diff options
author | Peter Wu <peter@lekensteyn.nl> | 2017-01-25 21:52:27 +0100 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2017-01-28 03:43:34 +0000 |
commit | 77404250d53a4b123f05c834108e231a8885305a (patch) | |
tree | 1fd9bdaf6ab810b9cc2344588cf55e71a8a3a45c /epan/dissectors/packet-ssl-utils.h | |
parent | 990b5dc14c41fc3be69f9f8894f73d375d0d7db9 (diff) |
(D)TLS: consolidate and simplify decrypted records handling
Previously there was a distinction between decrypted handshake
Application Data records ("Decrypted SSL data") and some others (like
Alerts, Handshake and Heartbeat, "Decrypted SSL record"). Remove this
distinction and always decrypt the payload before passing it on and
always display a data sources for decrypted contents ("Decrypted SSL").
This is prepatory work for TLS 1.3 support where the content type is
located in the encrypted record, having the record decryption in one
place makes it easier to adapt.
Change-Id: I92c51c7f9e87e5c93231d28c39a8e896f5afd1ef
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19789
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
-rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 33 |
1 files changed, 11 insertions, 22 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index b3094993f4..39875c6191 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -352,24 +352,19 @@ typedef struct { } SslDigestAlgo; typedef struct _SslRecordInfo { - guchar *real_data; - gint data_len; - gint id; + guchar *plain_data; /**< Decrypted data. */ + guint data_len; /**< Length of decrypted data. */ + gint id; /**< Identifies the exact record within a frame + (there can be multiple records in a frame). */ + ContentType type; /**< Content type of the decrypted record data. */ + SslFlow *flow; /**< Flow where this record fragment is a part of. + Can be NULL if this record type may not be fragmented. */ + guint32 seq; /**< Data offset within the flow. */ struct _SslRecordInfo* next; } SslRecordInfo; -typedef struct _SslDataInfo { - gint key; - StringInfo plain_data; - guint32 seq; - guint32 nxtseq; - SslFlow *flow; - struct _SslDataInfo *next; -} SslDataInfo; - typedef struct { - SslDataInfo *appl_data; - SslRecordInfo* handshake_data; + SslRecordInfo *records; /**< Decrypted records within this frame. */ } SslPacketInfo; typedef struct _SslSession { @@ -587,17 +582,11 @@ ssl_packet_from_server(SslSession *session, dissector_table_t table, packet_info /* add to packet data a copy of the specified real data */ extern void -ssl_add_record_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint record_id); +ssl_add_record_info(gint proto, packet_info *pinfo, const guchar *data, gint data_len, gint record_id, SslFlow *flow, ContentType type); /* search in packet data for the specified id; return a newly created tvb for the associated data */ extern tvbuff_t* -ssl_get_record_info(tvbuff_t *parent_tvb, gint proto, packet_info *pinfo, gint record_id); - -void -ssl_add_data_info(gint proto, packet_info *pinfo, guchar* data, gint data_len, gint key, SslFlow *flow); - -SslDataInfo* -ssl_get_data_info(int proto, packet_info *pinfo, gint key); +ssl_get_record_info(tvbuff_t *parent_tvb, gint proto, packet_info *pinfo, gint record_id, SslRecordInfo **matched_record); /* initialize/reset per capture state data (ssl sessions cache) */ extern void |