TCP desegmentation support in SSL, from Scott Renfro.

git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4476 f5534014-38df-0310-8fa8-9805f1628bb7
author: guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> 2002-01-04 07:01:54 +0000
committer: guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> 2002-01-04 07:01:54 +0000
commit: 10029b43b040f79e3d06017f422c984ce208872f (patch)
tree: 28bb19ace6ccd4e882dda473be75a1f36fc81cc9 /packet-ssl.c
parent: 58f54094892954ef0982963426b16823106d8997 (diff)
1 files changed, 53 insertions, 5 deletions
diff --git a/packet-ssl.c b/packet-ssl.c
index f320af04b7..3f3271297c 100644
--- a/packet-ssl.c
+++ b/packet-ssl.c
@@ -2,7 +2,7 @@
  * Routines for ssl dissection
  * Copyright (c) 2000-2001, Scott Renfro <scott@renfro.org>
  *
- * $Id: packet-ssl.c,v 1.11 2001/12/10 00:25:36 guy Exp $
+ * $Id: packet-ssl.c,v 1.12 2002/01/04 07:01:54 guy Exp $
  *
  * Ethereal - Network traffic analyzer
  * By Gerald Combs <gerald@ethereal.com>
@@ -67,6 +67,10 @@
 #endif
 
 #include "conversation.h"
+#include "prefs.h"
+
+static gboolean ssl_desegment = TRUE;
+
 
 /*********************************************************************
  *
@@ -670,6 +674,10 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree)
             break;
         }
 
+        /* Desegmentation return check */
+        if (pinfo->desegment_len > 0)
+          return;
+
         /* If we haven't already set the version information for
          * this conversation, do so. */
         if (conv_data == NULL)
@@ -720,6 +728,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo,
     guint8 next_byte;
     proto_tree *ti              = NULL;
     proto_tree *ssl_record_tree = NULL;
+    guint32 available_bytes     = 0;
 
     /*
      * Get the record layer fields of interest
@@ -728,11 +737,26 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo,
     version       = tvb_get_ntohs(tvb, offset + 1);
     record_length = tvb_get_ntohs(tvb, offset + 3);
 
+    if (ssl_is_valid_content_type(content_type)) {
+
+        /*
+         *   Desegmentation test
+         */
+        available_bytes = tvb_length_remaining(tvb, offset + 5);
+        if (ssl_desegment
+            && pinfo->can_desegment
+            && available_bytes < record_length) {
+
+            pinfo->desegment_offset = offset;
+            pinfo->desegment_len    = record_length - available_bytes;
+            return offset;
+        }
+      
+    } else {
+      
     /* if we don't have a valid content_type, there's no sense
      * continuing any further
      */
-    if (!ssl_is_valid_content_type(content_type))
-    {
         if (check_col(pinfo->cinfo, COL_INFO))
             col_append_str(pinfo->cinfo, COL_INFO, "Continuation Data");
 
@@ -745,6 +769,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo,
         return offset + 5 + record_length;
     }
 
+
     /*
      * If GUI, fill in record layer part of tree
      */
@@ -1509,11 +1534,12 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree
     guint32 initial_offset       = offset;
     guint8  byte                 = 0;
     guint8  record_length_length = 0;
-    gint32  record_length        = -1;
+    guint32 record_length        = 0;
     gint    is_escape            = -1;
     gint16  padding_length       = -1;
     guint8  msg_type             = 0;
     gchar   *msg_type_str        = NULL;
+    guint32 available_bytes      = 0;
 
     proto_tree *ti;
     proto_tree *ssl_record_tree = NULL;
@@ -1550,6 +1576,19 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree
         padding_length = byte;
     }
 
+    /*
+     *   Desegmentation test
+     */
+    available_bytes = tvb_length_remaining(tvb, offset);
+    if (ssl_desegment
+        && pinfo->can_desegment
+        && available_bytes < record_length) {
+
+        pinfo->desegment_offset = offset;
+        pinfo->desegment_len    = record_length - available_bytes;
+        return offset;
+    }
+
     /* add the record layer subtree header */
     ti = proto_tree_add_item(tree, hf_ssl2_record, tvb, initial_offset,
                              record_length_length + record_length, 0);
@@ -1602,7 +1641,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree
      * tree by adding the length, is_escape boolean and padding_length,
      * if present in the original packet
      */
-    if (ssl_record_tree && record_length != -1)
+    if (ssl_record_tree)
     {
         /* add the record length */
         ti = proto_tree_add_uint (ssl_record_tree,
@@ -2529,6 +2568,15 @@ proto_register_ssl(void)
      * subtrees used */
     proto_register_field_array(proto_ssl, hf, array_length(hf));
     proto_register_subtree_array(ett, array_length(ett));
+
+    {
+      module_t *ssl_module = prefs_register_protocol(proto_ssl, NULL);
+      prefs_register_bool_preference(ssl_module,
+                                     "desegment_ssl_records",
+                                     "Desegment SSL records",
+                                     "When enabled, SSL records that span multiple TCP segments are desegmented",
+                                     &ssl_desegment);
+    }
 }
 
 /* If this dissector uses sub-dissector registration add a registration
author	guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7>	2002-01-04 07:01:54 +0000
committer	guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7>	2002-01-04 07:01:54 +0000
commit	10029b43b040f79e3d06017f422c984ce208872f (patch)
tree	28bb19ace6ccd4e882dda473be75a1f36fc81cc9 /packet-ssl.c
parent	58f54094892954ef0982963426b16823106d8997 (diff)