_LENGTH/2); i++) {
- proto_tree_add_item(CH_HASH_SPECS_tree, hf_pct_handshake_hash, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- }
- }
-
- if (CH_CERT_SPECS_LENGTH) {
- CH_CERT_SPECS_ti = proto_tree_add_item(tree, hf_pct_handshake_cert_spec, tvb, offset, CH_CERT_SPECS_LENGTH, ENC_NA);
- CH_CERT_SPECS_tree = proto_item_add_subtree(CH_CERT_SPECS_ti, ett_pct_cert_suites);
-
- for(i=0; i< (CH_CERT_SPECS_LENGTH/2); i++) {
- proto_tree_add_item(CH_CERT_SPECS_tree, hf_pct_handshake_cert, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- }
- }
-
- if (CH_EXCH_SPECS_LENGTH) {
- CH_EXCH_SPECS_ti = proto_tree_add_item(tree, hf_pct_handshake_exch_spec, tvb, offset, CH_EXCH_SPECS_LENGTH, ENC_NA);
- CH_EXCH_SPECS_tree = proto_item_add_subtree(CH_EXCH_SPECS_ti, ett_pct_exch_suites);
-
- for(i=0; i<(CH_EXCH_SPECS_LENGTH/2); i++) {
- proto_tree_add_item(CH_EXCH_SPECS_tree, hf_pct_handshake_exch, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- }
- }
-
- if (CH_KEY_ARG_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_iv_data, tvb, offset, CH_KEY_ARG_LENGTH, ENC_NA);
- }
-}
-
-static void
-dissect_pct_msg_server_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset, packet_info *pinfo)
-{
-/* structure:
- char SH_MSG_SERVER_HELLO
- char SH_PAD
- char SH_SERVER_VERSION_MSB
- char SH_SERVER_VERSION_LSB
- char SH_RESTART_SESSION_OK
- char SH_CLIENT_AUTH_REQ
- char SH_CIPHER_SPECS_DATA[4]
- char SH_HASH_SPECS_DATA[2]
- char SH_CERT_SPECS_DATA[2]
- char SH_EXCH_SPECS_DATA[2]
- char SH_CONNECTION_ID_DATA[32]
- char SH_CERTIFICATE_LENGTH_MSB
- char SH_CERTIFICATE_LENGTH_LSB
- char SH_CLIENT_CERT_SPECS_LENGTH_MSB
- char SH_CLIENT_CERT_SPECS_LENGTH_LSB
- char SH_CLIENT_SIG_SPECS_LENGTH_MSB
- char SH_CLIENT_SIG_SPECS_LENGTH_LSB
- char SH_RESPONSE_LENGTH_MSB
- char SH_RESPONSE_LENGTH_LSB
- char SH_CERTIFICATE_DATA[MSB<<8|LSB]
- char SH_CLIENT_CERT_SPECS_DATA[MSB<<8|LSB]
- char SH_CLIENT_SIG_SPECS_DATA[MSB<<8|LSB]
- char SH_RESPONSE_DATA[MSB<<8|LSB]
-
-*/
-
- guint16 SH_SERVER_VERSION, SH_CERT_LENGTH, SH_CERT_SPECS_LENGTH, SH_CLIENT_SIG_LENGTH, SH_RESPONSE_LENGTH, mac_key_length;
- proto_item* ti;
- asn1_ctx_t asn1_ctx;
- asn1_ctx_init(&asn1_ctx, ASN1_ENC_BER, TRUE, pinfo);
-
- proto_tree_add_item(tree, hf_ssl_pct_pad, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- SH_SERVER_VERSION = tvb_get_ntohs(tvb, offset);
- ti = proto_tree_add_item(tree, hf_ssl_pct_server_version, tvb, offset, 2, ENC_BIG_ENDIAN);
- if (SH_SERVER_VERSION != PCT_VERSION_1)
- expert_add_info_format(pinfo, ti, &ei_ssl_pct_server_version, "Server Version, should be %x in PCT version 1", PCT_VERSION_1);
- offset += 2;
-
- proto_tree_add_item(tree, hf_ssl_pct_sh_restart_session_ok_flag, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- proto_tree_add_item(tree, hf_ssl_pct_sh_client_auth_req_flag, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- proto_tree_add_item(tree, hf_pct_handshake_cipher, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- proto_tree_add_item(tree, hf_ssl_pct_encryption_key_length, tvb, offset, 1, ENC_NA);
- offset += 1;
- mac_key_length = tvb_get_guint8(tvb, offset) + 64;
- proto_tree_add_uint(tree, hf_ssl_pct_mac_key_length_in_bits, tvb, offset, 1, mac_key_length);
- offset += 1;
-
- proto_tree_add_item(tree, hf_pct_handshake_hash, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- proto_tree_add_item(tree, hf_pct_handshake_cert, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- proto_tree_add_item(tree, hf_pct_handshake_exch, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- proto_tree_add_item(tree, hf_ssl_pct_connection_id_data, tvb, offset, 32, ENC_NA);
- offset += 32;
-
- SH_CERT_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_server_certificate_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- SH_CERT_SPECS_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_client_cert_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- SH_CLIENT_SIG_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_client_sig_specs_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- SH_RESPONSE_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_response_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- if (SH_CERT_LENGTH) {
- dissect_x509af_Certificate(FALSE, tvb, offset, &asn1_ctx, tree, hf_pct_handshake_server_cert);
- offset += SH_CERT_LENGTH;
- }
-
- if (SH_CERT_SPECS_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_client_cert_specs, tvb, offset, SH_CERT_SPECS_LENGTH, ENC_NA);
- offset += SH_CERT_SPECS_LENGTH;
- }
-
- if (SH_CLIENT_SIG_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_client_signature, tvb, offset, SH_CLIENT_SIG_LENGTH, ENC_NA);
- offset += SH_CLIENT_SIG_LENGTH;
- }
-
- if (SH_RESPONSE_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_server_response, tvb, offset, SH_RESPONSE_LENGTH, ENC_NA);
- }
-
-}
-
-static void
-dissect_pct_msg_client_master_key(tvbuff_t *tvb, proto_tree *tree, guint32 offset)
-{
- guint16 CMK_CLEAR_KEY_LENGTH, CMK_ENCRYPTED_KEY_LENGTH, CMK_KEY_ARG_LENGTH, CMK_VERIFY_PRELUDE, CMK_CLIENT_CERT_LENGTH, CMK_RESPONSE_LENGTH;
-
- proto_tree_add_item(tree, hf_ssl_pct_pad, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- proto_tree_add_item(tree, hf_pct_handshake_cert, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- proto_tree_add_item(tree, hf_pct_handshake_sig, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_CLEAR_KEY_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_clear_key_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_ENCRYPTED_KEY_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_encrypted_key_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_KEY_ARG_LENGTH= tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_iv_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_VERIFY_PRELUDE = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_verify_prelude_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_CLIENT_CERT_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_client_cert_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- CMK_RESPONSE_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_response_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- if (CMK_CLEAR_KEY_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_clear_key_data, tvb, offset, CMK_CLEAR_KEY_LENGTH, ENC_NA);
- offset += CMK_CLEAR_KEY_LENGTH;
- }
- if (CMK_ENCRYPTED_KEY_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_encrypted_key_data, tvb, offset, CMK_ENCRYPTED_KEY_LENGTH, ENC_NA);
- offset += CMK_ENCRYPTED_KEY_LENGTH;
- }
- if (CMK_KEY_ARG_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_iv_data, tvb, offset, CMK_KEY_ARG_LENGTH, ENC_NA);
- offset += CMK_KEY_ARG_LENGTH;
- }
- if (CMK_VERIFY_PRELUDE) {
- proto_tree_add_item(tree, hf_ssl_pct_verify_prelude_data, tvb, offset, CMK_VERIFY_PRELUDE, ENC_NA);
- offset += CMK_VERIFY_PRELUDE;
- }
- if (CMK_CLIENT_CERT_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_client_certificate_data, tvb, offset, CMK_CLIENT_CERT_LENGTH, ENC_NA);
- offset += CMK_CLIENT_CERT_LENGTH;
- }
- if (CMK_RESPONSE_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_response_data, tvb, offset, CMK_RESPONSE_LENGTH, ENC_NA);
- }
-}
-
-static void
-dissect_pct_msg_server_verify(tvbuff_t *tvb,
- proto_tree *tree, guint32 offset)
-{
- guint16 SV_RESPONSE_LENGTH;
-
- proto_tree_add_item(tree, hf_ssl_pct_pad, tvb, offset, 1, ENC_NA);
- offset += 1;
-
- proto_tree_add_item(tree, hf_ssl_pct_server_session_id_data, tvb, offset, 32, ENC_NA);
- offset += 32;
-
- SV_RESPONSE_LENGTH = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_server_response_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- if (SV_RESPONSE_LENGTH) {
- proto_tree_add_item(tree, hf_ssl_pct_server_response, tvb, offset, SV_RESPONSE_LENGTH, ENC_NA);
- }
-}
-
-static void
-dissect_pct_msg_error(tvbuff_t *tvb,
- proto_tree *tree, guint32 offset)
-{
- guint16 ERROR_CODE, INFO_LEN;
-
- ERROR_CODE = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_pct_msg_error_type, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
-
- INFO_LEN = tvb_get_ntohs(tvb, offset);
- proto_tree_add_item(tree, hf_ssl_pct_error_information_length, tvb, offset, 2, ENC_BIG_ENDIAN);
- offset += 2;
- if (ERROR_CODE == PCT_ERR_SPECS_MISMATCH && INFO_LEN == 6)
- {
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_cipher, tvb, offset, 1, ENC_NA);
- offset += 1;
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_hash, tvb, offset, 1, ENC_NA);
- offset += 1;
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_cert, tvb, offset, 1, ENC_NA);
- offset += 1;
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_exch, tvb, offset, 1, ENC_NA);
- offset += 1;
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_client_cert, tvb, offset, 1, ENC_NA);
- offset += 1;
- proto_tree_add_item(tree, hf_ssl_pct_specs_mismatch_client_sig, tvb, offset, 1, ENC_NA);
- }
- else if (INFO_LEN) {
- proto_tree_add_item(tree, hf_ssl_pct_error_information_data, tvb, offset, INFO_LEN, ENC_NA);
- }
-}
-
-static void
dissect_ssl2_hnd_client_master_key(tvbuff_t *tvb,
proto_tree *tree, guint32 offset)
{
@@ -3678,8 +3220,6 @@ ssl_looks_like_sslv2(tvbuff_t *tvb, const guint32 offset)
case SSL2_HND_CLIENT_HELLO:
case SSL2_HND_CLIENT_MASTER_KEY:
case SSL2_HND_SERVER_HELLO:
- case PCT_MSG_CLIENT_MASTER_KEY:
- case PCT_MSG_ERROR:
return 1;
}
return 0;
@@ -3779,76 +3319,6 @@ ssl_looks_like_valid_v2_handshake(tvbuff_t *tvb, const guint32 offset,
return ret;
}
-/* applies a heuristic to determine whether
- * or not the data beginning at offset looks
- * like a valid, unencrypted pct handshake message.
- * since it isn't possible to completely tell random
- * data apart from a valid message without state,
- * we try to help the odds.
- */
-static gint
-ssl_looks_like_valid_pct_handshake(tvbuff_t *tvb, const guint32 offset,
- const guint32 record_length)
-{
- /* first byte should be a msg_type.
- *
- * - we know we only see client_hello, client_master_key,
- * and server_hello in the clear, so check to see if
- * msg_type is one of those (this gives us a 3 in 2^8
- * chance of saying yes with random payload)
- *
- * - for those three types that we know about, do some
- * further validation to reduce the chance of an error
- */
- guint8 msg_type;
- guint16 version;
- guint32 sum;
- gint ret = 0;
-
- /* fetch the msg_type */
- msg_type = tvb_get_guint8(tvb, offset);
-
- switch (msg_type) {
- case PCT_MSG_CLIENT_HELLO:
- /* version follows msg byte, so verify that this is valid */
- version = tvb_get_ntohs(tvb, offset+1);
- ret = (version == PCT_VERSION_1);
- break;
-
- case PCT_MSG_SERVER_HELLO:
- /* version is one byte after msg_type */
- version = tvb_get_ntohs(tvb, offset+2);
- ret = (version == PCT_VERSION_1);
- break;
-
- case PCT_MSG_CLIENT_MASTER_KEY:
- /* sum of various length fields must be less than record length */
- sum = tvb_get_ntohs(tvb, offset + 6); /* clear_key_length */
- sum += tvb_get_ntohs(tvb, offset + 8); /* encrypted_key_length */
- sum += tvb_get_ntohs(tvb, offset + 10); /* key_arg_length */
- sum += tvb_get_ntohs(tvb, offset + 12); /* verify_prelude_length */
- sum += tvb_get_ntohs(tvb, offset + 14); /* client_cert_length */
- sum += tvb_get_ntohs(tvb, offset + 16); /* response_length */
- if (sum <= record_length) {
- ret = 1;
- }
- break;
-
- case PCT_MSG_SERVER_VERIFY:
- /* record is 36 bytes longer than response_length */
- sum = tvb_get_ntohs(tvb, offset + 34); /* response_length */
- if ((sum + 36) == record_length) {
- ret = 1;
- }
- break;
-
- default:
- break;
- }
-
- return ret;
-}
-
gboolean
tls_get_cipher_info(packet_info *pinfo, int *cipher_algo, int *cipher_mode, int *hash_algo)
{
@@ -4169,11 +3639,6 @@ proto_register_tls(void)
FT_UINT8, BASE_DEC, VALS(ssl_20_msg_types), 0x0,
"SSLv2 handshake message type", HFILL}
},
- { &hf_pct_msg_type,
- { "Handshake Message Type", "ssl.pct_handshake.type",
- FT_UINT8, BASE_DEC, VALS(pct_msg_types), 0x0,
- "PCT handshake message type", HFILL}
- },
{ &hf_tls_record_version,
{ "Version", "tls.record.version",
FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0,
@@ -4191,9 +3656,9 @@ proto_register_tls(void)
},
{ &hf_ssl2_record,
- { "SSLv2/PCT Record Header", "tls.record",
+ { "SSLv2 Record Header", "tls.record",
FT_NONE, BASE_NONE, NULL, 0x0,
- "SSLv2/PCT record data", HFILL }
+ "SSLv2 record data", HFILL }
},
{ &hf_ssl2_record_is_escape,
{ "Is Escape", "tls.record.is_escape",
@@ -4362,107 +3827,6 @@ proto_register_tls(void)
FT_NONE, BASE_NONE, NULL, 0x0,
"Server's challenge to client", HFILL }
},
- { &hf_pct_handshake_cipher_spec,
- { "Cipher Spec", "ssl.pct.handshake.cipherspec",
- FT_NONE, BASE_NONE, NULL, 0x0,
- "PCT Cipher specification", HFILL }
- },
- { &hf_pct_handshake_cipher,
- { "Cipher", "ssl.pct.handshake.cipher",
- FT_UINT16, BASE_HEX, VALS(pct_cipher_type), 0x0,
- "PCT Ciper", HFILL }
- },
- { &hf_pct_handshake_hash_spec,
- { "Hash Spec", "ssl.pct.handshake.hashspec",
- FT_NONE, BASE_NONE, NULL, 0x0,
- "PCT Hash specification", HFILL }
- },
- { &hf_pct_handshake_hash,
- { "Hash", "ssl.pct.handshake.hash",
- FT_UINT16, BASE_HEX, VALS(pct_hash_type), 0x0,
- "PCT Hash", HFILL }
- },
- { &hf_pct_handshake_cert_spec,
- { "Cert Spec", "ssl.pct.handshake.certspec",
- FT_NONE, BASE_NONE, NULL, 0x0,
- "PCT Certificate specification", HFILL }
- },
- { &hf_pct_handshake_cert,
- { "Cert", "ssl.pct.handshake.cert",
- FT_UINT16, BASE_HEX, VALS(pct_cert_type), 0x0,
- "PCT Certificate", HFILL }
- },
- { &hf_pct_handshake_exch_spec,
- { "Exchange Spec", "ssl.pct.handshake.exchspec",
- FT_NONE, BASE_NONE, NULL, 0x0,
- "PCT Exchange specification", HFILL }
- },
- { &hf_pct_handshake_exch,
- { "Exchange", "ssl.pct.handshake.exch",
- FT_UINT16, BASE_HEX, VALS(pct_exch_type), 0x0,
- "PCT Exchange", HFILL }
- },
- { &hf_pct_handshake_sig,
- { "Sig Spec", "ssl.pct.handshake.sig",
- FT_UINT16, BASE_HEX, VALS(pct_sig_type), 0x0,
- "PCT Signature", HFILL }
- },
- { &hf_pct_msg_error_type,
- { "PCT Error Code", "ssl.pct.msg_error_code",
- FT_UINT16, BASE_HEX, VALS(pct_error_code), 0x0,
- NULL, HFILL }
- },
- { &hf_pct_handshake_server_cert,
- { "Server Cert", "ssl.pct.handshake.server_cert",
- FT_BYTES, BASE_NONE, NULL , 0x0,
- "PCT Server Certificate", HFILL }
- },
-
- /* Generated from convert_proto_tree_add_text.pl */
- { &hf_ssl_pct_client_version, { "Client Version", "ssl.pct.client_version", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_pad, { "PAD", "ssl.pct.pad", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_session_id_data, { "Client Session ID Data", "ssl.pct.client_session_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_challenge_data, { "Challenge Data", "ssl.pct.challenge_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_ch_offset, { "CH_OFFSET", "ssl.pct.ch_offset", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_cipher_specs_length, { "CIPHER_SPECS Length", "ssl.pct.cipher_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_hash_specs_length, { "HASH_SPECS Length", "ssl.pct.hash_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_cert_specs_length, { "CERT_SPECS Length", "ssl.pct.cert_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_exch_specs_length, { "EXCH_SPECS Length", "ssl.pct.exch_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_iv_length, { "IV Length", "ssl.pct.iv_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_encryption_key_length, { "Encryption key length", "ssl.pct.encryption_key_length", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_mac_key_length_in_bits, { "MAC key length in bits", "ssl.pct.mac_key_length_in_bits", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_iv_data, { "IV data", "ssl.pct.iv_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_server_version, { "Server Version", "ssl.pct.server_version", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_sh_restart_session_ok_flag, { "SH_RESTART_SESSION_OK flag", "ssl.pct.sh_restart_session_ok_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_sh_client_auth_req_flag, { "SH_CLIENT_AUTH_REQ flag", "ssl.pct.sh_client_auth_req_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_connection_id_data, { "Connection ID Data", "tls.connection_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_server_certificate_length, { "Server Certificate Length", "ssl.pct.server_certificate_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_cert_specs_length, { "Client CERT_SPECS Length", "ssl.pct.client_cert_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_sig_specs_length, { "Client SIG_SPECS Length", "ssl.pct.client_sig_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_response_length, { "Response Length", "ssl.pct.response_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_cert_specs, { "Client CERT_SPECS", "ssl.pct.client_cert_specs", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_signature, { "Client Signature", "ssl.pct.client_signature", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_server_response, { "Server Response", "ssl.pct.server_response", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_clear_key_length, { "Clear Key Length", "ssl.pct.clear_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_encrypted_key_length, { "Encrypted Key Length", "ssl.pct.encrypted_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_verify_prelude_length, { "Verify Prelude Length", "ssl.pct.verify_prelude_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_cert_length, { "Client Cert Length", "ssl.pct.client_cert_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_clear_key_data, { "Clear Key data", "ssl.pct.clear_key_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_encrypted_key_data, { "Encrypted Key data", "ssl.pct.encrypted_key_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_verify_prelude_data, { "Verify Prelude data", "ssl.pct.verify_prelude_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_client_certificate_data, { "Client Certificate data", "ssl.pct.client_certificate_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_response_data, { "Response data", "ssl.pct.response_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_server_session_id_data, { "Server Session ID data", "ssl.pct.server_session_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_server_response_length, { "Server Response Length", "ssl.pct.server_response_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_error_information_length, { "Error Information Length", "ssl.pct.error_information_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_cipher, { "SPECS_MISMATCH_CIPHER", "ssl.pct.specs_mismatch_cipher", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_hash, { "SPECS_MISMATCH_HASH", "ssl.pct.specs_mismatch_hash", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_cert, { "SPECS_MISMATCH_CERT", "ssl.pct.specs_mismatch_cert", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_exch, { "SPECS_MISMATCH_EXCH", "ssl.pct.specs_mismatch_exch", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_client_cert, { "SPECS_MISMATCH_CLIENT_CERT", "ssl.pct.specs_mismatch_client_cert", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_specs_mismatch_client_sig, { "SPECS_MISMATCH_CLIENT_SIG", "ssl.pct.specs_mismatch_client_sig", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }},
- { &hf_ssl_pct_error_information_data, { "Error Information data", "ssl.pct.error_information_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }},
-
{ &hf_tls_segment_overlap,
{ "Segment overlap", "tls.segment.overlap",
@@ -4535,10 +3899,6 @@ proto_register_tls(void)
&ett_tls_handshake,
&ett_tls_heartbeat,
&ett_tls_certs,
- &ett_pct_cipher_suites,
- &ett_pct_hash_suites,
- &ett_pct_cert_suites,
- &ett_pct_exch_suites,
&ett_tls_segments,
&ett_tls_segment,
SSL_COMMON_ETT_LIST(dissect_ssl3_hf)
@@ -4551,9 +3911,6 @@ proto_register_tls(void)
/* Generated from convert_proto_tree_add_text.pl */
{ &ei_tls_ignored_unknown_record, { "tls.ignored_unknown_record", PI_PROTOCOL, PI_WARN, "Ignored Unknown Record", EXPFILL }},
- { &ei_ssl_pct_client_version, { "ssl.pct.client_version.invalid", PI_PROTOCOL, PI_WARN, "Client Version invalid", EXPFILL }},
- { &ei_ssl_pct_ch_offset, { "ssl.pct.ch_offset.invalid", PI_PROTOCOL, PI_WARN, "CH_OFFSET invalid", EXPFILL }},
- { &ei_ssl_pct_server_version, { "ssl.pct.server_version.invalid", PI_PROTOCOL, PI_WARN, "Server Version invalid", EXPFILL }},
SSL_COMMON_EI_LIST(dissect_ssl3_hf, "tls")
};