diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2014-04-26 10:45:41 +0200 |
---|---|---|
committer | Alexis La Goutte <alexis.lagoutte@gmail.com> | 2014-05-30 17:54:55 +0000 |
commit | 584b81372b70f3fbb28e35df145215778b0d6663 (patch) | |
tree | 026be0210aa06fd3f726439e655e3ae113cfa3e0 /epan/dissectors/packet-ssl.c | |
parent | 419ea28960b54ceade6216b4b9b302b6d4de1e70 (diff) |
ssl-utils: dissect the certificate type TLS extension
This analyses the certificate type extensions and then stores the
certificate type in the ssl session. This way we can later show the
certificate in the correct from.
This is described in this draft:
https://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11
Change-Id: Ifdda165807bc29f1fc138da000a9a538ecd18b6e
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-on: https://code.wireshark.org/review/1371
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Diffstat (limited to 'epan/dissectors/packet-ssl.c')
-rw-r--r-- | epan/dissectors/packet-ssl.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 41f5b51527..0485aabec3 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -515,7 +515,7 @@ static void dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, static void dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, guint32 record_length, - const SslSession *session, + SslSession *session, SslDecryptSession *conv_data, const guint8 content_type); /* heartbeat message dissector */ @@ -527,11 +527,13 @@ static void dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, static void dissect_ssl3_hnd_cli_hello(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, guint32 length, + SslSession *session, SslDecryptSession *ssl); static void dissect_ssl3_hnd_srv_hello(tvbuff_t *tvb, proto_tree *tree, guint32 offset, guint32 length, + SslSession *session, SslDecryptSession *ssl); static void dissect_ssl3_hnd_new_ses_ticket(tvbuff_t *tvb, @@ -1890,7 +1892,7 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, static void dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, - guint32 record_length, const SslSession *session, + guint32 record_length, SslSession *session, SslDecryptSession *ssl, const guint8 content_type) { /* struct { @@ -2029,11 +2031,11 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, break; case SSL_HND_CLIENT_HELLO: - dissect_ssl3_hnd_cli_hello(tvb, pinfo, ssl_hand_tree, offset, length, ssl); + dissect_ssl3_hnd_cli_hello(tvb, pinfo, ssl_hand_tree, offset, length, session, ssl); break; case SSL_HND_SERVER_HELLO: - dissect_ssl3_hnd_srv_hello(tvb, ssl_hand_tree, offset, length, ssl); + dissect_ssl3_hnd_srv_hello(tvb, ssl_hand_tree, offset, length, session, ssl); break; case SSL_HND_NEWSESSION_TICKET: @@ -2326,7 +2328,7 @@ dissect_ssl3_hnd_hello_common(tvbuff_t *tvb, proto_tree *tree, static void dissect_ssl3_hnd_cli_hello(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, guint32 offset, guint32 length, - SslDecryptSession*ssl) + SslSession *session, SslDecryptSession*ssl) { /* struct { * ProtocolVersion client_version; @@ -2446,14 +2448,16 @@ dissect_ssl3_hnd_cli_hello(tvbuff_t *tvb, packet_info *pinfo, if (length > offset - start_offset) { ssl_dissect_hnd_hello_ext(&dissect_ssl3_hf, tvb, tree, offset, - length - (offset - start_offset), TRUE, ssl); + length - (offset - start_offset), TRUE, + session, ssl); } } } static void dissect_ssl3_hnd_srv_hello(tvbuff_t *tvb, - proto_tree *tree, guint32 offset, guint32 length, SslDecryptSession *ssl) + proto_tree *tree, guint32 offset, guint32 length, + SslSession *session, SslDecryptSession *ssl) { /* struct { * ProtocolVersion server_version; @@ -2521,7 +2525,8 @@ no_cipher: if (length > offset - start_offset) { ssl_dissect_hnd_hello_ext(&dissect_ssl3_hf, tvb, tree, offset, - length - (offset - start_offset), FALSE, ssl); + length - (offset - start_offset), FALSE, + session, ssl); } } } |