diff options
author | Peter Wu <peter@lekensteyn.nl> | 2014-07-19 10:54:19 +0200 |
---|---|---|
committer | Evan Huus <eapache@gmail.com> | 2014-07-23 17:09:01 +0000 |
commit | ee231c526373b1c2e8c750fec0fc42befbfe3a97 (patch) | |
tree | de7f83029f1554a095e7c7542ca6b5d74f7cb91f /epan/dissectors/packet-ssl-utils.h | |
parent | aa09feaf52f842adcf70aca60409281e5739ec08 (diff) |
ssl,dtls: move ClientHello to ssl-utils
Changes to ClientHello dissection:
- Move ssl_find_private_key (and its pre-req, ssl_set_server) outside
ssl_dissect_hnd_cli_hello. It has not really something to do with
dissection, but state tracking and decoder param feeding.
- dtls: add expert info for bad cipher suites len.
- ssl: remove bad cipher suites len text label which is also
available as expert info. Attach expert info to a the length proto
item (which is converted to use add_item instead of add_uint).
- Remove `if (tree || ssl)` since expert info seems not to apply
otherwise (this also needs changes in common and handshake
dissection).
- ssl: remove tvb_ensure_bytes_exist so we can dissect more
compression methods and cipher suites.
- Since DTLS has an additional Cookie field which TLS does not have,
pass these additional header fields through a struct whose type is
defined in ssl-utils.
Change-Id: I41bef04c1c3353e582e30f561d1d246a744e1d60
Reviewed-on: https://code.wireshark.org/review/3021
Reviewed-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 60 |
1 files changed, 57 insertions, 3 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index 8bf952f98f..1cf510d3ab 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -692,8 +692,13 @@ typedef struct ssl_common_dissect { gint hs_random_bytes; gint hs_session_id; gint hs_session_id_len; + gint hs_client_version; gint hs_server_version; + gint hs_cipher_suites_len; + gint hs_cipher_suites; gint hs_cipher_suite; + gint hs_comp_methods_len; + gint hs_comp_methods; gint hs_comp_method; /* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_HF_LIST! */ @@ -716,17 +721,28 @@ typedef struct ssl_common_dissect { gint cert_types; gint dnames; gint hs_random; + gint cipher_suites; + gint comp_methods; /* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_ETT_LIST! */ } ett; struct { expert_field hs_ext_cert_status_undecoded; expert_field hs_sig_hash_alg_len_bad; + expert_field hs_cipher_suites_len_bad; /* do not forget to update SSL_COMMON_LIST_T and SSL_COMMON_EI_LIST! */ } ei; } ssl_common_dissect_t; +/* Header fields specific to DTLS. See packet-dtls.c */ +typedef struct { + gint hf_dtls_handshake_cookie_len; + gint hf_dtls_handshake_cookie; + + /* Do not forget to initialize dtls_hfs to -1 in packet-dtls.c! */ +} dtls_hfs_t; + extern gint ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint32 left, gboolean is_client, @@ -738,6 +754,13 @@ ssl_dissect_hnd_hello_common(ssl_common_dissect_t *hf, tvbuff_t *tvb, SslDecryptSession *ssl, gboolean from_server); extern void +ssl_dissect_hnd_cli_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, + packet_info *pinfo, proto_tree *tree, guint32 offset, + guint32 length, SslSession *session, + SslDecryptSession *ssl, + dtls_hfs_t *dtls_hfs); + +extern void ssl_dissect_hnd_srv_hello(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint32 length, SslSession *session, SslDecryptSession *ssl); @@ -778,14 +801,14 @@ ssl_common_dissect_t name = { \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ - -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ }, \ /* ett */ { \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ - -1, \ + -1, -1, -1, \ }, \ /* ei */ { \ - EI_INIT, EI_INIT, \ + EI_INIT, EI_INIT, EI_INIT, \ }, \ } /* }}} */ @@ -1212,16 +1235,41 @@ ssl_common_dissect_t name = { \ FT_UINT8, BASE_DEC, NULL, 0x0, \ "Length of Session ID field", HFILL } \ }, \ + { & name .hf.hs_client_version, \ + { "Version", prefix ".handshake.version", \ + FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \ + "Maximum version supported by client", HFILL } \ + }, \ { & name .hf.hs_server_version, \ { "Version", prefix ".handshake.version", \ FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, \ "Version selected by server", HFILL } \ }, \ + { & name .hf.hs_cipher_suites_len, \ + { "Cipher Suites Length", prefix ".handshake.cipher_suites_length", \ + FT_UINT16, BASE_DEC, NULL, 0x0, \ + "Length of cipher suites field", HFILL } \ + }, \ + { & name .hf.hs_cipher_suites, \ + { "Cipher Suites", prefix ".handshake.ciphersuites", \ + FT_NONE, BASE_NONE, NULL, 0x0, \ + "List of cipher suites supported by client", HFILL } \ + }, \ { & name .hf.hs_cipher_suite, \ { "Cipher Suite", prefix ".handshake.ciphersuite", \ FT_UINT16, BASE_HEX|BASE_EXT_STRING, &ssl_31_ciphersuite_ext, 0x0, \ NULL, HFILL } \ }, \ + { & name .hf.hs_comp_methods_len, \ + { "Compression Methods Length", prefix ".handshake.comp_methods_length", \ + FT_UINT8, BASE_DEC, NULL, 0x0, \ + "Length of compression methods field", HFILL } \ + }, \ + { & name .hf.hs_comp_methods, \ + { "Compression Methods", prefix ".handshake.comp_methods", \ + FT_NONE, BASE_NONE, NULL, 0x0, \ + "List of compression methods supported by client", HFILL } \ + }, \ { & name .hf.hs_comp_method, \ { "Compression Method", prefix ".handshake.comp_method", \ FT_UINT8, BASE_DEC, VALS(ssl_31_compression_method), 0x0, \ @@ -1248,6 +1296,8 @@ ssl_common_dissect_t name = { \ & name .ett.cert_types, \ & name .ett.dnames, \ & name .ett.hs_random, \ + & name .ett.cipher_suites, \ + & name .ett.comp_methods, \ /* }}} */ /* {{{ */ @@ -1260,6 +1310,10 @@ ssl_common_dissect_t name = { \ { prefix ".handshake.sig_hash_alg_len.mult2", PI_MALFORMED, PI_ERROR, \ "Signature Hash Algorithm length must be a multiple of 2", EXPFILL } \ }, \ + { & name .ei.hs_cipher_suites_len_bad, \ + { prefix ".handshake.cipher_suites_length.mult2", PI_MALFORMED, PI_ERROR, \ + "Cipher suite length must be a multiple of 2", EXPFILL } \ + } /* }}} */ typedef struct ssl_common_options { |