diff options
| author | Gerald Combs <gerald@wireshark.org> | 2018-09-13 08:40:27 -0700 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2018-09-13 22:37:52 +0000 |
| commit | cd95e197ca78feb1e83ec737b87ada0a1dd57d10 (patch) | |
| tree | 7d54d8cc9b6170acff8ca618b6d0eb5fa439f4f6 | |
| parent | 63743a3733441a4f54ca6216ad63654bb3012824 (diff) | |
Start renaming SSL to TLS.
Rename the "ssl" protocol to "tls" and add an "ssl" alias. Prefer "TLS"
over "SSL" in user interface text and in the documentation.
Fix the test_tls_master_secret test while we're here.
Bug: 14922
Change-Id: Iab6ba2c7c4c0f8f6dd0f6d5d90fac5e9486612f8
Reviewed-on: https://code.wireshark.org/review/29649
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
51 files changed, 448 insertions, 442 deletions
diff --git a/doc/tshark.pod b/doc/tshark.pod index b5222b8825..263332bf46 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -99,7 +99,7 @@ L<https://www.wireshark.org/docs/man-pages/wireshark.html> is a detailed description of the way B<Wireshark> handles this, which is the same way B<Tshark> handles this. -Compressed file support uses (and therefore requires) the zlib library. +Compressed file support uses (and therefore requires) the zlib library. If the zlib library is not present when compiling B<TShark>, it will be possible to compile it, but the resulting program will be unable to read compressed files. @@ -130,7 +130,7 @@ Read filters in B<TShark>, which allow you to select which packets are to be decoded or written to a file, are very powerful; more fields are filterable in B<TShark> than in other protocol analyzers, and the syntax you can use to create your filters is richer. As B<TShark> progresses, -expect more and more protocol fields to be allowed in read filters. +expect more and more protocol fields to be allowed in read filters. Read filters use the same syntax as display and color filters in B<Wireshark>; a read filter is specified with the B<-R> option. @@ -1214,7 +1214,7 @@ I<prot> specifies the transport protocol. It can be one of: tcp TCP udp UDP - ssl SSL + tls TLS or SSL I<mode> specifies the output mode. It can be one of: @@ -1227,7 +1227,7 @@ Since the output in B<ascii> or B<ebcdic> mode may contain newlines, the length of each section of output plus a newline precedes each section of output. I<filter> specifies the stream to be displayed. UDP/TCP streams are selected -with either the stream index or IP address plus port pairs. SSL streams are +with either the stream index or IP address plus port pairs. TLS streams are selected with the stream index. For example: ip-addr0:port0,ip-addr1:port1 diff --git a/doc/wireshark.pod.template b/doc/wireshark.pod.template index 039fb7138f..a25ea65b92 100644 --- a/doc/wireshark.pod.template +++ b/doc/wireshark.pod.template @@ -1462,7 +1462,7 @@ save it as text to a file. =item Analyze:Follow UDP Stream -=item Analyze:Follow SSL Stream +=item Analyze:Follow TLS Stream (Similar to Analyze:Follow TCP Stream) diff --git a/docbook/release-notes.asciidoc b/docbook/release-notes.asciidoc index 78aaba7b4e..f0c0de88f7 100644 --- a/docbook/release-notes.asciidoc +++ b/docbook/release-notes.asciidoc @@ -49,6 +49,9 @@ since version 2.6.0: * The BOOTP dissector has been renamed to DHCP. With the exception of “bootp.dhcp”, the old “bootp.*” display filter fields are still supported but may be removed in a future release. +* The SSL dissector has been renamed to TLS. As with BOOTP the old + “ssl.*” display filter fields are supported but may be removed in a + future release. === Removed Features and Support diff --git a/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc b/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc index db4c328166..c81db8b491 100644 --- a/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc +++ b/docbook/wsdg_src/WSDG_chapter_libraries.asciidoc @@ -229,7 +229,7 @@ https://www.winpcap.org/install/[] === GnuTLS (optional) -The GNU Transport Layer Security Library is used to dissect SSL and TLS +The GNU Transport Layer Security Library is used to dissect TLS and SSL protocols (aka: HTTPS). [[ChLibsUnixGNUTLS]] diff --git a/docbook/wsug_src/WSUG_chapter_advanced.asciidoc b/docbook/wsug_src/WSUG_chapter_advanced.asciidoc index b823d1324d..ed2a570c41 100644 --- a/docbook/wsug_src/WSUG_chapter_advanced.asciidoc +++ b/docbook/wsug_src/WSUG_chapter_advanced.asciidoc @@ -18,10 +18,10 @@ This chapter will describe some of Wireshark’s advanced features. It can be very helpful to see protocol in the way that the application layer sees it. Perhaps you are looking for passwords in a Telnet stream, or you are trying to make sense of a data stream. Maybe you just need a -display filter to show only the packets in an SSL stream. If so, +display filter to show only the packets in a TLS or SSL stream. If so, Wireshark’s ability to follow protocol streams will be useful to you. -Simply select a TCP, UDP, SSL, or HTTP packet in the packet list of the stream/connection you are +Simply select a TCP, UDP, TLS, or HTTP packet in the packet list of the stream/connection you are interested in and then select the Follow TCP Stream menu item from the Wireshark Tools menu (or use the context menu in the packet list). Wireshark will set an appropriate display filter and pop up a dialog box with all the data from the diff --git a/docbook/wsug_src/WSUG_chapter_statistics.asciidoc b/docbook/wsug_src/WSUG_chapter_statistics.asciidoc index 66d7c0ec0a..3a66fe51aa 100644 --- a/docbook/wsug_src/WSUG_chapter_statistics.asciidoc +++ b/docbook/wsug_src/WSUG_chapter_statistics.asciidoc @@ -129,7 +129,7 @@ be counted for each packet. Example: In the screenshot IP has 99.9% and TCP Protocol layers can consist of packets that won’t contain any higher layer protocol, so the sum of all higher layer packets may not sum up to the protocols packet count. Example: In the screenshot TCP has 98.5% but the sum of the -subprotocols (SSL, HTTP, etc) is much less. This can be caused by continuation +subprotocols (TLS, HTTP, etc) is much less. This can be caused by continuation frames, TCP protocol overhead, and other undissected data. A single packet can contain the same protocol more than once. In this case, the diff --git a/docbook/wsug_src/WSUG_chapter_use.asciidoc b/docbook/wsug_src/WSUG_chapter_use.asciidoc index 9f935f1600..a98c7556b2 100644 --- a/docbook/wsug_src/WSUG_chapter_use.asciidoc +++ b/docbook/wsug_src/WSUG_chapter_use.asciidoc @@ -541,7 +541,7 @@ image::wsug_graphics/ws-analyze-menu.png[{screenshot-attrs}] |menu:User Specified Decodes...[] ||This menu item allows the user to force Wireshark to decode certain packets as a particular protocol, see <<ChAdvDecodeAsShow>> |menu:Follow[TCP Stream] ||This menu item brings up a separate window and displays all the TCP segments captured that are on the same TCP connection as a selected packet, see <<ChAdvFollowStreamSection>> |menu:Follow[UDP Stream] ||Same functionality as “Follow TCP Stream” but for UDP streams. -|menu:Follow[SSL Stream] ||Same functionality as “Follow TCP Stream” but for SSL streams. See the wiki page on link:{wireshark-wiki-url}SSL[SSL] for instructions on providing SSL keys. +|menu:Follow[TLS Stream] ||Same functionality as “Follow TCP Stream” but for TLS or SSL streams. See the wiki page on link:{wireshark-wiki-url}SSL[SSL] for instructions on providing TLS keys. |menu:Follow[HTTP Stream] ||Same functionality as “Follow TCP Stream” but for HTTP streams. |menu:Expert Info[] ||Open a dialog showing some expert information about the captured packets. The amount of information will depend on the protocol and varies from very detailed to non-existent. XXX - add a new section about this and link from here |menu:Conversation Filter[...] ||In this menu you will find conversation filter for various protocols. diff --git a/docbook/wsug_src/WSUG_chapter_work.asciidoc b/docbook/wsug_src/WSUG_chapter_work.asciidoc index 0a61b8ce30..8b8aa2d42e 100644 --- a/docbook/wsug_src/WSUG_chapter_work.asciidoc +++ b/docbook/wsug_src/WSUG_chapter_work.asciidoc @@ -113,7 +113,7 @@ The following table gives an overview of which functions are available in this |menu:SCTP[]|| Allows you to analyze and prepare a filter for this SCTP association. |menu:Follow TCP Stream[]|menu:Analyze[]| Allows you to view all the data on a TCP stream between a pair of nodes. |menu:Follow UDP Stream[]|menu:Analyze[]| Allows you to view all the data on a UDP datagram stream between a pair of nodes. -|menu:Follow SSL Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for SSL. XXX - add a new section describing this better. +|menu:Follow TLS Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for TLS or SSL. XXX - add a new section describing this better. |menu:Copy/ Summary (Text)[]|| Copy the summary fields as displayed to the clipboard, as tab-separated text. |menu:Copy/ Summary (CSV)[]|| Copy the summary fields as displayed to the clipboard, as comma-separated text. |menu:Copy/ As Filter[]|| Prepare a display filter based on the currently selected item and copy that filter to the clipboard. @@ -157,7 +157,7 @@ description of each item. |menu:Colorize with Filter[]|| This menu item uses a display filter with the information from the selected protocol item to build a new colorizing rule. |menu:Follow TCP Stream[]|menu:Analyze[]| Allows you to view all the data on a TCP stream between a pair of nodes. |menu:Follow UDP Stream[]|menu:Analyze[]| Allows you to view all the data on a UDP datagram stream between a pair of nodes. -|menu:Follow SSL Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for SSL. XXX - add a new section describing this better. +|menu:Follow TLS Stream[]|menu:Analyze[]| Same as “Follow TCP Stream” but for TLS. XXX - add a new section describing this better. |menu:Copy/ Description[]|menu:Edit[]| Copy the displayed text of the selected field to the system clipboard. |menu:Copy/ Fieldname[]|menu:Edit[]| Copy the name of the selected field to the system clipboard. |menu:Copy/ Value[]|menu:Edit[]| Copy the value of the selected field to the system clipboard. diff --git a/epan/dissectors/asn1/credssp/packet-credssp-template.c b/epan/dissectors/asn1/credssp/packet-credssp-template.c index 020800583a..aef949af62 100644 --- a/epan/dissectors/asn1/credssp/packet-credssp-template.c +++ b/epan/dissectors/asn1/credssp/packet-credssp-template.c @@ -158,7 +158,7 @@ void proto_register_credssp(void) { /*--- proto_reg_handoff_credssp --- */ void proto_reg_handoff_credssp(void) { - heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE); exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); } diff --git a/epan/dissectors/asn1/ldap/ldap.cnf b/epan/dissectors/asn1/ldap/ldap.cnf index 2e9c94d100..624c311208 100644 --- a/epan/dissectors/asn1/ldap/ldap.cnf +++ b/epan/dissectors/asn1/ldap/ldap.cnf @@ -441,7 +441,7 @@ ldap_conv_info_t *ldap_info; if (ldap_info && ldap_info->start_tls_pending && hf_index == hf_ldap_extendedResponse_resultCode && resultCode == 0) { /* The conversation will continue using SSL */ - ssl_starttls_ack(find_dissector("ssl"), actx->pinfo, ldap_handle); + ssl_starttls_ack(find_dissector("tls"), actx->pinfo, ldap_handle); ldap_info->start_tls_pending = FALSE; } diff --git a/epan/dissectors/asn1/ldap/packet-ldap-template.c b/epan/dissectors/asn1/ldap/packet-ldap-template.c index 9b9b9afdcf..b86be9913e 100644 --- a/epan/dissectors/asn1/ldap/packet-ldap-template.c +++ b/epan/dissectors/asn1/ldap/packet-ldap-template.c @@ -217,7 +217,7 @@ static dissector_handle_t gssapi_handle; static dissector_handle_t gssapi_wrap_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t spnego_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t ldap_handle ; static void prefs_register_ldap(void); /* forward declaration for use in preferences registration */ @@ -2205,8 +2205,8 @@ void proto_register_ldap(void) { " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &ldap_desegment); - prefs_register_uint_preference(ldap_module, "ssl.port", "LDAPS TCP Port", - "Set the port for LDAP operations over SSL", + prefs_register_uint_preference(ldap_module, "tls.port", "LDAPS TCP Port", + "Set the port for LDAP operations over TLS", 10, &global_ldaps_tcp_port); /* UAT */ attributes_uat = uat_new("Custom LDAP AttributeValue types", @@ -2260,7 +2260,7 @@ proto_reg_handoff_ldap(void) ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_ldap); - ssl_handle = find_dissector_add_dependency("ssl", proto_ldap); + tls_handle = find_dissector_add_dependency("tls", proto_ldap); prefs_register_ldap(); diff --git a/epan/dissectors/packet-aim.c b/epan/dissectors/packet-aim.c index 0037eada62..60dd3a396a 100644 --- a/epan/dissectors/packet-aim.c +++ b/epan/dissectors/packet-aim.c @@ -4548,7 +4548,7 @@ proto_reg_handoff_aim(void) ssl_dissector_add(0, aim_handle); /* Heuristics disabled by default, it is really weak... */ - heur_dissector_add("ssl", dissect_aim_ssl_heur, "AIM over SSL", "aim_ssl", proto_aim, HEURISTIC_DISABLE); + heur_dissector_add("tls", dissect_aim_ssl_heur, "AIM over TLS", "aim_tls", proto_aim, HEURISTIC_DISABLE); aim_init_family(proto_aim_admin, ett_aim_admin, FAMILY_ADMIN, aim_fnac_family_admin); diff --git a/epan/dissectors/packet-amqp.c b/epan/dissectors/packet-amqp.c index a627da165c..0fc075c06b 100644 --- a/epan/dissectors/packet-amqp.c +++ b/epan/dissectors/packet-amqp.c @@ -44,7 +44,7 @@ void proto_reg_handoff_amqp(void); /* Generic data */ #define AMQP_PORT 5672 -static guint amqps_port = 5671; /* AMQP over TLS/SSL */ +static guint amqps_port = 5671; /* AMQP over SSL/TLS */ /* * This dissector handles AMQP 0-9, 0-10 and 1.0. The conversation structure @@ -13404,9 +13404,9 @@ proto_register_amqp(void) amqp_module = prefs_register_protocol(proto_amqp, proto_reg_handoff_amqp); - prefs_register_uint_preference(amqp_module, "ssl.port", + prefs_register_uint_preference(amqp_module, "tls.port", "AMQPS listening TCP Port", - "Set the TCP port for AMQP over TLS/SSL" + "Set the TCP port for AMQP over SSL/TLS" "(if other than the default of 5671)", 10, &amqps_port); @@ -13430,7 +13430,7 @@ proto_reg_handoff_amqp(void) initialize = TRUE; } - /* Register for TLS/SSL payload dissection */ + /* Register for SSL/TLS payload dissection */ if (old_amqps_port != amqps_port) { if (old_amqps_port != 0) ssl_dissector_delete(old_amqps_port, amqp_tcp_handle); diff --git a/epan/dissectors/packet-couchbase.c b/epan/dissectors/packet-couchbase.c index 836e2ab873..ca2673d7dc 100644 --- a/epan/dissectors/packet-couchbase.c +++ b/epan/dissectors/packet-couchbase.c @@ -2584,8 +2584,8 @@ proto_register_couchbase(void) " to reassemble TCP streams\" in the TCP protocol settings.", &couchbase_desegment_body); - prefs_register_uint_preference(couchbase_module, "ssl_port", "SSL/TLS Data Port", - "The port used for communicating with the data service via ssl/tls", + prefs_register_uint_preference(couchbase_module, "tls_port", "SSL/TLS Data Port", + "The port used for communicating with the data service via SSL/TLS", 10, &couchbase_ssl_port_pref); diff --git a/epan/dissectors/packet-credssp.c b/epan/dissectors/packet-credssp.c index d4bc3abaad..83a6e6d951 100644 --- a/epan/dissectors/packet-credssp.c +++ b/epan/dissectors/packet-credssp.c @@ -534,7 +534,7 @@ void proto_register_credssp(void) { /*--- proto_reg_handoff_credssp --- */ void proto_reg_handoff_credssp(void) { - heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE); exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); } diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index 1449f65574..c53ab64569 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -17,7 +17,7 @@ * Notes : * This dissector is based on the TLS dissector (packet-ssl.c); Because of the similarity * of DTLS and TLS, decryption works like TLS with RSA key exchange. - * This dissector uses the sames things (file, libraries) as the SSL dissector (gnutls, packet-ssl-utils.h) + * This dissector uses the sames things (file, libraries) as the TLS dissector (gnutls, packet-ssl-utils.h) * to make it easily maintainable. * * It was developed to dissect and decrypt the OpenSSL v 0.9.8f DTLS implementation. diff --git a/epan/dissectors/packet-eap.c b/epan/dissectors/packet-eap.c index b1f10b8150..046276e585 100644 --- a/epan/dissectors/packet-eap.c +++ b/epan/dissectors/packet-eap.c @@ -97,7 +97,7 @@ static expert_field ei_eap_dictionary_attacks = EI_INIT; static dissector_handle_t eap_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; const value_string eap_code_vals[] = { { EAP_REQUEST, "Request" }, @@ -1144,7 +1144,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) show_fragment_seq_tree(fd_head, &eap_tls_frag_items, eap_tree, pinfo, next_tvb, &frag_tree_item); - call_dissector(ssl_handle, next_tvb, pinfo, eap_tree); + call_dissector(tls_handle, next_tvb, pinfo, eap_tree); /* * We're finished reassembing this frame. @@ -1158,7 +1158,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) } else { /* this data is NOT fragmented */ next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size); - call_dissector(ssl_handle, next_tvb, pinfo, eap_tree); + call_dissector(tls_handle, next_tvb, pinfo, eap_tree); } } } @@ -1687,7 +1687,7 @@ proto_reg_handoff_eap(void) /* * Get a handle for the SSL/TLS dissector. */ - ssl_handle = find_dissector_add_dependency("ssl", proto_eap); + tls_handle = find_dissector_add_dependency("tls", proto_eap); dissector_add_uint("ppp.protocol", PPP_EAP, eap_handle); dissector_add_uint("eapol.type", EAPOL_EAP, eap_handle); diff --git a/epan/dissectors/packet-fix.c b/epan/dissectors/packet-fix.c index a413f0c653..7b56b0c5ff 100644 --- a/epan/dissectors/packet-fix.c +++ b/epan/dissectors/packet-fix.c @@ -538,7 +538,7 @@ proto_reg_handoff_fix(void) { /* Let the tcp dissector know that we're interested in traffic */ heur_dissector_add("tcp", dissect_fix_heur, "FIX over TCP", "fix_tcp", proto_fix, HEURISTIC_ENABLE); - heur_dissector_add("ssl", dissect_fix_heur_ssl, "FIX over SSL", "fix_ssl", proto_fix, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_fix_heur_ssl, "FIX over TLS", "fix_tls", proto_fix, HEURISTIC_ENABLE); dissector_add_uint_range_with_preference("tcp.port", "", fix_handle); } diff --git a/epan/dissectors/packet-http.c b/epan/dissectors/packet-http.c index 4b80bf5c92..c61488ba44 100644 --- a/epan/dissectors/packet-http.c +++ b/epan/dissectors/packet-http.c @@ -141,7 +141,7 @@ static expert_field ei_http_bad_header_name = EI_INIT; static dissector_handle_t http_handle; static dissector_handle_t http_tcp_handle; -static dissector_handle_t http_ssl_handle; +static dissector_handle_t http_tls_handle; static dissector_handle_t http_sctp_handle; static dissector_handle_t media_handle; @@ -3634,12 +3634,12 @@ dissect_ssdp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ static void range_delete_http_ssl_callback(guint32 port, gpointer ptr _U_) { - ssl_dissector_delete(port, http_ssl_handle); + ssl_dissector_delete(port, http_tls_handle); } static void range_add_http_ssl_callback(guint32 port, gpointer ptr _U_) { - ssl_dissector_add(port, http_ssl_handle); + ssl_dissector_add(port, http_tls_handle); } static void reinit_http(void) { @@ -3974,7 +3974,7 @@ proto_register_http(void) http_handle = register_dissector("http", dissect_http, proto_http); http_tcp_handle = register_dissector("http-over-tcp", dissect_http_tcp, proto_http); - http_ssl_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */ + http_tls_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */ http_sctp_handle = register_dissector("http-over-sctp", dissect_http_sctp, proto_http); http_module = prefs_register_protocol(proto_http, reinit_http); @@ -4014,7 +4014,7 @@ proto_register_http(void) &global_http_sctp_range, 65535); range_convert_str(wmem_epan_scope(), &global_http_ssl_range, SSL_DEFAULT_RANGE, 65535); - prefs_register_range_preference(http_module, "ssl.port", "SSL/TLS Ports", + prefs_register_range_preference(http_module, "tls.port", "SSL/TLS Ports", "SSL/TLS Ports range", &global_http_ssl_range, 65535); /* UAT */ @@ -4148,7 +4148,7 @@ proto_reg_handoff_http(void) * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol * ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "http/1.1", http_ssl_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "http/1.1", http_tls_handle); ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_http); gssapi_handle = find_dissector_add_dependency("gssapi", proto_http); diff --git a/epan/dissectors/packet-http2.c b/epan/dissectors/packet-http2.c index 77683d5bdd..30ca095d28 100644 --- a/epan/dissectors/packet-http2.c +++ b/epan/dissectors/packet-http2.c @@ -3349,11 +3349,11 @@ proto_reg_handoff_http2(void) /* * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "h2", http2_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "h2", http2_handle); dissector_add_string("http.upgrade", "h2", http2_handle); dissector_add_string("http.upgrade", "h2c", http2_handle); - heur_dissector_add("ssl", dissect_http2_heur_ssl, "HTTP2 over SSL", "http2_ssl", proto_http2, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_http2_heur_ssl, "HTTP2 over TLS", "http2_tls", proto_http2, HEURISTIC_ENABLE); heur_dissector_add("http", dissect_http2_heur, "HTTP2 over TCP", "http2_tcp", proto_http2, HEURISTIC_ENABLE); stats_tree_register("http2", "http2", "HTTP2", 0, http2_stats_tree_packet, http2_stats_tree_init, NULL); diff --git a/epan/dissectors/packet-imap.c b/epan/dissectors/packet-imap.c index 1151472a98..e037d7dc7a 100644 --- a/epan/dissectors/packet-imap.c +++ b/epan/dissectors/packet-imap.c @@ -38,7 +38,7 @@ static gint ett_imap = -1; static gint ett_imap_reqresp = -1; static dissector_handle_t imap_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static gboolean imap_ssl_heuristic = TRUE; @@ -133,9 +133,9 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->ssl_heur_tries_left > 0) { session_state->ssl_heur_tries_left--; if (!check_imap_heur(tvb)) { - ssl_starttls_post_ack(ssl_handle, pinfo, imap_handle); + ssl_starttls_post_ack(tls_handle, pinfo, imap_handle); session_state->ssl_heur_tries_left = 0; - return call_dissector(ssl_handle, tvb, pinfo, tree); + return call_dissector(tls_handle, tvb, pinfo, tree); } } @@ -304,7 +304,7 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->ssl_requested) { if (!is_request && strncmp(tokenbuf, "ok", tokenlen) == 0) { /* STARTTLS accepted, next reply will be TLS. */ - ssl_starttls_ack(ssl_handle, pinfo, imap_handle); + ssl_starttls_ack(tls_handle, pinfo, imap_handle); if (session_state->ssl_heur_tries_left > 0) { session_state->ssl_heur_tries_left = 0; } @@ -417,7 +417,7 @@ proto_reg_handoff_imap(void) { dissector_add_uint_with_preference("tcp.port", TCP_PORT_IMAP, imap_handle); ssl_dissector_add(TCP_PORT_SSL_IMAP, imap_handle); - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); } /* * Editor modelines - http://www.wireshark.org/tools/modelines.html diff --git a/epan/dissectors/packet-jxta.c b/epan/dissectors/packet-jxta.c index f86949f73e..afeeb6fd98 100644 --- a/epan/dissectors/packet-jxta.c +++ b/epan/dissectors/packet-jxta.c @@ -65,7 +65,7 @@ static int jxta_tap = -1; static dissector_table_t media_type_dissector_table = NULL; static dissector_handle_t media_handle = NULL; static dissector_handle_t stream_jxta_handle = NULL; -static dissector_handle_t ssl_handle = NULL; +static dissector_handle_t tls_handle = NULL; static int hf_uri_addr = -1; static int hf_uri_src = -1; @@ -2032,9 +2032,9 @@ static int dissect_media( const gchar* fullmediatype, tvbuff_t * tvb, packet_inf ascii_strdown_inplace(mediatype); if (0 == strcmp("application/x-jxta-tls-block", mediatype)) { - /* If we recognize it as a TLS packet then we shuffle it off to ssl dissector. */ - if (NULL != ssl_handle) { - dissected = call_dissector(ssl_handle, tvb, pinfo, tree); + /* If we recognize it as a TLS packet then we shuffle it off to tls dissector. */ + if (NULL != tls_handle) { + dissected = call_dissector(tls_handle, tvb, pinfo, tree); } } else if (0 == strcmp("application/gzip", mediatype)) { tvbuff_t *uncomp_tvb = tvb_child_uncompress(tvb, tvb, 0, tvb_captured_length(tvb)); @@ -2383,7 +2383,7 @@ void proto_reg_handoff_jxta(void) message_jxta_handle = create_dissector_handle(dissect_jxta_message, proto_message_jxta); media_type_dissector_table = find_dissector_table("media_type"); - ssl_handle = find_dissector_add_dependency("ssl", proto_jxta); + tls_handle = find_dissector_add_dependency("tls", proto_jxta); media_handle = find_dissector_add_dependency("media", proto_jxta); diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c index 921f358435..6734b1fb0f 100644 --- a/epan/dissectors/packet-ldap.c +++ b/epan/dissectors/packet-ldap.c @@ -431,7 +431,7 @@ static dissector_handle_t gssapi_handle; static dissector_handle_t gssapi_wrap_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t spnego_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t ldap_handle ; static void prefs_register_ldap(void); /* forward declaration for use in preferences registration */ @@ -3024,7 +3024,7 @@ dissect_ldap_ExtendedResponse_resultCode(gboolean implicit_tag _U_, tvbuff_t *tv if (ldap_info && ldap_info->start_tls_pending && hf_index == hf_ldap_extendedResponse_resultCode && resultCode == 0) { /* The conversation will continue using SSL */ - ssl_starttls_ack(find_dissector("ssl"), actx->pinfo, ldap_handle); + ssl_starttls_ack(find_dissector("tls"), actx->pinfo, ldap_handle); ldap_info->start_tls_pending = FALSE; } @@ -5752,8 +5752,8 @@ void proto_register_ldap(void) { " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &ldap_desegment); - prefs_register_uint_preference(ldap_module, "ssl.port", "LDAPS TCP Port", - "Set the port for LDAP operations over SSL", + prefs_register_uint_preference(ldap_module, "tls.port", "LDAPS TCP Port", + "Set the port for LDAP operations over TLS", 10, &global_ldaps_tcp_port); /* UAT */ attributes_uat = uat_new("Custom LDAP AttributeValue types", @@ -5807,7 +5807,7 @@ proto_reg_handoff_ldap(void) ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_ldap); - ssl_handle = find_dissector_add_dependency("ssl", proto_ldap); + tls_handle = find_dissector_add_dependency("tls", proto_ldap); prefs_register_ldap(); diff --git a/epan/dissectors/packet-mq.c b/epan/dissectors/packet-mq.c index 4aa45105e4..4eca6f3f57 100644 --- a/epan/dissectors/packet-mq.c +++ b/epan/dissectors/packet-mq.c @@ -4536,7 +4536,7 @@ void proto_reg_handoff_mq(void) heur_dissector_add("tcp", dissect_mq_heur_tcp, "WebSphere MQ over TCP", "mq_tcp", proto_mq, HEURISTIC_ENABLE); heur_dissector_add("netbios", dissect_mq_heur_nontcp, "WebSphere MQ over Netbios", "mq_netbios", proto_mq, HEURISTIC_ENABLE); heur_dissector_add("http", dissect_mq_heur_nontcp, "WebSphere MQ over HTTP", "mq_http", proto_mq, HEURISTIC_ENABLE); - heur_dissector_add("ssl", dissect_mq_heur_ssl, "WebSphere MQ over SSL", "mq_ssl", proto_mq, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_mq_heur_ssl, "WebSphere MQ over TLS", "mq_tls", proto_mq, HEURISTIC_ENABLE); dissector_add_uint("spx.socket", MQ_SOCKET_SPX, mq_spx_handle); mqpcf_handle = find_dissector("mqpcf"); } diff --git a/epan/dissectors/packet-mysql.c b/epan/dissectors/packet-mysql.c index 3f99689686..cee1323ef9 100644 --- a/epan/dissectors/packet-mysql.c +++ b/epan/dissectors/packet-mysql.c @@ -640,7 +640,7 @@ static int hf_mysql_compressed_packet_length_uncompressed = -1; static int hf_mysql_compressed_packet_number = -1; static dissector_handle_t mysql_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static expert_field ei_mysql_eof = EI_INIT; static expert_field ei_mysql_dissector_incomplete = EI_INIT; @@ -1042,7 +1042,7 @@ mysql_dissect_login(tvbuff_t *tvb, packet_info *pinfo, int offset, { col_set_str(pinfo->cinfo, COL_INFO, "Response: SSL Handshake"); conn_data->frame_start_ssl = pinfo->num; - ssl_starttls_ack(ssl_handle, pinfo, mysql_handle); + ssl_starttls_ack(tls_handle, pinfo, mysql_handle); } if (conn_data->clnt_caps & MYSQL_CAPS_CU) /* 4.1 protocol */ { @@ -2334,7 +2334,7 @@ dissect_mysql_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* dat } #endif - is_ssl = proto_is_frame_protocol(pinfo->layers, "ssl"); + is_ssl = proto_is_frame_protocol(pinfo->layers, "tls"); if (is_response) { if (packet_number == 0 && mysql_frame_data_p->state == UNDEFINED) { @@ -3322,7 +3322,7 @@ void proto_register_mysql(void) /* dissector registration */ void proto_reg_handoff_mysql(void) { - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); dissector_add_uint_with_preference("tcp.port", TCP_PORT_MySQL, mysql_handle); } diff --git a/epan/dissectors/packet-opa-fe.c b/epan/dissectors/packet-opa-fe.c index a5a8056132..10c1cb131e 100644 --- a/epan/dissectors/packet-opa-fe.c +++ b/epan/dissectors/packet-opa-fe.c @@ -139,7 +139,7 @@ void proto_register_opa_fe(void) opa_fe_module = prefs_register_protocol(proto_opa_fe, proto_reg_handoff_opa_fe); range_convert_str(wmem_epan_scope(), &global_fe_ssl_range, OPA_FE_SSL_RANGE, 65535); - prefs_register_range_preference(opa_fe_module, "ssl.port", "SSL/TLS Ports", + prefs_register_range_preference(opa_fe_module, "tls.port", "SSL/TLS Ports", "SSL/TLS Ports range", &global_fe_ssl_range, 65535); } diff --git a/epan/dissectors/packet-openvpn.c b/epan/dissectors/packet-openvpn.c index 5d579d4178..daa2cd26de 100644 --- a/epan/dissectors/packet-openvpn.c +++ b/epan/dissectors/packet-openvpn.c @@ -72,7 +72,7 @@ static gint proto_openvpn = -1; static dissector_handle_t openvpn_udp_handle; static dissector_handle_t openvpn_tcp_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* Preferences */ static gboolean pref_long_format = TRUE; @@ -356,7 +356,7 @@ dissect_openvpn_msg_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *openvp if (new_tvb) { /* call SSL/TLS dissector if we just processed the last fragment */ - call_dissector(ssl_handle, new_tvb, pinfo, parent_tree); + call_dissector(tls_handle, new_tvb, pinfo, parent_tree); } return tvb_captured_length(tvb); @@ -624,7 +624,7 @@ proto_register_openvpn(void) void proto_reg_handoff_openvpn(void) { - ssl_handle = find_dissector_add_dependency("ssl", proto_openvpn); + tls_handle = find_dissector_add_dependency("tls", proto_openvpn); dissector_add_uint_with_preference("tcp.port", OPENVPN_PORT, openvpn_tcp_handle); dissector_add_uint_with_preference("udp.port", OPENVPN_PORT, openvpn_udp_handle); } diff --git a/epan/dissectors/packet-pcp.c b/epan/dissectors/packet-pcp.c index 16773db8fa..41fc83afc3 100644 --- a/epan/dissectors/packet-pcp.c +++ b/epan/dissectors/packet-pcp.c @@ -753,7 +753,7 @@ static int dissect_pcp_message_start(tvbuff_t *tvb, packet_info *pinfo, proto_tr /* Most likely we're in a SSL upgrade if this is the end of the start packet */ if(status == PCP_SECURE_ACK_SUCCESSFUL) { expert_add_info(pinfo, tree, &ei_pcp_ssl_upgrade); - ssl_starttls_ack(find_dissector("ssl"), pinfo, pcp_handle); + ssl_starttls_ack(find_dissector("tls"), pinfo, pcp_handle); } else { expert_add_info(pinfo, tree, &ei_pcp_ssl_upgrade_failed); diff --git a/epan/dissectors/packet-pgsql.c b/epan/dissectors/packet-pgsql.c index 849abd6e15..fc5638bcf0 100644 --- a/epan/dissectors/packet-pgsql.c +++ b/epan/dissectors/packet-pgsql.c @@ -21,7 +21,7 @@ void proto_register_pgsql(void); void proto_reg_handoff_pgsql(void); static dissector_handle_t pgsql_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static int proto_pgsql = -1; static int hf_frontend = -1; @@ -657,7 +657,7 @@ dissect_pgsql(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) switch (tvb_get_guint8(tvb, 0)) { case 'S': /* Willing to perform SSL */ /* Next packet will start using SSL. */ - ssl_starttls_ack(ssl_handle, pinfo, pgsql_handle); + ssl_starttls_ack(tls_handle, pinfo, pgsql_handle); break; case 'N': /* Unwilling to perform SSL */ default: /* ErrorMessage when server does not support SSL. */ @@ -891,7 +891,7 @@ proto_reg_handoff_pgsql(void) dissector_add_uint_with_preference("tcp.port", PGSQL_PORT, pgsql_handle); - ssl_handle = find_dissector_add_dependency("ssl", proto_pgsql); + tls_handle = find_dissector_add_dependency("tls", proto_pgsql); } /* diff --git a/epan/dissectors/packet-pop.c b/epan/dissectors/packet-pop.c index 469d28f013..b9845204cd 100644 --- a/epan/dissectors/packet-pop.c +++ b/epan/dissectors/packet-pop.c @@ -66,7 +66,7 @@ static gint ett_pop_data_fragments = -1; static dissector_handle_t pop_handle; static dissector_handle_t imf_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; #define TCP_PORT_POP 110 #define TCP_PORT_SSL_POP 995 @@ -293,7 +293,7 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) if (data_val->stls_request) { if (g_ascii_strncasecmp(line, "+OK ", 4) == 0) { /* This is the last non-TLS frame. */ - ssl_starttls_ack(ssl_handle, pinfo, pop_handle); + ssl_starttls_ack(tls_handle, pinfo, pop_handle); } data_val->stls_request = FALSE; } @@ -467,8 +467,8 @@ proto_reg_handoff_pop(void) /* find the IMF dissector */ imf_handle = find_dissector_add_dependency("imf", proto_pop); - /* find the SSL dissector */ - ssl_handle = find_dissector_add_dependency("ssl", proto_pop); + /* find the TLS dissector */ + tls_handle = find_dissector_add_dependency("tls", proto_pop); } /* diff --git a/epan/dissectors/packet-quic.c b/epan/dissectors/packet-quic.c index c1c3f8b495..b5bc34c951 100644 --- a/epan/dissectors/packet-quic.c +++ b/epan/dissectors/packet-quic.c @@ -121,7 +121,7 @@ static gint ett_quic_ft = -1; static gint ett_quic_ftflags = -1; static dissector_handle_t quic_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* * PROTECTED PAYLOAD DECRYPTION (done in first pass) @@ -1112,7 +1112,7 @@ dissect_quic_frame_type(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tree proto_item_append_text(ti_stream, " (Cryptographic handshake)"); col_set_writable(pinfo->cinfo, -1, FALSE); next_tvb = tvb_new_subset_length(tvb, offset, (int)length); - call_dissector(ssl_handle, next_tvb, pinfo, ft_tree); + call_dissector(tls_handle, next_tvb, pinfo, ft_tree); col_set_writable(pinfo->cinfo, -1, TRUE); } offset += (int)length; @@ -2550,7 +2550,7 @@ proto_register_quic(void) void proto_reg_handoff_quic(void) { - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); dissector_add_uint_with_preference("udp.port", 0, quic_handle); heur_dissector_add("udp", dissect_quic_heur, "QUIC", "quic", proto_quic, HEURISTIC_ENABLE); } diff --git a/epan/dissectors/packet-smtp.c b/epan/dissectors/packet-smtp.c index 08dc796004..7e6201d2ac 100644 --- a/epan/dissectors/packet-smtp.c +++ b/epan/dissectors/packet-smtp.c @@ -104,7 +104,7 @@ static const fragment_items smtp_data_frag_items = { }; static dissector_handle_t smtp_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t imf_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t data_text_lines_handle; @@ -1078,7 +1078,7 @@ dissect_smtp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->smtp_state == SMTP_STATE_AWAITING_STARTTLS_RESPONSE) { if (code == 220) { /* This is the last non-TLS frame. */ - ssl_starttls_ack(ssl_handle, pinfo, smtp_handle); + ssl_starttls_ack(tls_handle, pinfo, smtp_handle); } session_state->smtp_state = SMTP_STATE_READING_CMDS; } @@ -1343,8 +1343,8 @@ proto_reg_handoff_smtp(void) /* find the IMF dissector */ imf_handle = find_dissector_add_dependency("imf", proto_smtp); - /* find the SSL dissector */ - ssl_handle = find_dissector_add_dependency("ssl", proto_smtp); + /* find the TLS dissector */ + tls_handle = find_dissector_add_dependency("tls", proto_smtp); /* find the NTLM dissector */ ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_smtp); diff --git a/epan/dissectors/packet-spdy.c b/epan/dissectors/packet-spdy.c index c773eff3e5..5ac81aa0b9 100644 --- a/epan/dissectors/packet-spdy.c +++ b/epan/dissectors/packet-spdy.c @@ -1938,7 +1938,7 @@ void proto_register_spdy(void) void proto_reg_handoff_spdy(void) { dissector_add_uint_with_preference("tcp.port", TCP_PORT_SPDY, spdy_handle); - /* Use "0" to avoid overwriting HTTPS port and still offer support over SSL */ + /* Use "0" to avoid overwriting HTTPS port and still offer support over TLS */ ssl_dissector_add(0, spdy_handle); dissector_add_string("http.upgrade", "spdy", spdy_handle); diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 21db213572..870c760547 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -4364,13 +4364,13 @@ end: /* get ssl data for this session. if no ssl data is found allocate a new one*/ SslDecryptSession * -ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle) +ssl_get_session(conversation_t *conversation, dissector_handle_t tls_handle) { void *conv_data; SslDecryptSession *ssl_session; int proto_ssl; - proto_ssl = dissector_handle_get_protocol_index(ssl_handle); + proto_ssl = dissector_handle_get_protocol_index(tls_handle); conv_data = conversation_get_proto_data(conversation, proto_ssl); if (conv_data != NULL) return (SslDecryptSession *)conv_data; @@ -4452,20 +4452,20 @@ static void ssl_reset_session(SslSession *session, SslDecryptSession *ssl, gbool } static guint32 -ssl_starttls(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle, guint32 last_nontls_frame) { conversation_t *conversation; SslSession *session; - /* Ignore if the SSL dissector is disabled. */ - if (!ssl_handle) + /* Ignore if the TLS dissector is disabled. */ + if (!tls_handle) return 0; /* The caller should always pass a valid handle to its own dissector. */ DISSECTOR_ASSERT(app_handle); conversation = find_or_create_conversation(pinfo); - session = &ssl_get_session(conversation, ssl_handle)->session; + session = &ssl_get_session(conversation, tls_handle)->session; ssl_debug_printf("%s: old frame %d, app_handle=%p (%s)\n", G_STRFUNC, session->last_nontls_frame, @@ -4482,26 +4482,26 @@ ssl_starttls(dissector_handle_t ssl_handle, packet_info *pinfo, } session->app_handle = app_handle; - /* The SSL dissector should be called first for this conversation. */ - conversation_set_dissector(conversation, ssl_handle); - /* SSL starts after this frame. */ + /* The TLS dissector should be called first for this conversation. */ + conversation_set_dissector(conversation, tls_handle); + /* TLS starts after this frame. */ session->last_nontls_frame = last_nontls_frame; return 0; } /* }}} */ /* ssl_starttls_ack: mark future frames as encrypted. {{{ */ guint32 -ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle) { - return ssl_starttls(ssl_handle, pinfo, app_handle, pinfo->num); + return ssl_starttls(tls_handle, pinfo, app_handle, pinfo->num); } guint32 -ssl_starttls_post_ack(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls_post_ack(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle) { - return ssl_starttls(ssl_handle, pinfo, app_handle, pinfo->num - 1); + return ssl_starttls(tls_handle, pinfo, app_handle, pinfo->num - 1); } dissector_handle_t diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 50c254d3d0..9c58c0f73b 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -1,5 +1,5 @@ /* packet-ssl.c - * Routines for ssl dissection + * Routines for TLS dissection * Copyright (c) 2000-2001, Scott Renfro <scott@renfro.org> * * Wireshark - Network traffic analyzer @@ -100,14 +100,14 @@ #define HAVE_LIBGCRYPT_CHACHA20_POLY1305 #endif -void proto_register_ssl(void); +void proto_register_tls(void); -static ssldecrypt_assoc_t *sslkeylist_uats = NULL; -static guint nssldecrypt = 0; +static ssldecrypt_assoc_t *tlskeylist_uats = NULL; +static guint ntlsdecrypt = 0; -static gboolean ssl_desegment = TRUE; -static gboolean ssl_desegment_app_data = TRUE; -static gboolean ssl_ignore_mac_failed = FALSE; +static gboolean tls_desegment = TRUE; +static gboolean tls_desegment_app_data = TRUE; +static gboolean tls_ignore_mac_failed = FALSE; /********************************************************************* @@ -117,30 +117,30 @@ static gboolean ssl_ignore_mac_failed = FALSE; *********************************************************************/ /* Initialize the protocol and registered fields */ -static gint ssl_tap = -1; +static gint tls_tap = -1; static gint exported_pdu_tap = -1; -static gint proto_ssl = -1; -static gint hf_ssl_record = -1; -static gint hf_ssl_record_content_type = -1; -static gint hf_ssl_record_opaque_type = -1; -static gint hf_ssl_record_version = -1; -static gint hf_ssl_record_length = -1; -static gint hf_ssl_record_appdata = -1; +static gint proto_tls = -1; +static gint hf_tls_record = -1; +static gint hf_tls_record_content_type = -1; +static gint hf_tls_record_opaque_type = -1; +static gint hf_tls_record_version = -1; +static gint hf_tls_record_length = -1; +static gint hf_tls_record_appdata = -1; static gint hf_ssl2_record = -1; static gint hf_ssl2_record_is_escape = -1; static gint hf_ssl2_record_padding_length = -1; static gint hf_ssl2_msg_type = -1; static gint hf_pct_msg_type = -1; -static gint hf_ssl_alert_message = -1; -static gint hf_ssl_alert_message_level = -1; -static gint hf_ssl_alert_message_description = -1; -static gint hf_ssl_handshake_protocol = -1; -static gint hf_ssl_handshake_type = -1; -static gint hf_ssl_handshake_length = -1; -static gint hf_ssl_handshake_npn_selected_protocol_len = -1; -static gint hf_ssl_handshake_npn_selected_protocol = -1; -static gint hf_ssl_handshake_npn_padding_len = -1; -static gint hf_ssl_handshake_npn_padding = -1; +static gint hf_tls_alert_message = -1; +static gint hf_tls_alert_message_level = -1; +static gint hf_tls_alert_message_description = -1; +static gint hf_tls_handshake_protocol = -1; +static gint hf_tls_handshake_type = -1; +static gint hf_tls_handshake_length = -1; +static gint hf_tls_handshake_npn_selected_protocol_len = -1; +static gint hf_tls_handshake_npn_selected_protocol = -1; +static gint hf_tls_handshake_npn_padding_len = -1; +static gint hf_tls_handshake_npn_padding = -1; static gint hf_ssl2_handshake_cipher_spec_len = -1; static gint hf_ssl2_handshake_session_id_len = -1; static gint hf_ssl2_handshake_challenge_len = -1; @@ -213,40 +213,40 @@ static int hf_ssl_pct_specs_mismatch_client_cert = -1; static int hf_ssl_pct_specs_mismatch_client_sig = -1; static int hf_ssl_pct_error_information_data = -1; -static int hf_ssl_reassembled_in = -1; -static int hf_ssl_reassembled_length = -1; -static int hf_ssl_reassembled_data = -1; -static int hf_ssl_segments = -1; -static int hf_ssl_segment = -1; -static int hf_ssl_segment_overlap = -1; -static int hf_ssl_segment_overlap_conflict = -1; -static int hf_ssl_segment_multiple_tails = -1; -static int hf_ssl_segment_too_long_fragment = -1; -static int hf_ssl_segment_error = -1; -static int hf_ssl_segment_count = -1; -static int hf_ssl_segment_data = -1; - -static gint hf_ssl_heartbeat_message = -1; -static gint hf_ssl_heartbeat_message_type = -1; -static gint hf_ssl_heartbeat_message_payload_length = -1; -static gint hf_ssl_heartbeat_message_payload = -1; -static gint hf_ssl_heartbeat_message_padding = -1; +static int hf_tls_reassembled_in = -1; +static int hf_tls_reassembled_length = -1; +static int hf_tls_reassembled_data = -1; +static int hf_tls_segments = -1; +static int hf_tls_segment = -1; +static int hf_tls_segment_overlap = -1; +static int hf_tls_segment_overlap_conflict = -1; +static int hf_tls_segment_multiple_tails = -1; +static int hf_tls_segment_too_long_fragment = -1; +static int hf_tls_segment_error = -1; +static int hf_tls_segment_count = -1; +static int hf_tls_segment_data = -1; + +static gint hf_tls_heartbeat_message = -1; +static gint hf_tls_heartbeat_message_type = -1; +static gint hf_tls_heartbeat_message_payload_length = -1; +static gint hf_tls_heartbeat_message_payload = -1; +static gint hf_tls_heartbeat_message_padding = -1; static ssl_hfs_t ssl_hfs = { -1, -1 }; /* Initialize the subtree pointers */ -static gint ett_ssl = -1; -static gint ett_ssl_record = -1; -static gint ett_ssl_alert = -1; -static gint ett_ssl_handshake = -1; -static gint ett_ssl_heartbeat = -1; -static gint ett_ssl_certs = -1; +static gint ett_tls = -1; +static gint ett_tls_record = -1; +static gint ett_tls_alert = -1; +static gint ett_tls_handshake = -1; +static gint ett_tls_heartbeat = -1; +static gint ett_tls_certs = -1; static gint ett_pct_cipher_suites = -1; static gint ett_pct_hash_suites = -1; static gint ett_pct_cert_suites = -1; static gint ett_pct_exch_suites = -1; -static gint ett_ssl_segments = -1; -static gint ett_ssl_segment = -1; +static gint ett_tls_segments = -1; +static gint ett_tls_segment = -1; static expert_field ei_ssl2_handshake_session_id_len_error = EI_INIT; static expert_field ei_ssl3_heartbeat_payload_length = EI_INIT; @@ -255,26 +255,26 @@ static expert_field ei_tls_unexpected_message = EI_INIT; /* Generated from convert_proto_tree_add_text.pl */ static expert_field ei_ssl_pct_ch_offset = EI_INIT; static expert_field ei_ssl_pct_server_version = EI_INIT; -static expert_field ei_ssl_ignored_unknown_record = EI_INIT; +static expert_field ei_tls_ignored_unknown_record = EI_INIT; static expert_field ei_ssl_pct_client_version = EI_INIT; -/* not all of the hf_fields below make sense for SSL but we have to provide +/* not all of the hf_fields below make sense for TLS but we have to provide them anyways to comply with the api (which was aimed for ip fragment reassembly) */ static const fragment_items ssl_segment_items = { - &ett_ssl_segment, - &ett_ssl_segments, - &hf_ssl_segments, - &hf_ssl_segment, - &hf_ssl_segment_overlap, - &hf_ssl_segment_overlap_conflict, - &hf_ssl_segment_multiple_tails, - &hf_ssl_segment_too_long_fragment, - &hf_ssl_segment_error, - &hf_ssl_segment_count, - &hf_ssl_reassembled_in, - &hf_ssl_reassembled_length, - &hf_ssl_reassembled_data, + &ett_tls_segment, + &ett_tls_segments, + &hf_tls_segments, + &hf_tls_segment, + &hf_tls_segment_overlap, + &hf_tls_segment_overlap_conflict, + &hf_tls_segment_multiple_tails, + &hf_tls_segment_too_long_fragment, + &hf_tls_segment_error, + &hf_tls_segment_count, + &hf_tls_reassembled_in, + &hf_tls_reassembled_length, + &hf_tls_reassembled_data, "Segments" }; @@ -290,7 +290,7 @@ ssl_proto_tree_add_segment_data( { proto_tree_add_bytes_format( tree, - hf_ssl_segment_data, + hf_tls_segment_data, tvb, offset, length, @@ -303,14 +303,14 @@ ssl_proto_tree_add_segment_data( static ssl_master_key_map_t ssl_master_key_map; -/* used by "Export SSL Session Keys" */ +/* used by "Export TLS Session Keys" */ GHashTable *ssl_session_hash; GHashTable *ssl_crandom_hash; static GHashTable *ssl_key_hash = NULL; static wmem_stack_t *key_list_stack = NULL; static dissector_table_t ssl_associations = NULL; -static dissector_handle_t ssl_handle = NULL; +static dissector_handle_t tls_handle = NULL; static StringInfo ssl_compressed_data = {NULL, 0}; static StringInfo ssl_decrypted_data = {NULL, 0}; static gint ssl_decrypted_data_avail = 0; @@ -320,7 +320,7 @@ static uat_t *ssldecrypt_uat = NULL; static const gchar *ssl_keys_list = NULL; static ssl_common_options_t ssl_options = { NULL, NULL}; -/* List of dissectors to call for SSL data */ +/* List of dissectors to call for TLS data */ static heur_dissector_list_t ssl_heur_subdissector_list; static const gchar *ssl_debug_file_name = NULL; @@ -329,22 +329,22 @@ static const gchar *ssl_debug_file_name = NULL; /* Forward declaration we need below */ void proto_reg_handoff_ssl(void); -/* Desegmentation of SSL streams */ -/* table to hold defragmented SSL streams */ +/* Desegmentation of TLS streams */ +/* table to hold defragmented TLS streams */ static reassembly_table ssl_reassembly_table; /* initialize/reset per capture state data (ssl sessions cache) */ static void ssl_init(void) { - module_t *ssl_module = prefs_find_module("ssl"); + module_t *ssl_module = prefs_find_module("tls"); pref_t *keys_list_pref; ssl_common_init(&ssl_master_key_map, &ssl_decrypted_data, &ssl_compressed_data); ssl_debug_flush(); - /* for "Export SSL Session Keys" */ + /* for "Export TLS Session Keys" */ ssl_session_hash = ssl_master_key_map.session; ssl_crandom_hash = ssl_master_key_map.crandom; @@ -394,7 +394,7 @@ ssl_parse_uat(void) port = GPOINTER_TO_UINT(wmem_stack_pop(key_list_stack)); handle = dissector_get_uint_handle(ssl_associations, port); if (handle != NULL) - ssl_association_remove("ssl.port", ssl_handle, handle, port, FALSE); + ssl_association_remove("tls.port", tls_handle, handle, port, FALSE); } } /* parse private keys string, load available keys and put them in key hash*/ @@ -402,12 +402,12 @@ ssl_parse_uat(void) ssl_private_key_equal, g_free, rsa_private_key_free); - if (nssldecrypt > 0) { + if (ntlsdecrypt > 0) { if (key_list_stack == NULL) key_list_stack = wmem_stack_new(NULL); - for (i = 0; i < nssldecrypt; i++) { - ssldecrypt_assoc_t *ssl_uat = &(sslkeylist_uats[i]); - ssl_parse_key_list(ssl_uat, ssl_key_hash, "ssl.port", ssl_handle, TRUE); + for (i = 0; i < ntlsdecrypt; i++) { + ssldecrypt_assoc_t *ssl_uat = &(tlskeylist_uats[i]); + ssl_parse_key_list(ssl_uat, ssl_key_hash, "tls.port", tls_handle, TRUE); if (key_list_stack && ws_strtou16(ssl_uat->port, NULL, &port) && port > 0) wmem_stack_push(key_list_stack, GUINT_TO_POINTER(port)); } @@ -487,9 +487,9 @@ ssl_follow_tap_listener(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _ * Handshake messages and alerts. */ if (appl_data->type != SSL_ID_APP_DATA) continue; - /* TCP segments that contain the end of two or more SSL PDUs will be - queued to SSL taps for each of those PDUs. Therefore a single - packet could be processed by this SSL tap listener multiple times. + /* TCP segments that contain the end of two or more TLS PDUs will be + queued to TLS taps for each of those PDUs. Therefore a single + packet could be processed by this TLS tap listener multiple times. The following test handles that scenario by treating the follow_info->bytes_written[] values as the next expected appl_data->seq. Any appl_data instances that fall below that have @@ -501,7 +501,7 @@ ssl_follow_tap_listener(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _ consolidate multiple appl_data instances into a single record, it is beneficial to use a one-to-one mapping. This affords the Follow Stream dialog view modes (ASCII, EBCDIC, Hex Dump, C Arrays, Raw) - the opportunity to accurately reflect SSL PDU boundaries. Currently + the opportunity to accurately reflect TLS PDU boundaries. Currently the Hex Dump view does by starting a new line, and the C Arrays view does by starting a new array declaration. */ follow_record = g_new(follow_record_t,1); @@ -659,7 +659,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) g_ascii_isprint(tmp[1]) && g_ascii_isprint(tmp[2]) && g_ascii_isprint(tmp[3])) { - /* it is extremely unlikely that real SSL traffic starts with four + /* it is extremely unlikely that real TLS traffic starts with four * printable ascii characters; this looks like it's unencrypted * text, so assume it's not ours (SSL does have some unencrypted * text fields in certain packets, but you'd have to get very @@ -685,7 +685,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * in addition to conv_version */ conversation = find_or_create_conversation(pinfo); - ssl_session = ssl_get_session(conversation, ssl_handle); + ssl_session = ssl_get_session(conversation, tls_handle); session = &ssl_session->session; is_from_server = ssl_packet_from_server(session, ssl_associations, pinfo); @@ -704,14 +704,14 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_printf(" conversation = %p, ssl_session = %p\n", (void *)conversation, (void *)ssl_session); /* Initialize the protocol column; we'll override it later when we - * detect a different version or flavor of SSL (assuming we don't + * detect a different version or flavor of TLS (assuming we don't * throw an exception before we get the chance to do so). */ col_set_str(pinfo->cinfo, COL_PROTOCOL, val_to_str_const(session->version, ssl_version_short_names, "SSL")); /* clear the the info column */ col_clear(pinfo->cinfo, COL_INFO); - /* TCP packets and SSL records are orthogonal. + /* TCP packets and TLS records are orthogonal. * A tcp packet may contain multiple ssl records and an ssl * record may be spread across multiple tcp packets. * @@ -725,11 +725,11 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * reassembly. */ - /* Create display subtree for SSL as a whole */ + /* Create display subtree for TLS as a whole */ if (tree) { - ti = proto_tree_add_item(tree, proto_ssl, tvb, 0, -1, ENC_NA); - ssl_tree = proto_item_add_subtree(ti, ett_ssl); + ti = proto_tree_add_item(tree, proto_tls, tvb, 0, -1, ENC_NA); + ssl_tree = proto_item_add_subtree(ti, ett_tls); } /* iterate through the records in this tvbuff */ while (tvb_reported_length_remaining(tvb, offset) > 0) @@ -759,7 +759,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) case TLSV1DOT2_VERSION: /* SSLv3/TLS record headers need at least 1+2+2 = 5 bytes. */ if (tvb_reported_length_remaining(tvb, offset) < 5) { - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { pinfo->desegment_offset = offset; pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; need_desegmentation = TRUE; @@ -803,7 +803,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * bytes, but the data will hopefully be larger than three bytes). */ if (tvb_reported_length_remaining(tvb, offset) < 5) { - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { pinfo->desegment_offset = offset; pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; need_desegmentation = TRUE; @@ -847,7 +847,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_printf(" need_desegmentation: offset = %d, reported_length_remaining = %d\n", offset, tvb_reported_length_remaining(tvb, offset)); /* Make data available to ssl_follow_tap_listener */ - tap_queue_packet(ssl_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, curr_layer_num_ssl)); + tap_queue_packet(tls_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, curr_layer_num_ssl)); return tvb_captured_length(tvb); } } @@ -857,7 +857,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_flush(); /* Make data available to ssl_follow_tap_listener */ - tap_queue_packet(ssl_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, curr_layer_num_ssl)); + tap_queue_packet(tls_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, curr_layer_num_ssl)); return tvb_captured_length(tvb); } @@ -972,7 +972,7 @@ dissect_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data } conversation = find_or_create_conversation(pinfo); - conversation_set_dissector(conversation, ssl_handle); + conversation_set_dissector(conversation, tls_handle); return dissect_ssl(tvb, pinfo, tree, data); } @@ -1010,7 +1010,7 @@ tls_save_decrypted_record(packet_info *pinfo, gint record_id, SslDecryptSession /* In TLS 1.3 only Handshake and Application Data can be fragmented. * Alert messages MUST NOT be fragmented across records, so do not * bother maintaining a flow for those. */ - ssl_add_record_info(proto_ssl, pinfo, data, datalen, record_id, + ssl_add_record_info(proto_tls, pinfo, data, datalen, record_id, allow_fragments ? decoder->flow : NULL, (ContentType)content_type, curr_layer_num_ssl); } @@ -1059,7 +1059,7 @@ decrypt_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, guint32 offset, SslDecryp /* run decryption and add decrypted payload to protocol data, if decryption * is successful*/ ssl_decrypted_data_avail = ssl_decrypted_data.data_len; - success = ssl_decrypt_record(ssl, decoder, content_type, record_version, ssl_ignore_mac_failed, + success = ssl_decrypt_record(ssl, decoder, content_type, record_version, tls_ignore_mac_failed, tvb_get_ptr(tvb, offset, record_length), record_length, &ssl_compressed_data, &ssl_decrypted_data, &ssl_decrypted_data_avail) == 0; /* */ @@ -1313,7 +1313,7 @@ again: /* * This is *not* the last segment. It is part of a PDU in the same * frame, so no another PDU can follow this one. - * Do not reassemble SSL yet, it will be done in the final segment. + * Do not reassemble TLS yet, it will be done in the final segment. * Clear the Info column and avoid displaying [SSL segment of a * reassembled PDU], the payload dissector will typically set it. * (This is needed here for the second pass.) @@ -1332,8 +1332,8 @@ again: int old_len; /* - * Reset column in case multiple SSL segments form the - * PDU and this last SSL segment is not in the first TCP segment of + * Reset column in case multiple TLS segments form the + * PDU and this last TLS segment is not in the first TCP segment of * this frame. * XXX prevent clearing the column if the last layer is not SSL? */ @@ -1674,7 +1674,7 @@ dissect_ssl_payload(tvbuff_t *decrypted, packet_info *pinfo, ssl_print_data("decrypted app data fragment", record->plain_data, record->data_len); /* Can we desegment this segment? */ - if (ssl_desegment_app_data) { + if (tls_desegment_app_data) { /* Yes. */ pinfo->can_desegment = 2; desegment_ssl(decrypted, pinfo, 0, record->seq, record->seq + record->data_len, @@ -1751,7 +1751,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, session->version==TLSV1DOT1_VERSION || session->version==TLSV1DOT2_VERSION) && (available_bytes >=1 ) && !ssl_is_valid_content_type(tvb_get_guint8(tvb, offset))) { - proto_tree_add_expert(tree, pinfo, &ei_ssl_ignored_unknown_record, tvb, offset, available_bytes); + proto_tree_add_expert(tree, pinfo, &ei_tls_ignored_unknown_record, tvb, offset, available_bytes); col_append_sep_str(pinfo->cinfo, COL_INFO, NULL, "Ignored Unknown Record"); return offset + available_bytes; } @@ -1763,7 +1763,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and that we need @@ -1798,7 +1798,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and how many @@ -1810,7 +1810,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, * pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; * it avoids some minor display glitches when a frame contains * the continuation of a previous PDU together with a full new - * PDU, but it completely breaks dissection for jumbo SSL frames + * PDU, but it completely breaks dissection for jumbo TLS frames */ pinfo->desegment_len = (record_length + 5) - available_bytes; @@ -1832,28 +1832,28 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, } /* add the record layer subtree header */ - ti = proto_tree_add_item(tree, hf_ssl_record, tvb, + ti = proto_tree_add_item(tree, hf_tls_record, tvb, offset, 5 + record_length, ENC_NA); - ssl_record_tree = proto_item_add_subtree(ti, ett_ssl_record); + ssl_record_tree = proto_item_add_subtree(ti, ett_tls_record); /* show the one-byte content type */ if (session->version == TLSV1DOT3_VERSION && content_type == SSL_ID_APP_DATA) { - ct_pi = proto_tree_add_item(ssl_record_tree, hf_ssl_record_opaque_type, + ct_pi = proto_tree_add_item(ssl_record_tree, hf_tls_record_opaque_type, tvb, offset, 1, ENC_BIG_ENDIAN); } else { - ct_pi = proto_tree_add_item(ssl_record_tree, hf_ssl_record_content_type, + ct_pi = proto_tree_add_item(ssl_record_tree, hf_tls_record_content_type, tvb, offset, 1, ENC_BIG_ENDIAN); } content_type_offset = offset; offset++; /* add the version */ - proto_tree_add_item(ssl_record_tree, hf_ssl_record_version, tvb, + proto_tree_add_item(ssl_record_tree, hf_tls_record_version, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* add the length */ - length_pi = proto_tree_add_uint(ssl_record_tree, hf_ssl_record_length, tvb, + length_pi = proto_tree_add_uint(ssl_record_tree, hf_tls_record_length, tvb, offset, 2, record_length); offset += 2; /* move past length field itself */ @@ -1914,12 +1914,12 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, } /* try to retrieve and use decrypted alert/handshake/appdata record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, tvb_raw_offset(tvb)+offset, curr_layer_num_ssl, &record); + decrypted = ssl_get_record_info(tvb, proto_tls, pinfo, tvb_raw_offset(tvb)+offset, curr_layer_num_ssl, &record); if (decrypted) { add_new_data_source(pinfo, decrypted, "Decrypted SSL"); if (session->version == TLSV1DOT3_VERSION) { content_type = record->type; - ti = proto_tree_add_uint(ssl_record_tree, hf_ssl_record_content_type, + ti = proto_tree_add_uint(ssl_record_tree, hf_tls_record_content_type, tvb, content_type_offset, 1, record->type); PROTO_ITEM_SET_GENERATED(ti); } @@ -1997,7 +1997,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, app_handle ? dissector_handle_get_dissector_name(app_handle) : "Application Data"); - proto_tree_add_item(ssl_record_tree, hf_ssl_record_appdata, tvb, + proto_tree_add_item(ssl_record_tree, hf_tls_record_appdata, tvb, offset, record_length, ENC_NA); if (decrypted) { @@ -2061,9 +2061,9 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, ssl_alert_tree = NULL; if (tree) { - ti = proto_tree_add_item(tree, hf_ssl_alert_message, tvb, + ti = proto_tree_add_item(tree, hf_tls_alert_message, tvb, offset, record_length, ENC_NA); - ssl_alert_tree = proto_item_add_subtree(ti, ett_ssl_alert); + ssl_alert_tree = proto_item_add_subtree(ti, ett_tls_alert); } /* @@ -2097,10 +2097,10 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, "(Level: %s, Description: %s)", val_to_str_const(session->version, ssl_version_short_names, "SSL"), level, desc); - proto_tree_add_item(ssl_alert_tree, hf_ssl_alert_message_level, + proto_tree_add_item(ssl_alert_tree, hf_tls_alert_message_level, tvb, offset++, 1, ENC_BIG_ENDIAN); - proto_tree_add_item(ssl_alert_tree, hf_ssl_alert_message_description, + proto_tree_add_item(ssl_alert_tree, hf_tls_alert_message_description, tvb, offset++, 1, ENC_BIG_ENDIAN); } else @@ -2245,9 +2245,9 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, } /* add a subtree for the handshake protocol */ - ti = proto_tree_add_item(tree, hf_ssl_handshake_protocol, tvb, + ti = proto_tree_add_item(tree, hf_tls_handshake_protocol, tvb, offset, length + 4, ENC_NA); - ssl_hand_tree = proto_item_add_subtree(ti, ett_ssl_handshake); + ssl_hand_tree = proto_item_add_subtree(ti, ett_tls_handshake); /* set the text label on the subtree node */ proto_item_set_text(ssl_hand_tree, "Handshake Protocol: %s", @@ -2259,10 +2259,10 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, return; /* add nodes for the message type and message length */ - proto_tree_add_uint(ssl_hand_tree, hf_ssl_handshake_type, + proto_tree_add_uint(ssl_hand_tree, hf_tls_handshake_type, tvb, offset, 1, msg_type); offset += 1; - proto_tree_add_uint(ssl_hand_tree, hf_ssl_handshake_length, + proto_tree_add_uint(ssl_hand_tree, hf_tls_handshake_length, tvb, offset, 3, length); offset += 3; @@ -2454,9 +2454,9 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, tls_heartbeat_tree = NULL; if (tree) { - ti = proto_tree_add_item(tree, hf_ssl_heartbeat_message, tvb, + ti = proto_tree_add_item(tree, hf_tls_heartbeat_message, tvb, offset, record_length, ENC_NA); - tls_heartbeat_tree = proto_item_add_subtree(ti, ett_ssl_heartbeat); + tls_heartbeat_tree = proto_item_add_subtree(ti, ett_tls_heartbeat); } /* @@ -2488,10 +2488,10 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, "%s", val_to_str_const(session->version, ssl_version_short_names, "SSL"), type); - proto_tree_add_item(tls_heartbeat_tree, hf_ssl_heartbeat_message_type, + proto_tree_add_item(tls_heartbeat_tree, hf_tls_heartbeat_message_type, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; - ti = proto_tree_add_uint(tls_heartbeat_tree, hf_ssl_heartbeat_message_payload_length, + ti = proto_tree_add_uint(tls_heartbeat_tree, hf_tls_heartbeat_message_payload_length, tvb, offset, 2, payload_length); offset += 2; if (3u + payload_length + 16 > record_length) { @@ -2503,14 +2503,14 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, padding_length = 0; proto_item_append_text (ti, " (invalid, using %u to decode payload)", payload_length); } - proto_tree_add_bytes_format(tls_heartbeat_tree, hf_ssl_heartbeat_message_payload, + proto_tree_add_bytes_format(tls_heartbeat_tree, hf_tls_heartbeat_message_payload, tvb, offset, payload_length, NULL, "Payload (%u byte%s)", payload_length, plurality(payload_length, "", "s")); offset += payload_length; if (padding_length) - proto_tree_add_bytes_format(tls_heartbeat_tree, hf_ssl_heartbeat_message_padding, + proto_tree_add_bytes_format(tls_heartbeat_tree, hf_tls_heartbeat_message_padding, tvb, offset, padding_length, NULL, "Padding and HMAC (%u byte%s)", padding_length, @@ -2533,18 +2533,18 @@ dissect_ssl3_hnd_encrypted_exts(tvbuff_t *tvb, proto_tree *tree, guint8 padding_len; selected_protocol_len = tvb_get_guint8(tvb, offset); - proto_tree_add_item(tree, hf_ssl_handshake_npn_selected_protocol_len, + proto_tree_add_item(tree, hf_tls_handshake_npn_selected_protocol_len, tvb, offset, 1, ENC_BIG_ENDIAN); offset++; - proto_tree_add_item(tree, hf_ssl_handshake_npn_selected_protocol, + proto_tree_add_item(tree, hf_tls_handshake_npn_selected_protocol, tvb, offset, selected_protocol_len, ENC_ASCII|ENC_NA); offset += selected_protocol_len; padding_len = tvb_get_guint8(tvb, offset); - proto_tree_add_item(tree, hf_ssl_handshake_npn_padding_len, + proto_tree_add_item(tree, hf_tls_handshake_npn_padding_len, tvb, offset, 1, ENC_BIG_ENDIAN); offset++; - proto_tree_add_item(tree, hf_ssl_handshake_npn_padding, + proto_tree_add_item(tree, hf_tls_handshake_npn_padding, tvb, offset, padding_len, ENC_NA); } @@ -2597,7 +2597,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and that we need @@ -2638,7 +2638,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* * Yes - Can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and how many @@ -2659,7 +2659,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* add the record layer subtree header */ ti = proto_tree_add_item(tree, hf_ssl2_record, tvb, initial_offset, record_length_length + record_length, ENC_NA); - ssl_record_tree = proto_item_add_subtree(ti, ett_ssl_record); + ssl_record_tree = proto_item_add_subtree(ti, ett_tls_record); /* pull the msg_type so we can bail if it's unknown */ msg_type = tvb_get_guint8(tvb, initial_offset + record_length_length); @@ -2717,7 +2717,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, * record layer version 0x0002 */ ti = proto_tree_add_uint(ssl_record_tree, - hf_ssl_record_version, tvb, + hf_tls_record_version, tvb, initial_offset, 0, 0x0002); PROTO_ITEM_SET_GENERATED(ti); } @@ -2750,14 +2750,14 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, * record layer version 0x0002 */ ti = proto_tree_add_uint(ssl_record_tree, - hf_ssl_record_version, tvb, + hf_tls_record_version, tvb, initial_offset, 0, 0x0002); PROTO_ITEM_SET_GENERATED(ti); /* add the record length */ tvb_ensure_bytes_exist(tvb, offset, record_length_length); proto_tree_add_uint (ssl_record_tree, - hf_ssl_record_length, tvb, + hf_tls_record_length, tvb, initial_offset, record_length_length, record_length); } @@ -3516,7 +3516,7 @@ void ssl_set_master_secret(guint32 frame_num, address *addr_srv, address *addr_c conversation = conversation_new(frame_num, addr_srv, addr_cli, conversation_pt_to_endpoint_type(ptype), port_srv, port_cli, 0); ssl_debug_printf(" new conversation = %p created\n", (void *)conversation); } - ssl = ssl_get_session(conversation, ssl_handle); + ssl = ssl_get_session(conversation, tls_handle); ssl_debug_printf(" conversation = %p, ssl_session = %p\n", (void *)conversation, (void *)ssl); @@ -3857,7 +3857,7 @@ tls_get_cipher_info(packet_info *pinfo, int *cipher_algo, int *cipher_mode, int return FALSE; } - void *conv_data = conversation_get_proto_data(conv, proto_ssl); + void *conv_data = conversation_get_proto_data(conv, proto_tls); if (conv_data == NULL) { return FALSE; } @@ -3988,7 +3988,7 @@ tls13_exporter(packet_info *pinfo, gboolean is_early, return FALSE; } - void *conv_data = conversation_get_proto_data(conv, proto_ssl); + void *conv_data = conversation_get_proto_data(conv, proto_tls); if (conv_data == NULL) { return FALSE; } @@ -4056,11 +4056,11 @@ ssldecrypt_uat_fld_protocol_chk_cb(void* r _U_, const char* p, guint len _U_, co if (!ssl_find_appdata_dissector(p)) { if (proto_get_id_by_filter_name(p) != -1) { *err = g_strdup_printf("While '%s' is a valid dissector filter name, that dissector is not configured" - " to support SSL decryption.\n\n" - "If you need to decrypt '%s' over SSL, please contact the Wireshark development team.", p, p); + " to support TLS decryption.\n\n" + "If you need to decrypt '%s' over TLS, please contact the Wireshark development team.", p, p); } else { - char* ssl_str = ssl_association_info("ssl.port", "TCP"); - *err = g_strdup_printf("Could not find dissector for: '%s'\nCommonly used SSL dissectors include:\n%s", p, ssl_str); + char* ssl_str = ssl_association_info("tls.port", "TCP"); + *err = g_strdup_printf("Could not find dissector for: '%s'\nCommonly used TLS dissectors include:\n%s", p, ssl_str); g_free(ssl_str); } return FALSE; @@ -4077,7 +4077,7 @@ ssl_src_prompt(packet_info *pinfo, gchar *result) SslPacketInfo* pi; guint32 srcport = pinfo->srcport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) srcport = pi->srcport; @@ -4089,7 +4089,7 @@ ssl_src_value(packet_info *pinfo) { SslPacketInfo* pi; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi == NULL) return GUINT_TO_POINTER(pinfo->srcport); @@ -4102,7 +4102,7 @@ ssl_dst_prompt(packet_info *pinfo, gchar *result) SslPacketInfo* pi; guint32 destport = pinfo->destport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) destport = pi->destport; @@ -4114,7 +4114,7 @@ ssl_dst_value(packet_info *pinfo) { SslPacketInfo* pi; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi == NULL) return GUINT_TO_POINTER(pinfo->destport); @@ -4128,7 +4128,7 @@ ssl_both_prompt(packet_info *pinfo, gchar *result) guint32 srcport = pinfo->srcport, destport = pinfo->destport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) { srcport = pi->srcport; @@ -4144,28 +4144,28 @@ ssl_both_prompt(packet_info *pinfo, gchar *result) * *********************************************************************/ void -proto_register_ssl(void) +proto_register_tls(void) { /* Setup list of header fields See Section 1.6.1 for details*/ static hf_register_info hf[] = { - { &hf_ssl_record, - { "Record Layer", "ssl.record", + { &hf_tls_record, + { "Record Layer", "tls.record", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_record_content_type, - { "Content Type", "ssl.record.content_type", + { &hf_tls_record_content_type, + { "Content Type", "tls.record.content_type", FT_UINT8, BASE_DEC, VALS(ssl_31_content_type), 0x0, NULL, HFILL} }, - { &hf_ssl_record_opaque_type, - { "Opaque Type", "ssl.record.opaque_type", + { &hf_tls_record_opaque_type, + { "Opaque Type", "tls.record.opaque_type", FT_UINT8, BASE_DEC, VALS(ssl_31_content_type), 0x0, "Always set to value 23, actual content type is known after decryption", HFILL} }, { &hf_ssl2_msg_type, - { "Handshake Message Type", "ssl.handshake.type", + { "Handshake Message Type", "tls.handshake.type", FT_UINT8, BASE_DEC, VALS(ssl_20_msg_types), 0x0, "SSLv2 handshake message type", HFILL} }, @@ -4174,191 +4174,191 @@ proto_register_ssl(void) FT_UINT8, BASE_DEC, VALS(pct_msg_types), 0x0, "PCT handshake message type", HFILL} }, - { &hf_ssl_record_version, - { "Version", "ssl.record.version", + { &hf_tls_record_version, + { "Version", "tls.record.version", FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, "Record layer version", HFILL } }, - { &hf_ssl_record_length, - { "Length", "ssl.record.length", + { &hf_tls_record_length, + { "Length", "tls.record.length", FT_UINT16, BASE_DEC, NULL, 0x0, - "Length of SSL record data", HFILL } + "Length of TLS record data", HFILL } }, - { &hf_ssl_record_appdata, - { "Encrypted Application Data", "ssl.app_data", + { &hf_tls_record_appdata, + { "Encrypted Application Data", "tls.app_data", FT_BYTES, BASE_NONE, NULL, 0x0, "Payload is encrypted application data", HFILL } }, { &hf_ssl2_record, - { "SSLv2/PCT Record Header", "ssl.record", + { "SSLv2/PCT Record Header", "tls.record", FT_NONE, BASE_NONE, NULL, 0x0, "SSLv2/PCT record data", HFILL } }, { &hf_ssl2_record_is_escape, - { "Is Escape", "ssl.record.is_escape", + { "Is Escape", "tls.record.is_escape", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Indicates a security escape", HFILL} }, { &hf_ssl2_record_padding_length, - { "Padding Length", "ssl.record.padding_length", + { "Padding Length", "tls.record.padding_length", FT_UINT8, BASE_DEC, NULL, 0x0, "Length of padding at end of record", HFILL } }, - { &hf_ssl_alert_message, - { "Alert Message", "ssl.alert_message", + { &hf_tls_alert_message, + { "Alert Message", "tls.alert_message", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_alert_message_level, - { "Level", "ssl.alert_message.level", + { &hf_tls_alert_message_level, + { "Level", "tls.alert_message.level", FT_UINT8, BASE_DEC, VALS(ssl_31_alert_level), 0x0, "Alert message level", HFILL } }, - { &hf_ssl_alert_message_description, - { "Description", "ssl.alert_message.desc", + { &hf_tls_alert_message_description, + { "Description", "tls.alert_message.desc", FT_UINT8, BASE_DEC, VALS(ssl_31_alert_description), 0x0, "Alert message description", HFILL } }, - { &hf_ssl_handshake_protocol, - { "Handshake Protocol", "ssl.handshake", + { &hf_tls_handshake_protocol, + { "Handshake Protocol", "tls.handshake", FT_NONE, BASE_NONE, NULL, 0x0, "Handshake protocol message", HFILL} }, - { &hf_ssl_handshake_type, - { "Handshake Type", "ssl.handshake.type", + { &hf_tls_handshake_type, + { "Handshake Type", "tls.handshake.type", FT_UINT8, BASE_DEC, VALS(ssl_31_handshake_type), 0x0, "Type of handshake message", HFILL} }, - { &hf_ssl_handshake_length, - { "Length", "ssl.handshake.length", + { &hf_tls_handshake_length, + { "Length", "tls.handshake.length", FT_UINT24, BASE_DEC, NULL, 0x0, "Length of handshake message", HFILL } }, { &hf_ssl2_handshake_cipher_spec, - { "Cipher Spec", "ssl.handshake.cipherspec", + { "Cipher Spec", "tls.handshake.cipherspec", FT_UINT24, BASE_HEX|BASE_EXT_STRING, &ssl_20_cipher_suites_ext, 0x0, "Cipher specification", HFILL } }, - { &hf_ssl_handshake_npn_selected_protocol_len, - { "Selected Protocol Length", "ssl.handshake.npn_selected_protocol_len", + { &hf_tls_handshake_npn_selected_protocol_len, + { "Selected Protocol Length", "tls.handshake.npn_selected_protocol_len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_handshake_npn_selected_protocol, - { "Selected Protocol", "ssl.handshake.npn_selected_protocol", + { &hf_tls_handshake_npn_selected_protocol, + { "Selected Protocol", "tls.handshake.npn_selected_protocol", FT_STRING, BASE_NONE, NULL, 0x0, "Protocol to be used for connection", HFILL } }, - { &hf_ssl_handshake_npn_padding_len, - { "Padding Length", "ssl.handshake.npn_padding_len", + { &hf_tls_handshake_npn_padding_len, + { "Padding Length", "tls.handshake.npn_padding_len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_handshake_npn_padding, - { "Padding", "ssl.handshake.npn_padding", + { &hf_tls_handshake_npn_padding, + { "Padding", "tls.handshake.npn_padding", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &ssl_hfs.hs_md5_hash, - { "MD5 Hash", "ssl.handshake.md5_hash", + { "MD5 Hash", "tls.handshake.md5_hash", FT_NONE, BASE_NONE, NULL, 0x0, "Hash of messages, master_secret, etc.", HFILL } }, { &ssl_hfs.hs_sha_hash, - { "SHA-1 Hash", "ssl.handshake.sha_hash", + { "SHA-1 Hash", "tls.handshake.sha_hash", FT_NONE, BASE_NONE, NULL, 0x0, "Hash of messages, master_secret, etc.", HFILL } }, - { &hf_ssl_heartbeat_message, - { "Heartbeat Message", "ssl.heartbeat_message", + { &hf_tls_heartbeat_message, + { "Heartbeat Message", "tls.heartbeat_message", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_type, - { "Type", "ssl.heartbeat_message.type", + { &hf_tls_heartbeat_message_type, + { "Type", "tls.heartbeat_message.type", FT_UINT8, BASE_DEC, VALS(tls_heartbeat_type), 0x0, "Heartbeat message type", HFILL } }, - { &hf_ssl_heartbeat_message_payload_length, - { "Payload Length", "ssl.heartbeat_message.payload_length", + { &hf_tls_heartbeat_message_payload_length, + { "Payload Length", "tls.heartbeat_message.payload_length", FT_UINT16, BASE_DEC, NULL, 0x00, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_payload, - { "Payload Length", "ssl.heartbeat_message.payload", + { &hf_tls_heartbeat_message_payload, + { "Payload Length", "tls.heartbeat_message.payload", FT_BYTES, BASE_NONE, NULL, 0x00, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_padding, - { "Payload Length", "ssl.heartbeat_message.padding", + { &hf_tls_heartbeat_message_padding, + { "Payload Length", "tls.heartbeat_message.padding", FT_BYTES, BASE_NONE, NULL, 0x00, NULL, HFILL } }, { &hf_ssl2_handshake_challenge, - { "Challenge", "ssl.handshake.challenge", + { "Challenge", "tls.handshake.challenge", FT_NONE, BASE_NONE, NULL, 0x0, "Challenge data used to authenticate server", HFILL } }, { &hf_ssl2_handshake_cipher_spec_len, - { "Cipher Spec Length", "ssl.handshake.cipher_spec_len", + { "Cipher Spec Length", "tls.handshake.cipher_spec_len", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of cipher specs field", HFILL } }, { &hf_ssl2_handshake_session_id_len, - { "Session ID Length", "ssl.handshake.session_id_length", + { "Session ID Length", "tls.handshake.session_id_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of session ID field", HFILL } }, { &hf_ssl2_handshake_challenge_len, - { "Challenge Length", "ssl.handshake.challenge_length", + { "Challenge Length", "tls.handshake.challenge_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of challenge field", HFILL } }, { &hf_ssl2_handshake_clear_key_len, - { "Clear Key Data Length", "ssl.handshake.clear_key_length", + { "Clear Key Data Length", "tls.handshake.clear_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of clear key data", HFILL } }, { &hf_ssl2_handshake_enc_key_len, - { "Encrypted Key Data Length", "ssl.handshake.encrypted_key_length", + { "Encrypted Key Data Length", "tls.handshake.encrypted_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of encrypted key data", HFILL } }, { &hf_ssl2_handshake_key_arg_len, - { "Key Argument Length", "ssl.handshake.key_arg_length", + { "Key Argument Length", "tls.handshake.key_arg_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of key argument", HFILL } }, { &hf_ssl2_handshake_clear_key, - { "Clear Key Data", "ssl.handshake.clear_key_data", + { "Clear Key Data", "tls.handshake.clear_key_data", FT_NONE, BASE_NONE, NULL, 0x0, "Clear portion of MASTER-KEY", HFILL } }, { &hf_ssl2_handshake_enc_key, - { "Encrypted Key", "ssl.handshake.encrypted_key", + { "Encrypted Key", "tls.handshake.encrypted_key", FT_NONE, BASE_NONE, NULL, 0x0, "Secret portion of MASTER-KEY encrypted to server", HFILL } }, { &hf_ssl2_handshake_key_arg, - { "Key Argument", "ssl.handshake.key_arg", + { "Key Argument", "tls.handshake.key_arg", FT_NONE, BASE_NONE, NULL, 0x0, "Key Argument (e.g., Initialization Vector)", HFILL } }, { &hf_ssl2_handshake_session_id_hit, - { "Session ID Hit", "ssl.handshake.session_id_hit", + { "Session ID Hit", "tls.handshake.session_id_hit", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Did the server find the client's Session ID?", HFILL } }, { &hf_ssl2_handshake_cert_type, - { "Certificate Type", "ssl.handshake.cert_type", + { "Certificate Type", "tls.handshake.cert_type", FT_UINT8, BASE_DEC, VALS(ssl_20_certificate_type), 0x0, NULL, HFILL } }, { &hf_ssl2_handshake_connection_id_len, - { "Connection ID Length", "ssl.handshake.connection_id_length", + { "Connection ID Length", "tls.handshake.connection_id_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of connection ID", HFILL } }, { &hf_ssl2_handshake_connection_id, - { "Connection ID", "ssl.handshake.connection_id", + { "Connection ID", "tls.handshake.connection_id", FT_NONE, BASE_NONE, NULL, 0x0, "Server's challenge to client", HFILL } }, @@ -4435,7 +4435,7 @@ proto_register_ssl(void) { &hf_ssl_pct_server_version, { "Server Version", "ssl.pct.server_version", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_sh_restart_session_ok_flag, { "SH_RESTART_SESSION_OK flag", "ssl.pct.sh_restart_session_ok_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_sh_client_auth_req_flag, { "SH_CLIENT_AUTH_REQ flag", "ssl.pct.sh_client_auth_req_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_pct_connection_id_data, { "Connection ID Data", "ssl.connection_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_ssl_pct_connection_id_data, { "Connection ID Data", "tls.connection_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_server_certificate_length, { "Server Certificate Length", "ssl.pct.server_certificate_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_client_cert_specs_length, { "Client CERT_SPECS Length", "ssl.pct.client_cert_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_client_sig_specs_length, { "Client SIG_SPECS Length", "ssl.pct.client_sig_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, @@ -4464,124 +4464,125 @@ proto_register_ssl(void) { &hf_ssl_pct_error_information_data, { "Error Information data", "ssl.pct.error_information_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segment_overlap, - { "Segment overlap", "ssl.segment.overlap", + { &hf_tls_segment_overlap, + { "Segment overlap", "tls.segment.overlap", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Segment overlaps with other segments", HFILL }}, - { &hf_ssl_segment_overlap_conflict, - { "Conflicting data in segment overlap", "ssl.segment.overlap.conflict", + { &hf_tls_segment_overlap_conflict, + { "Conflicting data in segment overlap", "tls.segment.overlap.conflict", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Overlapping segments contained conflicting data", HFILL }}, - { &hf_ssl_segment_multiple_tails, - { "Multiple tail segments found", "ssl.segment.multipletails", + { &hf_tls_segment_multiple_tails, + { "Multiple tail segments found", "tls.segment.multipletails", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Several tails were found when reassembling the pdu", HFILL }}, - { &hf_ssl_segment_too_long_fragment, - { "Segment too long", "ssl.segment.toolongfragment", + { &hf_tls_segment_too_long_fragment, + { "Segment too long", "tls.segment.toolongfragment", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Segment contained data past end of the pdu", HFILL }}, - { &hf_ssl_segment_error, - { "Reassembling error", "ssl.segment.error", + { &hf_tls_segment_error, + { "Reassembling error", "tls.segment.error", FT_FRAMENUM, BASE_NONE, NULL, 0x0, "Reassembling error due to illegal segments", HFILL }}, - { &hf_ssl_segment_count, - { "Segment count", "ssl.segment.count", + { &hf_tls_segment_count, + { "Segment count", "tls.segment.count", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segment, - { "SSL segment", "ssl.segment", + { &hf_tls_segment, + { "TLS segment", "tls.segment", FT_FRAMENUM, BASE_NONE, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segments, - { "Reassembled SSL segments", "ssl.segments", + { &hf_tls_segments, + { "Reassembled TLS segments", "tls.segments", FT_NONE, BASE_NONE, NULL, 0x0, - "SSL Segments", HFILL }}, + "TLS Segments", HFILL }}, - { &hf_ssl_reassembled_in, - { "Reassembled PDU in frame", "ssl.reassembled_in", + { &hf_tls_reassembled_in, + { "Reassembled PDU in frame", "tls.reassembled_in", FT_FRAMENUM, BASE_NONE, NULL, 0x0, "The PDU that doesn't end in this segment is reassembled in this frame", HFILL }}, - { &hf_ssl_reassembled_length, - { "Reassembled PDU length", "ssl.reassembled.length", + { &hf_tls_reassembled_length, + { "Reassembled PDU length", "tls.reassembled.length", FT_UINT32, BASE_DEC, NULL, 0x0, "The total length of the reassembled payload", HFILL }}, - { &hf_ssl_reassembled_data, - { "Reassembled PDU data", "ssl.reassembled.data", + { &hf_tls_reassembled_data, + { "Reassembled PDU data", "tls.reassembled.data", FT_BYTES, BASE_NONE, NULL, 0x00, - "The payload of multiple reassembled SSL segments", HFILL }}, + "The payload of multiple reassembled TLS segments", HFILL }}, - { &hf_ssl_segment_data, - { "SSL segment data", "ssl.segment.data", + { &hf_tls_segment_data, + { "TLS segment data", "tls.segment.data", FT_BYTES, BASE_NONE, NULL, 0x00, - "The payload of a single SSL segment", HFILL } + "The payload of a single TLS segment", HFILL } }, - SSL_COMMON_HF_LIST(dissect_ssl3_hf, "ssl") + SSL_COMMON_HF_LIST(dissect_ssl3_hf, "tls") }; /* Setup protocol subtree array */ static gint *ett[] = { - &ett_ssl, - &ett_ssl_record, - &ett_ssl_alert, - &ett_ssl_handshake, - &ett_ssl_heartbeat, - &ett_ssl_certs, + &ett_tls, + &ett_tls_record, + &ett_tls_alert, + &ett_tls_handshake, + &ett_tls_heartbeat, + &ett_tls_certs, &ett_pct_cipher_suites, &ett_pct_hash_suites, &ett_pct_cert_suites, &ett_pct_exch_suites, - &ett_ssl_segments, - &ett_ssl_segment, + &ett_tls_segments, + &ett_tls_segment, SSL_COMMON_ETT_LIST(dissect_ssl3_hf) }; static ei_register_info ei[] = { - { &ei_ssl2_handshake_session_id_len_error, { "ssl.handshake.session_id_length.error", PI_MALFORMED, PI_ERROR, "Session ID length error", EXPFILL }}, - { &ei_ssl3_heartbeat_payload_length, { "ssl.heartbeat_message.payload_length.invalid", PI_MALFORMED, PI_ERROR, "Invalid heartbeat payload length", EXPFILL }}, - { &ei_tls_unexpected_message, { "ssl.unexpected_message", PI_PROTOCOL, PI_ERROR, "Unexpected message", EXPFILL }}, + { &ei_ssl2_handshake_session_id_len_error, { "tls.handshake.session_id_length.error", PI_MALFORMED, PI_ERROR, "Session ID length error", EXPFILL }}, + { &ei_ssl3_heartbeat_payload_length, { "tls.heartbeat_message.payload_length.invalid", PI_MALFORMED, PI_ERROR, "Invalid heartbeat payload length", EXPFILL }}, + { &ei_tls_unexpected_message, { "tls.unexpected_message", PI_PROTOCOL, PI_ERROR, "Unexpected message", EXPFILL }}, /* Generated from convert_proto_tree_add_text.pl */ - { &ei_ssl_ignored_unknown_record, { "ssl.ignored_unknown_record", PI_PROTOCOL, PI_WARN, "Ignored Unknown Record", EXPFILL }}, + { &ei_tls_ignored_unknown_record, { "tls.ignored_unknown_record", PI_PROTOCOL, PI_WARN, "Ignored Unknown Record", EXPFILL }}, { &ei_ssl_pct_client_version, { "ssl.pct.client_version.invalid", PI_PROTOCOL, PI_WARN, "Client Version invalid", EXPFILL }}, { &ei_ssl_pct_ch_offset, { "ssl.pct.ch_offset.invalid", PI_PROTOCOL, PI_WARN, "CH_OFFSET invalid", EXPFILL }}, { &ei_ssl_pct_server_version, { "ssl.pct.server_version.invalid", PI_PROTOCOL, PI_WARN, "Server Version invalid", EXPFILL }}, - SSL_COMMON_EI_LIST(dissect_ssl3_hf, "ssl") + SSL_COMMON_EI_LIST(dissect_ssl3_hf, "tls") }; static build_valid_func ssl_da_src_values[1] = {ssl_src_value}; static build_valid_func ssl_da_dst_values[1] = {ssl_dst_value}; static build_valid_func ssl_da_both_values[2] = {ssl_src_value, ssl_dst_value}; static decode_as_value_t ssl_da_values[3] = {{ssl_src_prompt, 1, ssl_da_src_values}, {ssl_dst_prompt, 1, ssl_da_dst_values}, {ssl_both_prompt, 2, ssl_da_both_values}}; - static decode_as_t ssl_da = {"ssl", "Transport", "ssl.port", 3, 2, ssl_da_values, "TCP", "port(s) as", + static decode_as_t ssl_da = {"tls", "Transport", "tls.port", 3, 2, ssl_da_values, "TCP", "port(s) as", decode_as_default_populate_list, decode_as_default_reset, decode_as_default_change, NULL}; expert_module_t* expert_ssl; /* Register the protocol name and description */ - proto_ssl = proto_register_protocol("Secure Sockets Layer", - "SSL", "ssl"); + proto_tls = proto_register_protocol("Transport Layer Security", + "TLS", "tls"); - ssl_associations = register_dissector_table("ssl.port", "SSL Port", proto_ssl, FT_UINT16, BASE_DEC); + ssl_associations = register_dissector_table("tls.port", "TLS Port", proto_tls, FT_UINT16, BASE_DEC); /* Required function calls to register the header fields and * subtrees used */ - proto_register_field_array(proto_ssl, hf, array_length(hf)); + proto_register_field_array(proto_tls, hf, array_length(hf)); + proto_register_alias(proto_tls, "ssl"); proto_register_subtree_array(ett, array_length(ett)); - expert_ssl = expert_register_protocol(proto_ssl); + expert_ssl = expert_register_protocol(proto_tls); expert_register_field_array(expert_ssl, ei, array_length(ei)); { - module_t *ssl_module = prefs_register_protocol(proto_ssl, proto_reg_handoff_ssl); + module_t *ssl_module = prefs_register_protocol(proto_tls, proto_reg_handoff_ssl); #ifdef HAVE_LIBGNUTLS static uat_field_t sslkeylist_uats_flds[] = { @@ -4593,12 +4594,12 @@ proto_register_ssl(void) UAT_END_FIELDS }; - ssldecrypt_uat = uat_new("SSL Decrypt", + ssldecrypt_uat = uat_new("TLS Decrypt", sizeof(ssldecrypt_assoc_t), "ssl_keys", /* filename */ TRUE, /* from_profile */ - &sslkeylist_uats, /* data_ptr */ - &nssldecrypt, /* numitems_ptr */ + &tlskeylist_uats, /* data_ptr */ + &ntlsdecrypt, /* numitems_ptr */ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ NULL, /* Help section (currently a wiki page) */ ssldecrypt_copy_cb, @@ -4610,47 +4611,47 @@ proto_register_ssl(void) prefs_register_uat_preference(ssl_module, "key_table", "RSA keys list", - "A table of RSA keys for SSL decryption", + "A table of RSA keys for TLS decryption", ssldecrypt_uat); #endif /* HAVE_LIBGNUTLS */ - prefs_register_filename_preference(ssl_module, "debug_file", "SSL debug file", - "Redirect SSL debug to the file specified. Leave empty to disable debugging " + prefs_register_filename_preference(ssl_module, "debug_file", "TLS debug file", + "Redirect TLS debug to the file specified. Leave empty to disable debugging " "or use \"" SSL_DEBUG_USE_STDERR "\" to redirect output to stderr.", &ssl_debug_file_name, TRUE); prefs_register_string_preference(ssl_module, "keys_list", "RSA keys list (deprecated)", - "Semicolon-separated list of private RSA keys used for SSL decryption. " + "Semicolon-separated list of private RSA keys used for TLS decryption. " "Used by versions of Wireshark prior to 1.6", &ssl_keys_list); prefs_register_bool_preference(ssl_module, "desegment_ssl_records", - "Reassemble SSL records spanning multiple TCP segments", - "Whether the SSL dissector should reassemble SSL records spanning multiple TCP segments. " + "Reassemble TLS records spanning multiple TCP segments", + "Whether the TLS dissector should reassemble TLS records spanning multiple TCP segments. " "To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", - &ssl_desegment); + &tls_desegment); prefs_register_bool_preference(ssl_module, "desegment_ssl_application_data", - "Reassemble SSL Application Data spanning multiple SSL records", - "Whether the SSL dissector should reassemble SSL Application Data spanning multiple SSL records. ", - &ssl_desegment_app_data); + "Reassemble TLS Application Data spanning multiple TLS records", + "Whether the TLS dissector should reassemble TLS Application Data spanning multiple TLS records. ", + &tls_desegment_app_data); prefs_register_bool_preference(ssl_module, "ignore_ssl_mac_failed", "Message Authentication Code (MAC), ignore \"mac failed\"", "For troubleshooting ignore the mac check result and decrypt also if the Message Authentication Code (MAC) fails.", - &ssl_ignore_mac_failed); + &tls_ignore_mac_failed); ssl_common_register_options(ssl_module, &ssl_options); } /* heuristic dissectors for any premable e.g. CredSSP before RDP */ - ssl_heur_subdissector_list = register_heur_dissector_list("ssl", proto_ssl); + ssl_heur_subdissector_list = register_heur_dissector_list("tls", proto_tls); - ssl_common_register_ssl_alpn_dissector_table("ssl.handshake.extensions_alpn_str", + ssl_common_register_ssl_alpn_dissector_table("tls.handshake.extensions_alpn_str", "SSL/TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs", - proto_ssl); + proto_tls); - ssl_handle = register_dissector("ssl", dissect_ssl, proto_ssl); + tls_handle = register_dissector("tls", dissect_ssl, proto_tls); register_init_routine(ssl_init); register_cleanup_routine(ssl_cleanup); @@ -4659,11 +4660,11 @@ proto_register_ssl(void) register_decode_as(&ssl_da); /* XXX: this seems unused due to new "Follow SSL" method, remove? */ - ssl_tap = register_tap("ssl"); + tls_tap = register_tap("tls"); ssl_debug_printf("proto_register_ssl: registered tap %s:%d\n", - "ssl", ssl_tap); + "tls", tls_tap); - register_follow_stream(proto_ssl, "ssl", tcp_follow_conv_filter, tcp_follow_index_filter, tcp_follow_address_filter, + register_follow_stream(proto_tls, "tls", tcp_follow_conv_filter, tcp_follow_index_filter, tcp_follow_address_filter, tcp_port_to_display, ssl_follow_tap_listener); } @@ -4706,22 +4707,22 @@ proto_reg_handoff_ssl(void) exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); /* Certificate Transparency extensions: 2 (Certificate), 5 (OCSP Response) */ - register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.2", dissect_tls_sct_ber, proto_ssl, "SignedCertificateTimestampList"); - register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.5", dissect_tls_sct_ber, proto_ssl, "SignedCertificateTimestampList"); + register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.2", dissect_tls_sct_ber, proto_tls, "SignedCertificateTimestampList"); + register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.5", dissect_tls_sct_ber, proto_tls, "SignedCertificateTimestampList"); - heur_dissector_add("tcp", dissect_ssl_heur, "SSL/TLS over TCP", "ssl_tcp", proto_ssl, HEURISTIC_ENABLE); + heur_dissector_add("tcp", dissect_ssl_heur, "SSL/TLS over TCP", "tls_tcp", proto_tls, HEURISTIC_ENABLE); } void ssl_dissector_add(guint port, dissector_handle_t handle) { - ssl_association_add("ssl.port", ssl_handle, handle, port, TRUE); + ssl_association_add("tls.port", tls_handle, handle, port, TRUE); } void ssl_dissector_delete(guint port, dissector_handle_t handle) { - ssl_association_remove("ssl.port", ssl_handle, handle, port, TRUE); + ssl_association_remove("tls.port", tls_handle, handle, port, TRUE); } /* diff --git a/epan/dissectors/packet-stun.c b/epan/dissectors/packet-stun.c index cd70cb890b..49a5b0d80a 100644 --- a/epan/dissectors/packet-stun.c +++ b/epan/dissectors/packet-stun.c @@ -1735,7 +1735,7 @@ proto_reg_handoff_stun(void) * SSL/TLS and DTLS Application-Layer Protocol Negotiation (ALPN) * protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "stun.nat-discovery", stun_tcp_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "stun.nat-discovery", stun_tcp_handle); dissector_add_string("dtls.handshake.extensions_alpn_str", "stun.nat-discovery", stun_udp_handle); heur_dissector_add("udp", dissect_stun_heur, "STUN over UDP", "stun_udp", proto_stun, HEURISTIC_ENABLE); diff --git a/epan/dissectors/packet-telnet.c b/epan/dissectors/packet-telnet.c index 2c9b8e04bc..39805762f0 100644 --- a/epan/dissectors/packet-telnet.c +++ b/epan/dissectors/packet-telnet.c @@ -137,7 +137,7 @@ static dissector_handle_t telnet_handle; static dissector_handle_t tn3270_handle; static dissector_handle_t tn5250_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* Some defines for Telnet */ @@ -471,7 +471,7 @@ dissect_starttls_subopt(packet_info *pinfo _U_, const char *optname _U_, tvbuff_ } else if (session->starttls_requested_in < pinfo->num && session->starttls_port != pinfo->srcport) { /* Other side confirms that following data is TLS. */ - ssl_starttls_ack(ssl_handle, pinfo, telnet_handle); + ssl_starttls_ack(tls_handle, pinfo, telnet_handle); } } @@ -2181,7 +2181,7 @@ proto_reg_handoff_telnet(void) dissector_add_uint_with_preference("tcp.port", TCP_PORT_TELNET, telnet_handle); tn3270_handle = find_dissector_add_dependency("tn3270", proto_telnet); tn5250_handle = find_dissector_add_dependency("tn5250", proto_telnet); - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); } /* diff --git a/epan/dissectors/packet-turnchannel.c b/epan/dissectors/packet-turnchannel.c index e3c2f364f4..313b4f3f7c 100644 --- a/epan/dissectors/packet-turnchannel.c +++ b/epan/dissectors/packet-turnchannel.c @@ -206,7 +206,7 @@ proto_reg_handoff_turnchannel(void) * SSL/TLS and DTLS Application-Layer Protocol Negotiation (ALPN) * protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "stun.turn", turnchannel_tcp_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "stun.turn", turnchannel_tcp_handle); dissector_add_string("dtls.handshake.extensions_alpn_str", "stun.turn", turnchannel_udp_handle); /* TURN negotiation is handled through STUN2 dissector (packet-stun.c), diff --git a/epan/dissectors/packet-xmpp-core.c b/epan/dissectors/packet-xmpp-core.c index 5ff85a83cf..add7392f99 100644 --- a/epan/dissectors/packet-xmpp-core.c +++ b/epan/dissectors/packet-xmpp-core.c @@ -718,7 +718,7 @@ xmpp_proceed(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, } ssl_proceed = - ssl_starttls_ack(find_dissector("ssl"), pinfo, find_dissector("xmpp")); + ssl_starttls_ack(find_dissector("tls"), pinfo, find_dissector("xmpp")); if (ssl_proceed > 0 && ssl_proceed != pinfo->num) { expert_add_info_format(pinfo, proceed_item, &ei_xmpp_proceed_already_in_frame, "Already saw PROCEED in frame %u", ssl_proceed); diff --git a/epan/follow.h b/epan/follow.h index 99b2050a8a..81ce435a8b 100644 --- a/epan/follow.h +++ b/epan/follow.h @@ -39,7 +39,7 @@ typedef enum { /* Type of follow we are doing */ typedef enum { FOLLOW_TCP, - FOLLOW_SSL, + FOLLOW_TLS, FOLLOW_UDP, FOLLOW_HTTP } follow_type_t; diff --git a/test/suite_decryption.py b/test/suite_decryption.py index 875a1cc02a..e698c5bca3 100644 --- a/test/suite_decryption.py +++ b/test/suite_decryption.py @@ -121,8 +121,8 @@ class case_decrypt_dtls(subprocesstest.SubprocessTestCase): self.assertTrue(self.grepOutput('UDT')) class case_decrypt_tls(subprocesstest.SubprocessTestCase): - def test_ssl(self): - '''SSL using the server's private key''' + def test_tls(self): + '''TLS using the server's private key''' # https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=snakeoil2_070531.tgz capture_file = os.path.join(config.capture_dir, 'rsasnakeoil2.pcap') self.runProcess((config.cmd_tshark, @@ -134,14 +134,14 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): env=config.test_env) self.assertTrue(self.grepOutput('favicon.ico')) - def test_ssl_rsa_pq(self): - '''SSL using the server's private key with p < q + def test_tls_rsa_pq(self): + '''TLS using the server's private key with p < q (test whether libgcrypt is correctly called)''' capture_file = os.path.join(config.capture_dir, 'rsa-p-lt-q.pcap') key_file = os.path.join(config.key_dir, 'rsa-p-lt-q.key') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.keys_list:0.0.0.0,443,http,{}'.format(key_file), + '-o', 'tls.keys_list:0.0.0.0,443,http,{}'.format(key_file), '-Tfields', '-e', 'http.request.uri', '-Y', 'http', @@ -149,8 +149,8 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): env=config.test_env) self.assertTrue(self.grepOutput('/')) - def test_ssl_with_password(self): - '''SSL using the server's private key with password''' + def test_tls_with_password(self): + '''TLS using the server's private key with password''' capture_file = os.path.join(config.capture_dir, 'dmgr.pcapng') self.runProcess((config.cmd_tshark, '-r', capture_file, @@ -161,21 +161,23 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): env=config.test_env) self.assertTrue(self.grepOutput('unsecureLogon.jsp')) - def test_ssl_master_secret(self): - '''SSL using the master secret''' + def test_tls_master_secret(self): + '''TLS using the master secret and ssl.keylog_file preference aliasing''' capture_file = os.path.join(config.capture_dir, 'dhe1.pcapng.gz') key_file = os.path.join(config.key_dir, 'dhe1_keylog.dat') self.runProcess((config.cmd_tshark, '-r', capture_file, '-o', 'ssl.keylog_file: {}'.format(key_file), - '-o', 'ssl.desegment_ssl_application_data: FALSE', - '-o', 'http.ssl.port: 443', + '-o', 'tls.desegment_ssl_application_data: FALSE', + '-o', 'http.tls.port: 443', '-Tfields', + '-e', 'http.request.method', '-e', 'http.request.uri', + '-e', 'http.request.version', '-Y', 'http', ), env=config.test_env) - self.assertTrue(self.grepOutput('test')) + self.assertTrue(self.grepOutput('GET\s+/test\s+HTTP/1.0')) def test_tls12_renegotiation(self): '''TLS 1.2 with renegotiation''' @@ -183,7 +185,7 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): key_file = os.path.join(config.key_dir, 'rsasnakeoil2.key') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.keys_list:0.0.0.0,4433,http,{}'.format(key_file), + '-o', 'tls.keys_list:0.0.0.0,4433,http,{}'.format(key_file), '-Tfields', '-e', 'http.content_length', '-Y', 'http', @@ -198,9 +200,9 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): capture_file = os.path.join(config.capture_dir, 'tls12-aes128ccm.pcap') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.psk:ca19e028a8a372ad2d325f950fcaceed', + '-o', 'tls.psk:ca19e028a8a372ad2d325f950fcaceed', '-q', - '-z', 'follow,ssl,ascii,0', + '-z', 'follow,tls,ascii,0', ), env=config.test_env) self.assertTrue(self.grepOutput('http://www.gnu.org/software/gnutls')) @@ -210,9 +212,9 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): capture_file = os.path.join(config.capture_dir, 'tls12-aes256gcm.pcap') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.psk:ca19e028a8a372ad2d325f950fcaceed', + '-o', 'tls.psk:ca19e028a8a372ad2d325f950fcaceed', '-q', - '-z', 'follow,ssl,ascii,0', + '-z', 'follow,tls,ascii,0', ), env=config.test_env) self.assertTrue(self.grepOutput('http://www.gnu.org/software/gnutls')) @@ -236,9 +238,9 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): for cipher in ciphers: self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.keylog_file: {}'.format(key_file), + '-o', 'tls.keylog_file: {}'.format(key_file), '-q', - '-z', 'follow,ssl,ascii,{}'.format(stream), + '-z', 'follow,tls,ascii,{}'.format(stream), ), env=config.test_env) stream += 1 @@ -252,9 +254,9 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): key_file = os.path.join(config.key_dir, 'tls13-20-chacha20poly1305.keys') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.keylog_file: {}'.format(key_file), + '-o', 'tls.keylog_file: {}'.format(key_file), '-q', - '-z', 'follow,ssl,ascii,0', + '-z', 'follow,tls,ascii,0', ), env=config.test_env) self.assertTrue(self.grepOutput('TLS13-CHACHA20-POLY1305-SHA256')) @@ -267,7 +269,7 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): key_file = os.path.join(config.key_dir, 'tls13-rfc8446.keys') proc = self.runProcess((config.cmd_tshark, '-r', capture_file, - '-ossl.keylog_file:{}'.format(key_file), + '-otls.keylog_file:{}'.format(key_file), '-Y', 'http', '-Tfields', '-e', 'frame.number', @@ -293,7 +295,7 @@ class case_decrypt_tls(subprocesstest.SubprocessTestCase): key_file = os.path.join(config.key_dir, 'tls13-rfc8446-noearly.keys') proc = self.runProcess((config.cmd_tshark, '-r', capture_file, - '-ossl.keylog_file:{}'.format(key_file), + '-otls.keylog_file:{}'.format(key_file), '-Y', 'http', '-Tfields', '-e', 'frame.number', diff --git a/test/suite_dissection.py b/test/suite_dissection.py index 540fe5a2ef..207e32efba 100644 --- a/test/suite_dissection.py +++ b/test/suite_dissection.py @@ -23,8 +23,8 @@ class case_dissect_http2(subprocesstest.SubprocessTestCase): key_file = os.path.join(config.key_dir, 'http2-data-reassembly.keys') self.runProcess((config.cmd_tshark, '-r', capture_file, - '-o', 'ssl.keylog_file: {}'.format(key_file), - '-d', 'tcp.port==8443,ssl', + '-o', 'tls.keylog_file: {}'.format(key_file), + '-d', 'tcp.port==8443,tls', '-Y', 'http2.data.data matches "PNG" && http2.data.data matches "END"', ), env=config.test_env) diff --git a/ui/qt/follow_stream_dialog.cpp b/ui/qt/follow_stream_dialog.cpp index 2b141fbeb1..c039877100 100644 --- a/ui/qt/follow_stream_dialog.cpp +++ b/ui/qt/follow_stream_dialog.cpp @@ -85,8 +85,8 @@ FollowStreamDialog::FollowStreamDialog(QWidget &parent, CaptureFile &cf, follow_ case FOLLOW_TCP: follower_ = get_follow_by_name("TCP"); break; - case FOLLOW_SSL: - follower_ = get_follow_by_name("SSL"); + case FOLLOW_TLS: + follower_ = get_follow_by_name("TLS"); break; case FOLLOW_UDP: follower_ = get_follow_by_name("UDP"); @@ -455,7 +455,7 @@ FollowStreamDialog::readStream() case FOLLOW_TCP : case FOLLOW_UDP : case FOLLOW_HTTP : - case FOLLOW_SSL : + case FOLLOW_TLS : ret = readFollowStream(); break; @@ -802,9 +802,9 @@ bool FollowStreamDialog::follow(QString previous_filter, bool use_stream_index, return false; } - if (follow_type_ == FOLLOW_SSL || follow_type_ == FOLLOW_HTTP) + if (follow_type_ == FOLLOW_TLS || follow_type_ == FOLLOW_HTTP) { - /* we got ssl/http so we can follow */ + /* we got tls/http so we can follow */ removeStreamControls(); } @@ -868,7 +868,7 @@ bool FollowStreamDialog::follow(QString previous_filter, bool use_stream_index, break; } - case FOLLOW_SSL: + case FOLLOW_TLS: case FOLLOW_HTTP: /* No extra handling */ break; diff --git a/ui/qt/main_window.cpp b/ui/qt/main_window.cpp index d21a53ca85..a3516dbe5d 100644 --- a/ui/qt/main_window.cpp +++ b/ui/qt/main_window.cpp @@ -2286,7 +2286,7 @@ void MainWindow::setMenusForCaptureFile(bool force_disable) main_ui_->actionFileExportPacketBytes->setEnabled(enable); main_ui_->actionFileExportPDU->setEnabled(enable); - main_ui_->actionFileExportSSLSessionKeys->setEnabled(enable); + main_ui_->actionFileExportTLSSessionKeys->setEnabled(enable); foreach (QAction *eo_action, main_ui_->menuFileExportObjects->actions()) { eo_action->setEnabled(enable); @@ -2316,7 +2316,7 @@ void MainWindow::setMenusForCaptureInProgress(bool capture_in_progress) { main_ui_->actionFileExportPacketBytes->setEnabled(capture_in_progress); main_ui_->actionFileExportPDU->setEnabled(!capture_in_progress); - main_ui_->actionFileExportSSLSessionKeys->setEnabled(capture_in_progress); + main_ui_->actionFileExportTLSSessionKeys->setEnabled(capture_in_progress); foreach (QAction *eo_action, main_ui_->menuFileExportObjects->actions()) { eo_action->setEnabled(capture_in_progress); diff --git a/ui/qt/main_window.h b/ui/qt/main_window.h index fc8f923fd4..b732bcf82a 100644 --- a/ui/qt/main_window.h +++ b/ui/qt/main_window.h @@ -442,7 +442,7 @@ private slots: void on_actionFilePrint_triggered(); void on_actionFileExportPDU_triggered(); - void on_actionFileExportSSLSessionKeys_triggered(); + void on_actionFileExportTLSSessionKeys_triggered(); void actionEditCopyTriggered(MainWindow::CopySelected selection_type); void on_actionCopyAllVisibleItems_triggered(); @@ -546,7 +546,7 @@ private slots: void openFollowStreamDialog(follow_type_t type, int stream_num = -1); void on_actionAnalyzeFollowTCPStream_triggered(); void on_actionAnalyzeFollowUDPStream_triggered(); - void on_actionAnalyzeFollowSSLStream_triggered(); + void on_actionAnalyzeFollowTLSStream_triggered(); void on_actionAnalyzeFollowHTTPStream_triggered(); void statCommandExpertInfo(const char *, void *); void on_actionAnalyzeExpertInfo_triggered(); diff --git a/ui/qt/main_window.ui b/ui/qt/main_window.ui index 573f480cfb..31c3135bf4 100644 --- a/ui/qt/main_window.ui +++ b/ui/qt/main_window.ui @@ -197,7 +197,7 @@ <addaction name="menuFileExportPacketDissections"/> <addaction name="actionFileExportPacketBytes"/> <addaction name="actionFileExportPDU"/> - <addaction name="actionFileExportSSLSessionKeys"/> + <addaction name="actionFileExportTLSSessionKeys"/> <addaction name="menuFileExportObjects"/> <addaction name="separator"/> <addaction name="actionFilePrint"/> @@ -425,7 +425,7 @@ </property> <addaction name="actionAnalyzeFollowTCPStream"/> <addaction name="actionAnalyzeFollowUDPStream"/> - <addaction name="actionAnalyzeFollowSSLStream"/> + <addaction name="actionAnalyzeFollowTLSStream"/> <addaction name="actionAnalyzeFollowHTTPStream"/> </widget> <widget class="QMenu" name="menuConversationFilter"> @@ -1177,9 +1177,9 @@ <string notr="true">Ctrl+Shift+X</string> </property> </action> - <action name="actionFileExportSSLSessionKeys"> + <action name="actionFileExportTLSSessionKeys"> <property name="text"> - <string>Export SSL Session Keys…</string> + <string>Export TLS Session Keys…</string> </property> </action> <action name="actionFilePrint"> @@ -1790,12 +1790,12 @@ <string notr="true">Ctrl+Alt+Shift+U</string> </property> </action> - <action name="actionAnalyzeFollowSSLStream"> + <action name="actionAnalyzeFollowTLSStream"> <property name="enabled"> <bool>false</bool> </property> <property name="text"> - <string>SSL Stream</string> + <string>TLS Stream</string> </property> <property name="shortcut"> <string notr="true">Ctrl+Alt+Shift+S</string> diff --git a/ui/qt/main_window_slots.cpp b/ui/qt/main_window_slots.cpp index ef03920384..6bafd44275 100644 --- a/ui/qt/main_window_slots.cpp +++ b/ui/qt/main_window_slots.cpp @@ -1215,7 +1215,7 @@ void MainWindow::setMenusForSelectedPacket() main_ui_->actionAnalyzeFollowTCPStream->setEnabled(is_tcp); main_ui_->actionAnalyzeFollowUDPStream->setEnabled(is_udp); - main_ui_->actionAnalyzeFollowSSLStream->setEnabled(is_ssl); + main_ui_->actionAnalyzeFollowTLSStream->setEnabled(is_ssl); main_ui_->actionAnalyzeFollowHTTPStream->setEnabled(is_http); foreach (QAction *cc_action, cc_actions) { @@ -1824,7 +1824,7 @@ void MainWindow::on_actionFileExportPDU_triggered() exportpdu_dialog->activateWindow(); } -void MainWindow::on_actionFileExportSSLSessionKeys_triggered() +void MainWindow::on_actionFileExportTLSSessionKeys_triggered() { QString file_name; QString save_title; @@ -1837,17 +1837,17 @@ void MainWindow::on_actionFileExportSSLSessionKeys_triggered() QMessageBox::warning( this, tr("No Keys"), - tr("There are no SSL Session Keys to save."), + tr("There are no TLS Session Keys to save."), QMessageBox::Ok ); return; } - save_title.append(wsApp->windowTitleString(tr("Export SSL Session Keys (%Ln key(s))", "", keylist_len))); + save_title.append(wsApp->windowTitleString(tr("Export TLS Session Keys (%Ln key(s))", "", keylist_len))); file_name = WiresharkFileDialog::getSaveFileName(this, save_title, wsApp->lastOpenDir().canonicalPath(), - tr("SSL Session Keys (*.keys *.txt);;All Files (" ALL_FILES_WILDCARD ")") + tr("TLS Session Keys (*.keys *.txt);;All Files (" ALL_FILES_WILDCARD ")") ); if (file_name.length() > 0) { gchar *keylist; @@ -2776,9 +2776,9 @@ void MainWindow::on_actionAnalyzeFollowUDPStream_triggered() openFollowStreamDialog(FOLLOW_UDP); } -void MainWindow::on_actionAnalyzeFollowSSLStream_triggered() +void MainWindow::on_actionAnalyzeFollowTLSStream_triggered() { - openFollowStreamDialog(FOLLOW_SSL); + openFollowStreamDialog(FOLLOW_TLS); } void MainWindow::on_actionAnalyzeFollowHTTPStream_triggered() diff --git a/ui/qt/packet_list.cpp b/ui/qt/packet_list.cpp index 71f60f2bf1..6aa804d179 100644 --- a/ui/qt/packet_list.cpp +++ b/ui/qt/packet_list.cpp @@ -566,7 +566,7 @@ void PacketList::contextMenuEvent(QContextMenuEvent *event) ctx_menu_.addMenu(submenu); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowTCPStream")); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowUDPStream")); - submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowSSLStream")); + submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowTLSStream")); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowHTTPStream")); ctx_menu_.addSeparator(); diff --git a/ui/qt/proto_tree.cpp b/ui/qt/proto_tree.cpp index e333926d43..22a6978ce4 100644 --- a/ui/qt/proto_tree.cpp +++ b/ui/qt/proto_tree.cpp @@ -140,7 +140,7 @@ void ProtoTree::contextMenuEvent(QContextMenuEvent *event) ctx_menu_.addMenu(submenu); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowTCPStream")); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowUDPStream")); - submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowSSLStream")); + submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowTLSStream")); submenu->addAction(window()->findChild<QAction *>("actionAnalyzeFollowHTTPStream")); ctx_menu_.addSeparator(); diff --git a/ui/qt/uat_dialog.cpp b/ui/qt/uat_dialog.cpp index 8cbbddbfc6..669be66c6c 100644 --- a/ui/qt/uat_dialog.cpp +++ b/ui/qt/uat_dialog.cpp @@ -58,7 +58,7 @@ UatDialog::UatDialog(QWidget *parent, epan_uat *uat) : // FIXME: this prevents the columns from being resized, even if the text // within a combobox needs more space (e.g. in the USER DLT settings). For - // very long filenames in the SSL RSA keys dialog, it also results in a + // very long filenames in the TLS RSA keys dialog, it also results in a // vertical scrollbar. Maybe remove this since the editor is not limited to // the column width (and overlays other fields if more width is needed)? ui->uatTreeView->header()->setSectionResizeMode(QHeaderView::ResizeToContents); diff --git a/ui/qt/uat_frame.cpp b/ui/qt/uat_frame.cpp index 84e8f18ac2..ed0e5f8916 100644 --- a/ui/qt/uat_frame.cpp +++ b/ui/qt/uat_frame.cpp @@ -49,7 +49,7 @@ UatFrame::UatFrame(QWidget *parent) : // FIXME: this prevents the columns from being resized, even if the text // within a combobox needs more space (e.g. in the USER DLT settings). For - // very long filenames in the SSL RSA keys dialog, it also results in a + // very long filenames in the TLS RSA keys dialog, it also results in a // vertical scrollbar. Maybe remove this since the editor is not limited to // the column width (and overlays other fields if more width is needed)? ui->uatTreeView->header()->setSectionResizeMode(QHeaderView::ResizeToContents); |