diff options
author | Jeff Morriss <jeff.morriss@ulticom.com> | 2012-06-13 14:56:33 +0000 |
---|---|---|
committer | Jeff Morriss <jeff.morriss@ulticom.com> | 2012-06-13 14:56:33 +0000 |
commit | f00c8309afb03a2ef8f0d31870d3610bf6d9891c (patch) | |
tree | 55dc1495724930d2d45e7aff96bad5d15049b49b /epan/dissectors | |
parent | a519001f02e2ae495d17ada91aa1d851644e1b30 (diff) |
From Michael Mann via https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3317
Add SSL/TLS support to the POP dissector (functionality copied from the
SMTP dissector).
svn path=/trunk/; revision=43230
Diffstat (limited to 'epan/dissectors')
-rw-r--r-- | epan/dissectors/packet-pop.c | 77 |
1 files changed, 57 insertions, 20 deletions
diff --git a/epan/dissectors/packet-pop.c b/epan/dissectors/packet-pop.c index 22897e1efb..0f7e832e66 100644 --- a/epan/dissectors/packet-pop.c +++ b/epan/dissectors/packet-pop.c @@ -72,9 +72,10 @@ static gint ett_pop_data_fragments = -1; static dissector_handle_t data_handle; static dissector_handle_t imf_handle = NULL; +static dissector_handle_t ssl_handle = NULL; -#define TCP_PORT_POP 110 -#define TCP_PORT_SSL_POP 995 +#define TCP_PORT_POP 110 +#define TCP_PORT_SSL_POP 995 /* desegmentation of POP command and response lines */ static gboolean pop_data_desegment = TRUE; @@ -112,6 +113,8 @@ struct pop_data_val { gboolean msg_request; guint32 msg_read_len; /* Length of RETR message read so far */ guint32 msg_tot_len; /* Total length of RETR message */ + gboolean stls_request; /* Received STLS request */ + guint32 last_nontls_frame; /* last non-TLS frame; 0 if not known or no TLS */ }; @@ -140,24 +143,6 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) col_set_str(pinfo->cinfo, COL_PROTOCOL, "POP"); - /* - * Find the end of the first line. - * - * Note that "tvb_find_line_end()" will return a value that is - * not longer than what's in the buffer, so the "tvb_get_ptr()" - * call won't throw an exception. - */ - linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE); - line = tvb_get_ptr(tvb, offset, linelen); - - if (pinfo->match_uint == pinfo->destport) { - is_request = TRUE; - is_continuation = FALSE; - } else { - is_request = FALSE; - is_continuation = response_is_continuation(line); - } - frame_data_p = p_get_proto_data(pinfo->fd, proto_pop); if (!frame_data_p) { @@ -177,6 +162,44 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) } } + /* Are we doing TLS? */ + if (data_val->last_nontls_frame != 0 && pinfo->fd->num > data_val->last_nontls_frame) { + guint16 save_can_desegment; + guint32 save_last_nontls_frame; + + /* This is TLS, not raw POP/IMF. TLS can desegment */ + save_can_desegment = pinfo->can_desegment; + pinfo->can_desegment = pinfo->saved_can_desegment; + + /* Make sure the SSL dissector will not be called again after decryption */ + save_last_nontls_frame = data_val->last_nontls_frame; + data_val->last_nontls_frame = 0; + + call_dissector(ssl_handle, tvb, pinfo, tree); + + pinfo->can_desegment = save_can_desegment; + data_val->last_nontls_frame = save_last_nontls_frame; + return; + } + + /* + * Find the end of the first line. + * + * Note that "tvb_find_line_end()" will return a value that is + * not longer than what's in the buffer, so the "tvb_get_ptr()" + * call won't throw an exception. + */ + linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE); + line = tvb_get_ptr(tvb, offset, linelen); + + if (pinfo->match_uint == pinfo->destport) { + is_request = TRUE; + is_continuation = FALSE; + } else { + is_request = FALSE; + is_continuation = response_is_continuation(line); + } + if (check_col(pinfo->cinfo, COL_INFO)) { /* * Put the first line from the buffer into the summary @@ -284,6 +307,10 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) g_ascii_strncasecmp(line, "TOP", 3) == 0) /* the next response will tell us how many bytes */ data_val->msg_request = TRUE; + + if (g_ascii_strncasecmp(line, "STLS", 4) == 0) { + data_val->stls_request = TRUE; + } } else { if (data_val->msg_request) { /* this is a response to a RETR or TOP command */ @@ -295,6 +322,14 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) } data_val->msg_request = FALSE; } + + if (data_val->stls_request) { + if (g_ascii_strncasecmp(line, "+OK ", 4) == 0) { + /* This is the last non-TLS frame. */ + data_val->last_nontls_frame = pinfo->fd->num; + } + data_val->stls_request = FALSE; + } } } @@ -462,4 +497,6 @@ proto_reg_handoff_pop(void) /* find the IMF dissector */ imf_handle = find_dissector("imf"); + /* find the SSL dissector */ + ssl_handle = find_dissector("ssl"); } |