| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Draft -22 moved the server version to an extension and makes HRR look
like a SH. SH is now interpreted as TLS 1.2. Detecting TLS 1.3/HRR
requires scanning SH extensions before parsing the message, so do that.
Changes:
- Add draft 22 version identifier.
- Recognize special Server Hello magic for HRR.
- Dissect SupportedVersions for SH/HRR, rename the field to match spec.
- Recognise new Server Hello format (including legacy fields).
- Move version detection up to handshake message dissection to allow
HRR (disguised as SH) to be detected as such. DTLS does not have HRR
and fragmentation makes it harder, so use its version as usual.
- Ignore ChangeCipherSpec again for draft 22 (do not add expert info).
- Allow NST ticket_nonce to be empty.
Change-Id: I9d5f7dba173e1b5c901bf9a6917c65520ee60a2f
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/24340
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
For reuse on QUIC dissector
Change-Id: I005fc3fe7a559fdb7a62e3d40450a4a6b25bf2f5
Reviewed-on: https://code.wireshark.org/review/24383
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
for reuse on QUIC dissector
Change-Id: Ic1d6b875e1e1944bb2aa6c7a85bfdd984c00948c
Reviewed-on: https://code.wireshark.org/review/24018
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
After ChangeCipherSpec, record fragments are encrypted. Use this strong
hint to fix misinterpreting the explicit nonce as a handshake message.
One edge case remaing unsolved though, if an encrypted Finished message
follows the CCS in the same TCP packet, then it could still be
misinterpreted.
Bug: 14117
Change-Id: Ie54bb5335f115d0fd8f05a13d1c826e3807cbbd3
Reviewed-on: https://code.wireshark.org/review/23900
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
In TLS 1.2, the "certificate_status" extension in the CH would result in
a response in the CertificateStatus handshake message. In TLS 1.3, the
response appears in a SH extension instead. Refactor the code to use
ssl_add_vector and hook it up with SH extensions dissection.
Do not stop dissection on a non-empty Responder ID list. Remove
misleading "CertificateStatus" tree item, it only covered the
"OCSPResponse" vector, now its two children (just OCSP Response Length
and the OCSP Response tree) are displayed directly.
Enable DTLS support, the spec does not forbid it and there is a user:
https://mta.openssl.org/pipermail/openssl-users/2016-August/004306.html
Tested with tls-sct.pcap (bug 13372) which now shows one tree item less
and tls13-18-cert-sct-ocsp.pcap (bug 12779) which now dissects the OCSP
response in the Certificate Extensions.
Change-Id: I2ccde84cb1e3bcb1bc47676eadc5cb542248cd92
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23819
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Since draft -17, SCT has moved from EE to Certificate extensions.
Decryption failed for a boringssl test suite capture because it tests
with an unknown version and a small SerializedSCT which resulted in a
malformed packet exception. Ignore the SCT following RFC 6962, sect 3.3.
Change-Id: I894d51447f28ca121ea7f3fcef2b711a0debc1fb
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23818
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
It's not installed so like most other files it doesn't need or benefit
from the prefix.
Change-Id: I01517e06f12b3101fee21b68cba3bc6842bbef5c
Reviewed-on: https://code.wireshark.org/review/23751
Petri-Dish: João Valverde <j@v6e.pt>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: João Valverde <j@v6e.pt>
|
|
Draft 18 is still the most current boringssl version, avoid a malformed
packet exception by recognizing a draft -18 HelloRetryRequest.
Change-Id: I43cf91350a8a2ebfad6c1e0e35eb9621a3b3e44b
Fixes: v2.3.0rc0-2789-g18c4d1bb1f ("TLS13: update HRR for draft -19")
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23544
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Prevent a malformed packet exception with draft -18 CertificateRequest
message which would break further decryption. Tested with
tls13-18-certreq.pcap from the linked bug.
Change-Id: I00be21935370d0f0be66d2dbc87ee9fea3bb889a
Fixes: v2.3.0rc0-2761-g0e244e01fe ("TLS13: update CertificateRequest dissection for draft -19")
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23543
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Code point 46 was used for "ticket_early_data_info" in draft -18 but
removed in draft -19 since it was merged into "early_data".
Change-Id: Ic382c697b55424fd4eb90f9a3d59b76ac0a2dd8a
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23542
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add support for dissecting new TLS 1.3 Signature Algorithms (like
RSASSA-PSS) and add the text to the tree item to prevent expanding the
item. The field names are preserved for backwards compatibility.
Change-Id: Ieb8c7a86f6e19b8d6c89590d87d59a01d9bb1351
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/23474
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Decrypted TLS records must be stored in a single SslPacketInfo or else
plaintext will go missing (in Follow SSL or when subdissectors need
reassembly). As this structure is currently keyed by the layer number
(pinfo->curr_layer_num) which is changed by call_dissector, it must be
copied and propagated before calling subdissectors.
Change-Id: Ic42ba6c0854154272058f9bf9796e06ad7f94bfd
Fixes: v2.3.0rc0-3740-ge1f84f985e ("Fix Decode As for protocols that may use tunneling.")
Bug: 13885
Reviewed-on: https://code.wireshark.org/review/23190
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Ping-Bug: 13881
Change-Id: I0332ebae69d8b25b1ac8617742cff02744a30f2a
Reviewed-on: https://code.wireshark.org/review/23389
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I256496618e67df70ce02ee90f21bc0cd556b0b5a
Reviewed-on: https://code.wireshark.org/review/23105
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
See https://tools.ietf.org/html/draft-ietf-quic-tls
Bug: 13881
Change-Id: Id8ae5cdc2f7232e5db28846e528ae378fc0ac58d
Reviewed-on: https://code.wireshark.org/review/22780
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Ensure that rsa_load_pem_key() and rsa_load_pkcs12() always return an
error message string if they fail, so that
1) they don't return NULL without supplying an error string;
2) they don't supply an error string if they succeed.
If either of them fails, report the error; if there's no error string,
report an unknown error (that shouldn't happen, but the wsutil/rsa.c
code needs more cleanup before I'll believe it can't happen).
While we're at it, clean up some of those error strings, return NULL
rather than 0 as the failure case from rsa_load_pkcs12() as we do in
rsa_load_pem_key() (they mean the same thing, but NULL makes it a bit
clearer), and de-initialize the private key structure in
rsa_load_pem_key() if we fail (so that we don't leak memory).
Change-Id: Id9dd331800d87b017a500a6f579df446057f555b
Reviewed-on: https://code.wireshark.org/review/22941
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
The IP address has been unused since 2.0. The port/protocol fields have
become unnecessary since 2.4 with the introduction of Decode As. Do not
require the user to specify these fields if they just want to set the
RSA key file.
In a future version, these three fields will be completely removed.
Change-Id: Iefc5a8778aa1122b76b707018c00b6ec429dc107
Reviewed-on: https://code.wireshark.org/review/22640
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Release July 03, 2017
Bug: 12779
Change-Id: I527e83ccff6901688030dbcaf639878513a2ace2
Reviewed-on: https://code.wireshark.org/review/22564
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Add Ticket nonce added on Draft 21
Bug: 12779
Change-Id: I2891e1ffe700d85f703b29feacccdc6dd7ff376d
Reviewed-on: https://code.wireshark.org/review/22565
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
[...]/wireshark/epan/dissectors/packet-ssl-utils.c:3556:7: error: implicit
conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'gint'
(aka 'int') [-Werror,-Wshorten-64-to-32]
i=rsa_decrypt_inplace(encrypted_pre_master->data_len,
~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: I1bfdef1bfa451f5098bc6c12c1b4cc57c7de4fdd
Reviewed-on: https://code.wireshark.org/review/21976
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
|
|
Loading PEM and PKCS#11 keys was being done in static functions
in packet-ssl-utils.c. These were moved to wsutil, with prototypes
in a new <wsutil/rsa.h> header. This adds gnutls as optional
dependency to wsutil.
The RSA decryption helper was also moved and is now provided in
<wsutil/wsgcrypt.h>.
This allows more dissectors to access this functionality.
Change-Id: I6cfbbf5203f2881c82bad721747834ccd76e2033
Reviewed-on: https://code.wireshark.org/review/21941
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Implements all seven AEAD_CHACHA20_POLY1305 cipher suites from RFC 7905
(for TLS 1.2) and the final missing one for TLS 1.3 (draft -20).
New test captures (created using OpenSSL_1_1_0-pre6-2528-g042597b0a)
also serve as tests for TLS 1.3 decryption support.
Change-Id: Ice6d639c9c7b7bc23a6ff5fb4832d02694abd8c4
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/21902
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Store SslPacketInfo under the same key as used by p_get_proto_data and
pass this data to the Follow SSL tap.
Change-Id: If9b97d0e0e2a82562abe6cb9e61986744680066d
Fixes: v2.3.0rc0-3740-ge1f84f985e ("Fix Decode As for protocols that may use tunneling.")
Reviewed-on: https://code.wireshark.org/review/21893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Dissectors that rely on pinfo structure information may have the
data overwritten if the data is tunneled. Address it by using
proto data that is based on pinfo->curr_layer_num.
Bug: 13746
Change-Id: I1c29f26a3c49f368876f0e96908705bc9c099ce1
Reviewed-on: https://code.wireshark.org/review/21559
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
See https://tools.ietf.org/html/draft-ietf-tls-grease
Change-Id: I305a35c50f6aa94f94f20974babb7c871393f9e7
Reviewed-on: https://code.wireshark.org/review/21706
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
See https://tools.ietf.org/html/draft-ietf-tls-grease
Change-Id: Iaf5ec11eba3b28cff5d292326166eae26fabda99
Reviewed-on: https://code.wireshark.org/review/21705
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
Change-Id: I5beca54eb4dc644647b0f40ec005d8e3bf23222f
Reviewed-on: https://code.wireshark.org/review/21704
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
and also remove some blankline
Change-Id: I5e66a64c95697f8e92d346b7b4c8956eadf967d3
Reviewed-on: https://code.wireshark.org/review/19955
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
See https://tools.ietf.org/html/draft-ietf-tls-grease
Change-Id: I890e33a6b5afb51d768b0264023b51682642f867
Reviewed-on: https://code.wireshark.org/review/19871
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The handshake_messages for extended master secret start at Client Hello
and end at ClientKeyExchange. Previously all handshake messages in a
record would be hashed, possibly covering those after CKE. Now it will
hash each handshake message separately.
For DTLS, the CH and HVR messages must also be ignored. Additionally,
DTLS needs special treatment to merge multiple fragments.
Bug: 13704
Change-Id: I0c8f19b4c352c0195848ded319b6991d76542720
Reviewed-on: https://code.wireshark.org/review/21625
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This is needed for decryption to work in draft -20. Since lots of
implementations are still at draft -18, maintain decryption support for
older draft versions. Tested with tls13.pcapng (attachment 15156).
Change-Id: Ieb7d85136221573007b529b40e4eadc60eac174f
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/21467
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
RawPublicKey (RFC 7250) has been incorporated in the Certificate
message, update the definition and restructure the code accordingly.
No functional change for X.509 certs, but RPK types will now be
correctly handled for TLS 1.3 (including the context and extensions).
Ran the test suite and tested for regressions using
rpk-certficate-message.pcapng from bug 11480.
Change-Id: If551a30344851313430201cb6d6198b2091efc2d
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/21466
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The "extension_data" field is zero length.
Ping-Bug: 12779
Change-Id: I7a512d7940f55a5edf2c4f71bf1684c3d4e4733a
Reviewed-on: https://code.wireshark.org/review/21465
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Ping-Bug: 12779
Change-Id: I6c54f7c4d793a99e448cbfe6b2971cae418f2d39
Reviewed-on: https://code.wireshark.org/review/21464
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
This is a breaking change.
prefs_register_filename_preference hasn't been differentiating
between files to be saved and ones to be opened.
On GTK, a neutral dialog is used, so no problems there.
On Qt, a save dialog has been always used, even in dissectors that
were reading configuration files without modification.
prefs_register_filename_preference now takes an argument to indicate
whether UI could be a save dialog with a warning on overwriting
a file, or whether it's a general purpose open file dialog.
Qt now does this. Previously no warning was shown on overwriting a file,
so it may be used for opening files too without irritating the user.
This has been changed, as non-destructive reads should now use
the open dialog.
Dissectors were changed accordingly.
Change-Id: I9087fefa5ee7ca58de0775d4fe2c0fdcfa3a3018
Reviewed-on: https://code.wireshark.org/review/21086
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Add a "report a warning message" routine to the "report_err" code in
libwsutil, and rename files and routines appropriately, as they don't
only handle errors any more.
Have a routine read_enabled_and_disabled_protos() that reads all the
files that enable or disable protocols or heuristic dissectors, enables
and disables them based on the contents of those files, and reports
errors itself (as warnings) using the new "report a warning message"
routine. Fix that error reporting to report separately on the disabled
protocols, enabled protocols, and heuristic dissectors files.
Have a routine to set up the enabled and disabled protocols and
heuristic dissectors from the command-line arguments, so it's done the
same way in all programs.
If we try to enable or disable an unknown heuristic dissector via a
command-line argument, report an error.
Update a bunch of comments.
Update the name of disabled_protos_cleanup(), as it cleans up
information for disabled *and* enabled protocols and for heuristic
dissectors.
Support the command-line flags to enable and disable protocols and
heuristic dissectors in tfshark.
Change-Id: I9b8bd29947cccdf6dc34a0540b5509ef941391df
Reviewed-on: https://code.wireshark.org/review/20966
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
|
Fixed these (false-positive) warnings:
epan/dissectors/packet-ssl-utils.c:4149:30: error: 'mac_frag' may be used uninitialized in this function [-Werror=maybe-uninitialized]
epan/dissectors/packet-ssl-utils.c:4149:30: error: 'mac_fraglen' may be used uninitialized in this function [-Werror=maybe-uninitialized]
else if(tls_check_mac(decoder,ct,TLSV1_VERSION,mac_frag,mac_fraglen,mac)>= 0) {
Change-Id: I282d5d60d96953858844deeaaf2069ffed3fabca
Reviewed-on: https://code.wireshark.org/review/20793
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Bug: 13522
Change-Id: I0dfe30e086c3ef1a4f96f22e2db46e4d4cc7dffa
Reviewed-on: https://code.wireshark.org/review/20771
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Change-Id: I80b05bc81e77a70f2e0c8e1fe706ce5bd0a33981
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20593
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
"key_len" refers to the key length of an algorithm, not the block size.
For AES128 both are the same, but for AES256 it is different.
Change-Id: Ic657265d90323eb224b133b23232cb809264ab64
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20598
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: Idb9741fba0a2dfcad503e7bd033311bffd54a022
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20592
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I4b229350fbc6740b307e52086cc0529a888c8eb4
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20587
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Removed supported_signature_algorithms and certificate_authorities
dissection for TLS 1.3. In preparation for certificate_authorities,
extract the certificate_authorities dissection.
Change-Id: I58884b02744ac53f226d3a3e6c491219f58facc0
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20588
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It changed from an alert to a handshake message.
Change-Id: Ic24776e612a291153290543ba1ec8680d9d74264
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20586
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Ping-Bug: 12779
Change-Id: Ic21869f73ffa1ac29b6a50102030eca85f533d37
Reviewed-on: https://code.wireshark.org/review/20589
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Also rename the fields for consistency.
Change-Id: I49f4c9b1d308264e7849df92e1b1ac4a93a94766
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20590
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Added new max_early_data_size for NewSessionTicket.
Change-Id: I6886415d03ffdce983b49649ad52ff0f897f2f77
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20591
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I2e5fd001bb8d4312c6267f530b66d6687865112e
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20596
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Show something like "Signed Certificate Timestamp (Google 'Pilot' Log)"
if the Log ID is recognized, or "... (Unknown Log)" otherwise.
Bug: 13372
Change-Id: I1cd373f110d5beb63ee89fb85831ab72cafe03d0
Reviewed-on: https://code.wireshark.org/review/20387
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change-Id: Ia8b68a718b6cee77b479594be09542fd7133ebe1
Reviewed-on: https://code.wireshark.org/review/20131
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
