diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2017-02-07 18:05:44 +0100 |
|---|---|---|
| committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2017-02-07 18:48:46 +0000 |
| commit | cecf9f13fe4aa283bba131e53ae2c84a4a68ccfb (patch) | |
| tree | 1958ef9ce4aa7eeed1a78ff83f8f86f8f3695fba /epan/dissectors/packet-ssl-utils.h | |
| parent | f958dd5acecda5a9f38500687718dce3ece26ed4 (diff) | |
TLS13: update NewSessionTicket dissection
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl-utils.h')
| -rw-r--r-- | epan/dissectors/packet-ssl-utils.h | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h index 8ba3f1c451..f07890fe52 100644 --- a/epan/dissectors/packet-ssl-utils.h +++ b/epan/dissectors/packet-ssl-utils.h @@ -770,6 +770,7 @@ typedef struct ssl_common_dissect { gint hs_comp_methods; gint hs_comp_method; gint hs_session_ticket_lifetime_hint; + gint hs_session_ticket_age_add; gint hs_session_ticket_len; gint hs_session_ticket; gint hs_finished; @@ -909,9 +910,9 @@ ssl_dissect_hnd_encrypted_extensions(ssl_common_dissect_t *hf, tvbuff_t *tvb, pa gboolean is_dtls); extern void -ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, - proto_tree *tree, guint32 offset, - SslDecryptSession *ssl, +ssl_dissect_hnd_new_ses_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb, packet_info *pinfo, + proto_tree *tree, guint32 offset, guint32 offset_end, + const SslSession *session, SslDecryptSession *ssl, GHashTable *session_hash); extern void @@ -959,7 +960,7 @@ ssl_common_dissect_t name = { \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ - -1, -1, -1, -1, -1, -1, -1, -1, \ + -1, -1, -1, -1, -1, -1, -1, -1, -1, \ }, \ /* ett */ { \ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \ @@ -1524,6 +1525,12 @@ ssl_common_dissect_t name = { \ FT_UINT32, BASE_DEC, NULL, 0x0, \ "New Session Ticket Lifetime Hint", HFILL } \ }, \ + { & name .hf.hs_session_ticket_age_add, \ + { "Session Ticket Age Add", \ + prefix ".handshake.session_ticket_age_add", \ + FT_UINT32, BASE_DEC, NULL, 0x0, \ + "Random 32-bit value to obscure age of ticket", HFILL } \ + }, \ { & name .hf.hs_session_ticket_len, \ { "Session Ticket Length", prefix ".handshake.session_ticket_length", \ FT_UINT16, BASE_DEC, NULL, 0x0, \ |