diff options
author | Michael Mann <mmann78@netscape.net> | 2015-11-06 14:55:51 -0500 |
---|---|---|
committer | Michael Mann <mmann78@netscape.net> | 2015-11-07 14:13:08 +0000 |
commit | 8ebc1084b296155098295e36587d89415e3604f1 (patch) | |
tree | 8a018a963144ef5524bde981827b5ffd7cd898cf | |
parent | f4921c10e653389afc4ecd8e951f786f22528324 (diff) |
DNS: Add support of DNS over TLS and over DTLS
See http://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-01
and https://www.ietf.org/id/draft-ietf-dprive-dnsodtls-02.txt
Bug: 11679
Change-Id: I5ebc43008951ddbb4570f5aeb55093aaf84f3401
Reviewed-on: https://code.wireshark.org/review/11528
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
-rw-r--r-- | epan/dissectors/packet-dns.c | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/epan/dissectors/packet-dns.c b/epan/dissectors/packet-dns.c index d0a018666d..cedd7d9154 100644 --- a/epan/dissectors/packet-dns.c +++ b/epan/dissectors/packet-dns.c @@ -44,6 +44,8 @@ #include <epan/afn.h> #include <epan/tap.h> #include <epan/stats_tree.h> +#include "packet-ssl.h" +#include "packet-dtls.h" void proto_register_dns(void); void proto_reg_handoff_dns(void); @@ -449,6 +451,8 @@ typedef struct _dns_conv_info_t { #define UDP_PORT_MDNS 5353 #define TCP_PORT_MDNS 5353 #define UDP_PORT_LLMNR 5355 +#define TCP_PORT_DNS_TLS 853 +#define UDP_PORT_DNS_DTLS 853 #if 0 /* PPID used for DNS/SCTP (will be changed when IANA assigned) */ #define DNS_PAYLOAD_PROTOCOL_ID 1000 @@ -3911,15 +3915,7 @@ dissect_dns_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, } static void -dissect_dns_udp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) -{ - col_set_str(pinfo->cinfo, COL_PROTOCOL, "DNS"); - - dissect_dns_common(tvb, pinfo, tree, FALSE, FALSE, FALSE); -} - -static void -dissect_dns_sctp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +dissect_dns_udp_sctp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) { col_set_str(pinfo->cinfo, COL_PROTOCOL, "DNS"); @@ -3975,6 +3971,17 @@ dissect_dns_tcp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) return tvb_reported_length(tvb); } +static int +dissect_dns(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) +{ + if (pinfo->ptype == PT_TCP) { + return dissect_dns_tcp(tvb, pinfo, tree, data); + } else { + dissect_dns_udp_sctp(tvb, pinfo, tree); + return tvb_captured_length(tvb); + } +} + static void dns_stats_tree_init(stats_tree* st) { st_node_packets = stats_tree_create_node(st, st_str_packets, 0, TRUE); @@ -4058,8 +4065,9 @@ proto_reg_handoff_dns(void) dissector_handle_t mdns_udp_handle; dissector_handle_t llmnr_udp_handle; - dns_udp_handle = create_dissector_handle(dissect_dns_udp, proto_dns); - dns_sctp_handle = create_dissector_handle(dissect_dns_sctp, proto_dns); + dns_udp_handle = create_dissector_handle(dissect_dns_udp_sctp, proto_dns); + dns_tcp_handle = new_create_dissector_handle(dissect_dns_tcp, proto_dns); + dns_sctp_handle = create_dissector_handle(dissect_dns_udp_sctp, proto_dns); mdns_udp_handle = create_dissector_handle(dissect_mdns_udp, proto_mdns); llmnr_udp_handle = create_dissector_handle(dissect_llmnr_udp, proto_llmnr); dissector_add_uint("udp.port", UDP_PORT_MDNS, mdns_udp_handle); @@ -4072,6 +4080,8 @@ proto_reg_handoff_dns(void) stats_tree_register("dns", "dns", "DNS", 0, dns_stats_tree_packet, dns_stats_tree_init, NULL); gssapi_handle = find_dissector("gssapi"); ntlmssp_handle = find_dissector("ntlmssp"); + ssl_dissector_add(TCP_PORT_DNS_TLS, dns_tcp_handle); + dtls_dissector_add(UDP_PORT_DNS_DTLS, dns_udp_handle); Initialized = TRUE; } else { @@ -5562,7 +5572,7 @@ proto_register_dns(void) dns_tsig_dissector_table = register_dissector_table("dns.tsig.mac", "DNS TSIG MAC Dissectors", FT_STRING, BASE_NONE, DISSECTOR_TABLE_NOT_ALLOW_DUPLICATE); - dns_tcp_handle = new_register_dissector("dns", dissect_dns_tcp, proto_dns); + new_register_dissector("dns", dissect_dns, proto_dns); dns_tap = register_tap("dns"); } |