diff options
Diffstat (limited to 'epan/dissectors')
31 files changed, 378 insertions, 377 deletions
diff --git a/epan/dissectors/asn1/credssp/packet-credssp-template.c b/epan/dissectors/asn1/credssp/packet-credssp-template.c index 020800583a..aef949af62 100644 --- a/epan/dissectors/asn1/credssp/packet-credssp-template.c +++ b/epan/dissectors/asn1/credssp/packet-credssp-template.c @@ -158,7 +158,7 @@ void proto_register_credssp(void) { /*--- proto_reg_handoff_credssp --- */ void proto_reg_handoff_credssp(void) { - heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE); exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); } diff --git a/epan/dissectors/asn1/ldap/ldap.cnf b/epan/dissectors/asn1/ldap/ldap.cnf index 2e9c94d100..624c311208 100644 --- a/epan/dissectors/asn1/ldap/ldap.cnf +++ b/epan/dissectors/asn1/ldap/ldap.cnf @@ -441,7 +441,7 @@ ldap_conv_info_t *ldap_info; if (ldap_info && ldap_info->start_tls_pending && hf_index == hf_ldap_extendedResponse_resultCode && resultCode == 0) { /* The conversation will continue using SSL */ - ssl_starttls_ack(find_dissector("ssl"), actx->pinfo, ldap_handle); + ssl_starttls_ack(find_dissector("tls"), actx->pinfo, ldap_handle); ldap_info->start_tls_pending = FALSE; } diff --git a/epan/dissectors/asn1/ldap/packet-ldap-template.c b/epan/dissectors/asn1/ldap/packet-ldap-template.c index 9b9b9afdcf..b86be9913e 100644 --- a/epan/dissectors/asn1/ldap/packet-ldap-template.c +++ b/epan/dissectors/asn1/ldap/packet-ldap-template.c @@ -217,7 +217,7 @@ static dissector_handle_t gssapi_handle; static dissector_handle_t gssapi_wrap_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t spnego_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t ldap_handle ; static void prefs_register_ldap(void); /* forward declaration for use in preferences registration */ @@ -2205,8 +2205,8 @@ void proto_register_ldap(void) { " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &ldap_desegment); - prefs_register_uint_preference(ldap_module, "ssl.port", "LDAPS TCP Port", - "Set the port for LDAP operations over SSL", + prefs_register_uint_preference(ldap_module, "tls.port", "LDAPS TCP Port", + "Set the port for LDAP operations over TLS", 10, &global_ldaps_tcp_port); /* UAT */ attributes_uat = uat_new("Custom LDAP AttributeValue types", @@ -2260,7 +2260,7 @@ proto_reg_handoff_ldap(void) ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_ldap); - ssl_handle = find_dissector_add_dependency("ssl", proto_ldap); + tls_handle = find_dissector_add_dependency("tls", proto_ldap); prefs_register_ldap(); diff --git a/epan/dissectors/packet-aim.c b/epan/dissectors/packet-aim.c index 0037eada62..60dd3a396a 100644 --- a/epan/dissectors/packet-aim.c +++ b/epan/dissectors/packet-aim.c @@ -4548,7 +4548,7 @@ proto_reg_handoff_aim(void) ssl_dissector_add(0, aim_handle); /* Heuristics disabled by default, it is really weak... */ - heur_dissector_add("ssl", dissect_aim_ssl_heur, "AIM over SSL", "aim_ssl", proto_aim, HEURISTIC_DISABLE); + heur_dissector_add("tls", dissect_aim_ssl_heur, "AIM over TLS", "aim_tls", proto_aim, HEURISTIC_DISABLE); aim_init_family(proto_aim_admin, ett_aim_admin, FAMILY_ADMIN, aim_fnac_family_admin); diff --git a/epan/dissectors/packet-amqp.c b/epan/dissectors/packet-amqp.c index a627da165c..0fc075c06b 100644 --- a/epan/dissectors/packet-amqp.c +++ b/epan/dissectors/packet-amqp.c @@ -44,7 +44,7 @@ void proto_reg_handoff_amqp(void); /* Generic data */ #define AMQP_PORT 5672 -static guint amqps_port = 5671; /* AMQP over TLS/SSL */ +static guint amqps_port = 5671; /* AMQP over SSL/TLS */ /* * This dissector handles AMQP 0-9, 0-10 and 1.0. The conversation structure @@ -13404,9 +13404,9 @@ proto_register_amqp(void) amqp_module = prefs_register_protocol(proto_amqp, proto_reg_handoff_amqp); - prefs_register_uint_preference(amqp_module, "ssl.port", + prefs_register_uint_preference(amqp_module, "tls.port", "AMQPS listening TCP Port", - "Set the TCP port for AMQP over TLS/SSL" + "Set the TCP port for AMQP over SSL/TLS" "(if other than the default of 5671)", 10, &amqps_port); @@ -13430,7 +13430,7 @@ proto_reg_handoff_amqp(void) initialize = TRUE; } - /* Register for TLS/SSL payload dissection */ + /* Register for SSL/TLS payload dissection */ if (old_amqps_port != amqps_port) { if (old_amqps_port != 0) ssl_dissector_delete(old_amqps_port, amqp_tcp_handle); diff --git a/epan/dissectors/packet-couchbase.c b/epan/dissectors/packet-couchbase.c index 836e2ab873..ca2673d7dc 100644 --- a/epan/dissectors/packet-couchbase.c +++ b/epan/dissectors/packet-couchbase.c @@ -2584,8 +2584,8 @@ proto_register_couchbase(void) " to reassemble TCP streams\" in the TCP protocol settings.", &couchbase_desegment_body); - prefs_register_uint_preference(couchbase_module, "ssl_port", "SSL/TLS Data Port", - "The port used for communicating with the data service via ssl/tls", + prefs_register_uint_preference(couchbase_module, "tls_port", "SSL/TLS Data Port", + "The port used for communicating with the data service via SSL/TLS", 10, &couchbase_ssl_port_pref); diff --git a/epan/dissectors/packet-credssp.c b/epan/dissectors/packet-credssp.c index d4bc3abaad..83a6e6d951 100644 --- a/epan/dissectors/packet-credssp.c +++ b/epan/dissectors/packet-credssp.c @@ -534,7 +534,7 @@ void proto_register_credssp(void) { /*--- proto_reg_handoff_credssp --- */ void proto_reg_handoff_credssp(void) { - heur_dissector_add("ssl", dissect_credssp_heur, "CredSSP over SSL", "credssp_ssl", proto_credssp, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_credssp_heur, "CredSSP over TLS", "credssp_tls", proto_credssp, HEURISTIC_ENABLE); exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); } diff --git a/epan/dissectors/packet-dtls.c b/epan/dissectors/packet-dtls.c index 1449f65574..c53ab64569 100644 --- a/epan/dissectors/packet-dtls.c +++ b/epan/dissectors/packet-dtls.c @@ -17,7 +17,7 @@ * Notes : * This dissector is based on the TLS dissector (packet-ssl.c); Because of the similarity * of DTLS and TLS, decryption works like TLS with RSA key exchange. - * This dissector uses the sames things (file, libraries) as the SSL dissector (gnutls, packet-ssl-utils.h) + * This dissector uses the sames things (file, libraries) as the TLS dissector (gnutls, packet-ssl-utils.h) * to make it easily maintainable. * * It was developed to dissect and decrypt the OpenSSL v 0.9.8f DTLS implementation. diff --git a/epan/dissectors/packet-eap.c b/epan/dissectors/packet-eap.c index b1f10b8150..046276e585 100644 --- a/epan/dissectors/packet-eap.c +++ b/epan/dissectors/packet-eap.c @@ -97,7 +97,7 @@ static expert_field ei_eap_dictionary_attacks = EI_INIT; static dissector_handle_t eap_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; const value_string eap_code_vals[] = { { EAP_REQUEST, "Request" }, @@ -1144,7 +1144,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) show_fragment_seq_tree(fd_head, &eap_tls_frag_items, eap_tree, pinfo, next_tvb, &frag_tree_item); - call_dissector(ssl_handle, next_tvb, pinfo, eap_tree); + call_dissector(tls_handle, next_tvb, pinfo, eap_tree); /* * We're finished reassembing this frame. @@ -1158,7 +1158,7 @@ dissect_eap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) } else { /* this data is NOT fragmented */ next_tvb = tvb_new_subset_length_caplen(tvb, offset, tvb_len, size); - call_dissector(ssl_handle, next_tvb, pinfo, eap_tree); + call_dissector(tls_handle, next_tvb, pinfo, eap_tree); } } } @@ -1687,7 +1687,7 @@ proto_reg_handoff_eap(void) /* * Get a handle for the SSL/TLS dissector. */ - ssl_handle = find_dissector_add_dependency("ssl", proto_eap); + tls_handle = find_dissector_add_dependency("tls", proto_eap); dissector_add_uint("ppp.protocol", PPP_EAP, eap_handle); dissector_add_uint("eapol.type", EAPOL_EAP, eap_handle); diff --git a/epan/dissectors/packet-fix.c b/epan/dissectors/packet-fix.c index a413f0c653..7b56b0c5ff 100644 --- a/epan/dissectors/packet-fix.c +++ b/epan/dissectors/packet-fix.c @@ -538,7 +538,7 @@ proto_reg_handoff_fix(void) { /* Let the tcp dissector know that we're interested in traffic */ heur_dissector_add("tcp", dissect_fix_heur, "FIX over TCP", "fix_tcp", proto_fix, HEURISTIC_ENABLE); - heur_dissector_add("ssl", dissect_fix_heur_ssl, "FIX over SSL", "fix_ssl", proto_fix, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_fix_heur_ssl, "FIX over TLS", "fix_tls", proto_fix, HEURISTIC_ENABLE); dissector_add_uint_range_with_preference("tcp.port", "", fix_handle); } diff --git a/epan/dissectors/packet-http.c b/epan/dissectors/packet-http.c index 4b80bf5c92..c61488ba44 100644 --- a/epan/dissectors/packet-http.c +++ b/epan/dissectors/packet-http.c @@ -141,7 +141,7 @@ static expert_field ei_http_bad_header_name = EI_INIT; static dissector_handle_t http_handle; static dissector_handle_t http_tcp_handle; -static dissector_handle_t http_ssl_handle; +static dissector_handle_t http_tls_handle; static dissector_handle_t http_sctp_handle; static dissector_handle_t media_handle; @@ -3634,12 +3634,12 @@ dissect_ssdp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ static void range_delete_http_ssl_callback(guint32 port, gpointer ptr _U_) { - ssl_dissector_delete(port, http_ssl_handle); + ssl_dissector_delete(port, http_tls_handle); } static void range_add_http_ssl_callback(guint32 port, gpointer ptr _U_) { - ssl_dissector_add(port, http_ssl_handle); + ssl_dissector_add(port, http_tls_handle); } static void reinit_http(void) { @@ -3974,7 +3974,7 @@ proto_register_http(void) http_handle = register_dissector("http", dissect_http, proto_http); http_tcp_handle = register_dissector("http-over-tcp", dissect_http_tcp, proto_http); - http_ssl_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */ + http_tls_handle = register_dissector("http-over-tls", dissect_http_ssl, proto_http); /* RFC 2818 */ http_sctp_handle = register_dissector("http-over-sctp", dissect_http_sctp, proto_http); http_module = prefs_register_protocol(proto_http, reinit_http); @@ -4014,7 +4014,7 @@ proto_register_http(void) &global_http_sctp_range, 65535); range_convert_str(wmem_epan_scope(), &global_http_ssl_range, SSL_DEFAULT_RANGE, 65535); - prefs_register_range_preference(http_module, "ssl.port", "SSL/TLS Ports", + prefs_register_range_preference(http_module, "tls.port", "SSL/TLS Ports", "SSL/TLS Ports range", &global_http_ssl_range, 65535); /* UAT */ @@ -4148,7 +4148,7 @@ proto_reg_handoff_http(void) * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol * ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "http/1.1", http_ssl_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "http/1.1", http_tls_handle); ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_http); gssapi_handle = find_dissector_add_dependency("gssapi", proto_http); diff --git a/epan/dissectors/packet-http2.c b/epan/dissectors/packet-http2.c index 77683d5bdd..30ca095d28 100644 --- a/epan/dissectors/packet-http2.c +++ b/epan/dissectors/packet-http2.c @@ -3349,11 +3349,11 @@ proto_reg_handoff_http2(void) /* * SSL/TLS Application-Layer Protocol Negotiation (ALPN) protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "h2", http2_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "h2", http2_handle); dissector_add_string("http.upgrade", "h2", http2_handle); dissector_add_string("http.upgrade", "h2c", http2_handle); - heur_dissector_add("ssl", dissect_http2_heur_ssl, "HTTP2 over SSL", "http2_ssl", proto_http2, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_http2_heur_ssl, "HTTP2 over TLS", "http2_tls", proto_http2, HEURISTIC_ENABLE); heur_dissector_add("http", dissect_http2_heur, "HTTP2 over TCP", "http2_tcp", proto_http2, HEURISTIC_ENABLE); stats_tree_register("http2", "http2", "HTTP2", 0, http2_stats_tree_packet, http2_stats_tree_init, NULL); diff --git a/epan/dissectors/packet-imap.c b/epan/dissectors/packet-imap.c index 1151472a98..e037d7dc7a 100644 --- a/epan/dissectors/packet-imap.c +++ b/epan/dissectors/packet-imap.c @@ -38,7 +38,7 @@ static gint ett_imap = -1; static gint ett_imap_reqresp = -1; static dissector_handle_t imap_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static gboolean imap_ssl_heuristic = TRUE; @@ -133,9 +133,9 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->ssl_heur_tries_left > 0) { session_state->ssl_heur_tries_left--; if (!check_imap_heur(tvb)) { - ssl_starttls_post_ack(ssl_handle, pinfo, imap_handle); + ssl_starttls_post_ack(tls_handle, pinfo, imap_handle); session_state->ssl_heur_tries_left = 0; - return call_dissector(ssl_handle, tvb, pinfo, tree); + return call_dissector(tls_handle, tvb, pinfo, tree); } } @@ -304,7 +304,7 @@ dissect_imap(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->ssl_requested) { if (!is_request && strncmp(tokenbuf, "ok", tokenlen) == 0) { /* STARTTLS accepted, next reply will be TLS. */ - ssl_starttls_ack(ssl_handle, pinfo, imap_handle); + ssl_starttls_ack(tls_handle, pinfo, imap_handle); if (session_state->ssl_heur_tries_left > 0) { session_state->ssl_heur_tries_left = 0; } @@ -417,7 +417,7 @@ proto_reg_handoff_imap(void) { dissector_add_uint_with_preference("tcp.port", TCP_PORT_IMAP, imap_handle); ssl_dissector_add(TCP_PORT_SSL_IMAP, imap_handle); - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); } /* * Editor modelines - http://www.wireshark.org/tools/modelines.html diff --git a/epan/dissectors/packet-jxta.c b/epan/dissectors/packet-jxta.c index f86949f73e..afeeb6fd98 100644 --- a/epan/dissectors/packet-jxta.c +++ b/epan/dissectors/packet-jxta.c @@ -65,7 +65,7 @@ static int jxta_tap = -1; static dissector_table_t media_type_dissector_table = NULL; static dissector_handle_t media_handle = NULL; static dissector_handle_t stream_jxta_handle = NULL; -static dissector_handle_t ssl_handle = NULL; +static dissector_handle_t tls_handle = NULL; static int hf_uri_addr = -1; static int hf_uri_src = -1; @@ -2032,9 +2032,9 @@ static int dissect_media( const gchar* fullmediatype, tvbuff_t * tvb, packet_inf ascii_strdown_inplace(mediatype); if (0 == strcmp("application/x-jxta-tls-block", mediatype)) { - /* If we recognize it as a TLS packet then we shuffle it off to ssl dissector. */ - if (NULL != ssl_handle) { - dissected = call_dissector(ssl_handle, tvb, pinfo, tree); + /* If we recognize it as a TLS packet then we shuffle it off to tls dissector. */ + if (NULL != tls_handle) { + dissected = call_dissector(tls_handle, tvb, pinfo, tree); } } else if (0 == strcmp("application/gzip", mediatype)) { tvbuff_t *uncomp_tvb = tvb_child_uncompress(tvb, tvb, 0, tvb_captured_length(tvb)); @@ -2383,7 +2383,7 @@ void proto_reg_handoff_jxta(void) message_jxta_handle = create_dissector_handle(dissect_jxta_message, proto_message_jxta); media_type_dissector_table = find_dissector_table("media_type"); - ssl_handle = find_dissector_add_dependency("ssl", proto_jxta); + tls_handle = find_dissector_add_dependency("tls", proto_jxta); media_handle = find_dissector_add_dependency("media", proto_jxta); diff --git a/epan/dissectors/packet-ldap.c b/epan/dissectors/packet-ldap.c index 921f358435..6734b1fb0f 100644 --- a/epan/dissectors/packet-ldap.c +++ b/epan/dissectors/packet-ldap.c @@ -431,7 +431,7 @@ static dissector_handle_t gssapi_handle; static dissector_handle_t gssapi_wrap_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t spnego_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t ldap_handle ; static void prefs_register_ldap(void); /* forward declaration for use in preferences registration */ @@ -3024,7 +3024,7 @@ dissect_ldap_ExtendedResponse_resultCode(gboolean implicit_tag _U_, tvbuff_t *tv if (ldap_info && ldap_info->start_tls_pending && hf_index == hf_ldap_extendedResponse_resultCode && resultCode == 0) { /* The conversation will continue using SSL */ - ssl_starttls_ack(find_dissector("ssl"), actx->pinfo, ldap_handle); + ssl_starttls_ack(find_dissector("tls"), actx->pinfo, ldap_handle); ldap_info->start_tls_pending = FALSE; } @@ -5752,8 +5752,8 @@ void proto_register_ldap(void) { " To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", &ldap_desegment); - prefs_register_uint_preference(ldap_module, "ssl.port", "LDAPS TCP Port", - "Set the port for LDAP operations over SSL", + prefs_register_uint_preference(ldap_module, "tls.port", "LDAPS TCP Port", + "Set the port for LDAP operations over TLS", 10, &global_ldaps_tcp_port); /* UAT */ attributes_uat = uat_new("Custom LDAP AttributeValue types", @@ -5807,7 +5807,7 @@ proto_reg_handoff_ldap(void) ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_ldap); - ssl_handle = find_dissector_add_dependency("ssl", proto_ldap); + tls_handle = find_dissector_add_dependency("tls", proto_ldap); prefs_register_ldap(); diff --git a/epan/dissectors/packet-mq.c b/epan/dissectors/packet-mq.c index 4aa45105e4..4eca6f3f57 100644 --- a/epan/dissectors/packet-mq.c +++ b/epan/dissectors/packet-mq.c @@ -4536,7 +4536,7 @@ void proto_reg_handoff_mq(void) heur_dissector_add("tcp", dissect_mq_heur_tcp, "WebSphere MQ over TCP", "mq_tcp", proto_mq, HEURISTIC_ENABLE); heur_dissector_add("netbios", dissect_mq_heur_nontcp, "WebSphere MQ over Netbios", "mq_netbios", proto_mq, HEURISTIC_ENABLE); heur_dissector_add("http", dissect_mq_heur_nontcp, "WebSphere MQ over HTTP", "mq_http", proto_mq, HEURISTIC_ENABLE); - heur_dissector_add("ssl", dissect_mq_heur_ssl, "WebSphere MQ over SSL", "mq_ssl", proto_mq, HEURISTIC_ENABLE); + heur_dissector_add("tls", dissect_mq_heur_ssl, "WebSphere MQ over TLS", "mq_tls", proto_mq, HEURISTIC_ENABLE); dissector_add_uint("spx.socket", MQ_SOCKET_SPX, mq_spx_handle); mqpcf_handle = find_dissector("mqpcf"); } diff --git a/epan/dissectors/packet-mysql.c b/epan/dissectors/packet-mysql.c index 3f99689686..cee1323ef9 100644 --- a/epan/dissectors/packet-mysql.c +++ b/epan/dissectors/packet-mysql.c @@ -640,7 +640,7 @@ static int hf_mysql_compressed_packet_length_uncompressed = -1; static int hf_mysql_compressed_packet_number = -1; static dissector_handle_t mysql_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static expert_field ei_mysql_eof = EI_INIT; static expert_field ei_mysql_dissector_incomplete = EI_INIT; @@ -1042,7 +1042,7 @@ mysql_dissect_login(tvbuff_t *tvb, packet_info *pinfo, int offset, { col_set_str(pinfo->cinfo, COL_INFO, "Response: SSL Handshake"); conn_data->frame_start_ssl = pinfo->num; - ssl_starttls_ack(ssl_handle, pinfo, mysql_handle); + ssl_starttls_ack(tls_handle, pinfo, mysql_handle); } if (conn_data->clnt_caps & MYSQL_CAPS_CU) /* 4.1 protocol */ { @@ -2334,7 +2334,7 @@ dissect_mysql_pdu(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* dat } #endif - is_ssl = proto_is_frame_protocol(pinfo->layers, "ssl"); + is_ssl = proto_is_frame_protocol(pinfo->layers, "tls"); if (is_response) { if (packet_number == 0 && mysql_frame_data_p->state == UNDEFINED) { @@ -3322,7 +3322,7 @@ void proto_register_mysql(void) /* dissector registration */ void proto_reg_handoff_mysql(void) { - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); dissector_add_uint_with_preference("tcp.port", TCP_PORT_MySQL, mysql_handle); } diff --git a/epan/dissectors/packet-opa-fe.c b/epan/dissectors/packet-opa-fe.c index a5a8056132..10c1cb131e 100644 --- a/epan/dissectors/packet-opa-fe.c +++ b/epan/dissectors/packet-opa-fe.c @@ -139,7 +139,7 @@ void proto_register_opa_fe(void) opa_fe_module = prefs_register_protocol(proto_opa_fe, proto_reg_handoff_opa_fe); range_convert_str(wmem_epan_scope(), &global_fe_ssl_range, OPA_FE_SSL_RANGE, 65535); - prefs_register_range_preference(opa_fe_module, "ssl.port", "SSL/TLS Ports", + prefs_register_range_preference(opa_fe_module, "tls.port", "SSL/TLS Ports", "SSL/TLS Ports range", &global_fe_ssl_range, 65535); } diff --git a/epan/dissectors/packet-openvpn.c b/epan/dissectors/packet-openvpn.c index 5d579d4178..daa2cd26de 100644 --- a/epan/dissectors/packet-openvpn.c +++ b/epan/dissectors/packet-openvpn.c @@ -72,7 +72,7 @@ static gint proto_openvpn = -1; static dissector_handle_t openvpn_udp_handle; static dissector_handle_t openvpn_tcp_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* Preferences */ static gboolean pref_long_format = TRUE; @@ -356,7 +356,7 @@ dissect_openvpn_msg_common(tvbuff_t *tvb, packet_info *pinfo, proto_tree *openvp if (new_tvb) { /* call SSL/TLS dissector if we just processed the last fragment */ - call_dissector(ssl_handle, new_tvb, pinfo, parent_tree); + call_dissector(tls_handle, new_tvb, pinfo, parent_tree); } return tvb_captured_length(tvb); @@ -624,7 +624,7 @@ proto_register_openvpn(void) void proto_reg_handoff_openvpn(void) { - ssl_handle = find_dissector_add_dependency("ssl", proto_openvpn); + tls_handle = find_dissector_add_dependency("tls", proto_openvpn); dissector_add_uint_with_preference("tcp.port", OPENVPN_PORT, openvpn_tcp_handle); dissector_add_uint_with_preference("udp.port", OPENVPN_PORT, openvpn_udp_handle); } diff --git a/epan/dissectors/packet-pcp.c b/epan/dissectors/packet-pcp.c index 16773db8fa..41fc83afc3 100644 --- a/epan/dissectors/packet-pcp.c +++ b/epan/dissectors/packet-pcp.c @@ -753,7 +753,7 @@ static int dissect_pcp_message_start(tvbuff_t *tvb, packet_info *pinfo, proto_tr /* Most likely we're in a SSL upgrade if this is the end of the start packet */ if(status == PCP_SECURE_ACK_SUCCESSFUL) { expert_add_info(pinfo, tree, &ei_pcp_ssl_upgrade); - ssl_starttls_ack(find_dissector("ssl"), pinfo, pcp_handle); + ssl_starttls_ack(find_dissector("tls"), pinfo, pcp_handle); } else { expert_add_info(pinfo, tree, &ei_pcp_ssl_upgrade_failed); diff --git a/epan/dissectors/packet-pgsql.c b/epan/dissectors/packet-pgsql.c index 849abd6e15..fc5638bcf0 100644 --- a/epan/dissectors/packet-pgsql.c +++ b/epan/dissectors/packet-pgsql.c @@ -21,7 +21,7 @@ void proto_register_pgsql(void); void proto_reg_handoff_pgsql(void); static dissector_handle_t pgsql_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static int proto_pgsql = -1; static int hf_frontend = -1; @@ -657,7 +657,7 @@ dissect_pgsql(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data) switch (tvb_get_guint8(tvb, 0)) { case 'S': /* Willing to perform SSL */ /* Next packet will start using SSL. */ - ssl_starttls_ack(ssl_handle, pinfo, pgsql_handle); + ssl_starttls_ack(tls_handle, pinfo, pgsql_handle); break; case 'N': /* Unwilling to perform SSL */ default: /* ErrorMessage when server does not support SSL. */ @@ -891,7 +891,7 @@ proto_reg_handoff_pgsql(void) dissector_add_uint_with_preference("tcp.port", PGSQL_PORT, pgsql_handle); - ssl_handle = find_dissector_add_dependency("ssl", proto_pgsql); + tls_handle = find_dissector_add_dependency("tls", proto_pgsql); } /* diff --git a/epan/dissectors/packet-pop.c b/epan/dissectors/packet-pop.c index 469d28f013..b9845204cd 100644 --- a/epan/dissectors/packet-pop.c +++ b/epan/dissectors/packet-pop.c @@ -66,7 +66,7 @@ static gint ett_pop_data_fragments = -1; static dissector_handle_t pop_handle; static dissector_handle_t imf_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; #define TCP_PORT_POP 110 #define TCP_PORT_SSL_POP 995 @@ -293,7 +293,7 @@ dissect_pop(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_) if (data_val->stls_request) { if (g_ascii_strncasecmp(line, "+OK ", 4) == 0) { /* This is the last non-TLS frame. */ - ssl_starttls_ack(ssl_handle, pinfo, pop_handle); + ssl_starttls_ack(tls_handle, pinfo, pop_handle); } data_val->stls_request = FALSE; } @@ -467,8 +467,8 @@ proto_reg_handoff_pop(void) /* find the IMF dissector */ imf_handle = find_dissector_add_dependency("imf", proto_pop); - /* find the SSL dissector */ - ssl_handle = find_dissector_add_dependency("ssl", proto_pop); + /* find the TLS dissector */ + tls_handle = find_dissector_add_dependency("tls", proto_pop); } /* diff --git a/epan/dissectors/packet-quic.c b/epan/dissectors/packet-quic.c index c1c3f8b495..b5bc34c951 100644 --- a/epan/dissectors/packet-quic.c +++ b/epan/dissectors/packet-quic.c @@ -121,7 +121,7 @@ static gint ett_quic_ft = -1; static gint ett_quic_ftflags = -1; static dissector_handle_t quic_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* * PROTECTED PAYLOAD DECRYPTION (done in first pass) @@ -1112,7 +1112,7 @@ dissect_quic_frame_type(tvbuff_t *tvb, packet_info *pinfo, proto_tree *quic_tree proto_item_append_text(ti_stream, " (Cryptographic handshake)"); col_set_writable(pinfo->cinfo, -1, FALSE); next_tvb = tvb_new_subset_length(tvb, offset, (int)length); - call_dissector(ssl_handle, next_tvb, pinfo, ft_tree); + call_dissector(tls_handle, next_tvb, pinfo, ft_tree); col_set_writable(pinfo->cinfo, -1, TRUE); } offset += (int)length; @@ -2550,7 +2550,7 @@ proto_register_quic(void) void proto_reg_handoff_quic(void) { - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); dissector_add_uint_with_preference("udp.port", 0, quic_handle); heur_dissector_add("udp", dissect_quic_heur, "QUIC", "quic", proto_quic, HEURISTIC_ENABLE); } diff --git a/epan/dissectors/packet-smtp.c b/epan/dissectors/packet-smtp.c index 08dc796004..7e6201d2ac 100644 --- a/epan/dissectors/packet-smtp.c +++ b/epan/dissectors/packet-smtp.c @@ -104,7 +104,7 @@ static const fragment_items smtp_data_frag_items = { }; static dissector_handle_t smtp_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; static dissector_handle_t imf_handle; static dissector_handle_t ntlmssp_handle; static dissector_handle_t data_text_lines_handle; @@ -1078,7 +1078,7 @@ dissect_smtp(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data _U_ if (session_state->smtp_state == SMTP_STATE_AWAITING_STARTTLS_RESPONSE) { if (code == 220) { /* This is the last non-TLS frame. */ - ssl_starttls_ack(ssl_handle, pinfo, smtp_handle); + ssl_starttls_ack(tls_handle, pinfo, smtp_handle); } session_state->smtp_state = SMTP_STATE_READING_CMDS; } @@ -1343,8 +1343,8 @@ proto_reg_handoff_smtp(void) /* find the IMF dissector */ imf_handle = find_dissector_add_dependency("imf", proto_smtp); - /* find the SSL dissector */ - ssl_handle = find_dissector_add_dependency("ssl", proto_smtp); + /* find the TLS dissector */ + tls_handle = find_dissector_add_dependency("tls", proto_smtp); /* find the NTLM dissector */ ntlmssp_handle = find_dissector_add_dependency("ntlmssp", proto_smtp); diff --git a/epan/dissectors/packet-spdy.c b/epan/dissectors/packet-spdy.c index c773eff3e5..5ac81aa0b9 100644 --- a/epan/dissectors/packet-spdy.c +++ b/epan/dissectors/packet-spdy.c @@ -1938,7 +1938,7 @@ void proto_register_spdy(void) void proto_reg_handoff_spdy(void) { dissector_add_uint_with_preference("tcp.port", TCP_PORT_SPDY, spdy_handle); - /* Use "0" to avoid overwriting HTTPS port and still offer support over SSL */ + /* Use "0" to avoid overwriting HTTPS port and still offer support over TLS */ ssl_dissector_add(0, spdy_handle); dissector_add_string("http.upgrade", "spdy", spdy_handle); diff --git a/epan/dissectors/packet-ssl-utils.c b/epan/dissectors/packet-ssl-utils.c index 21db213572..870c760547 100644 --- a/epan/dissectors/packet-ssl-utils.c +++ b/epan/dissectors/packet-ssl-utils.c @@ -4364,13 +4364,13 @@ end: /* get ssl data for this session. if no ssl data is found allocate a new one*/ SslDecryptSession * -ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle) +ssl_get_session(conversation_t *conversation, dissector_handle_t tls_handle) { void *conv_data; SslDecryptSession *ssl_session; int proto_ssl; - proto_ssl = dissector_handle_get_protocol_index(ssl_handle); + proto_ssl = dissector_handle_get_protocol_index(tls_handle); conv_data = conversation_get_proto_data(conversation, proto_ssl); if (conv_data != NULL) return (SslDecryptSession *)conv_data; @@ -4452,20 +4452,20 @@ static void ssl_reset_session(SslSession *session, SslDecryptSession *ssl, gbool } static guint32 -ssl_starttls(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle, guint32 last_nontls_frame) { conversation_t *conversation; SslSession *session; - /* Ignore if the SSL dissector is disabled. */ - if (!ssl_handle) + /* Ignore if the TLS dissector is disabled. */ + if (!tls_handle) return 0; /* The caller should always pass a valid handle to its own dissector. */ DISSECTOR_ASSERT(app_handle); conversation = find_or_create_conversation(pinfo); - session = &ssl_get_session(conversation, ssl_handle)->session; + session = &ssl_get_session(conversation, tls_handle)->session; ssl_debug_printf("%s: old frame %d, app_handle=%p (%s)\n", G_STRFUNC, session->last_nontls_frame, @@ -4482,26 +4482,26 @@ ssl_starttls(dissector_handle_t ssl_handle, packet_info *pinfo, } session->app_handle = app_handle; - /* The SSL dissector should be called first for this conversation. */ - conversation_set_dissector(conversation, ssl_handle); - /* SSL starts after this frame. */ + /* The TLS dissector should be called first for this conversation. */ + conversation_set_dissector(conversation, tls_handle); + /* TLS starts after this frame. */ session->last_nontls_frame = last_nontls_frame; return 0; } /* }}} */ /* ssl_starttls_ack: mark future frames as encrypted. {{{ */ guint32 -ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle) { - return ssl_starttls(ssl_handle, pinfo, app_handle, pinfo->num); + return ssl_starttls(tls_handle, pinfo, app_handle, pinfo->num); } guint32 -ssl_starttls_post_ack(dissector_handle_t ssl_handle, packet_info *pinfo, +ssl_starttls_post_ack(dissector_handle_t tls_handle, packet_info *pinfo, dissector_handle_t app_handle) { - return ssl_starttls(ssl_handle, pinfo, app_handle, pinfo->num - 1); + return ssl_starttls(tls_handle, pinfo, app_handle, pinfo->num - 1); } dissector_handle_t diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c index 50c254d3d0..9c58c0f73b 100644 --- a/epan/dissectors/packet-ssl.c +++ b/epan/dissectors/packet-ssl.c @@ -1,5 +1,5 @@ /* packet-ssl.c - * Routines for ssl dissection + * Routines for TLS dissection * Copyright (c) 2000-2001, Scott Renfro <scott@renfro.org> * * Wireshark - Network traffic analyzer @@ -100,14 +100,14 @@ #define HAVE_LIBGCRYPT_CHACHA20_POLY1305 #endif -void proto_register_ssl(void); +void proto_register_tls(void); -static ssldecrypt_assoc_t *sslkeylist_uats = NULL; -static guint nssldecrypt = 0; +static ssldecrypt_assoc_t *tlskeylist_uats = NULL; +static guint ntlsdecrypt = 0; -static gboolean ssl_desegment = TRUE; -static gboolean ssl_desegment_app_data = TRUE; -static gboolean ssl_ignore_mac_failed = FALSE; +static gboolean tls_desegment = TRUE; +static gboolean tls_desegment_app_data = TRUE; +static gboolean tls_ignore_mac_failed = FALSE; /********************************************************************* @@ -117,30 +117,30 @@ static gboolean ssl_ignore_mac_failed = FALSE; *********************************************************************/ /* Initialize the protocol and registered fields */ -static gint ssl_tap = -1; +static gint tls_tap = -1; static gint exported_pdu_tap = -1; -static gint proto_ssl = -1; -static gint hf_ssl_record = -1; -static gint hf_ssl_record_content_type = -1; -static gint hf_ssl_record_opaque_type = -1; -static gint hf_ssl_record_version = -1; -static gint hf_ssl_record_length = -1; -static gint hf_ssl_record_appdata = -1; +static gint proto_tls = -1; +static gint hf_tls_record = -1; +static gint hf_tls_record_content_type = -1; +static gint hf_tls_record_opaque_type = -1; +static gint hf_tls_record_version = -1; +static gint hf_tls_record_length = -1; +static gint hf_tls_record_appdata = -1; static gint hf_ssl2_record = -1; static gint hf_ssl2_record_is_escape = -1; static gint hf_ssl2_record_padding_length = -1; static gint hf_ssl2_msg_type = -1; static gint hf_pct_msg_type = -1; -static gint hf_ssl_alert_message = -1; -static gint hf_ssl_alert_message_level = -1; -static gint hf_ssl_alert_message_description = -1; -static gint hf_ssl_handshake_protocol = -1; -static gint hf_ssl_handshake_type = -1; -static gint hf_ssl_handshake_length = -1; -static gint hf_ssl_handshake_npn_selected_protocol_len = -1; -static gint hf_ssl_handshake_npn_selected_protocol = -1; -static gint hf_ssl_handshake_npn_padding_len = -1; -static gint hf_ssl_handshake_npn_padding = -1; +static gint hf_tls_alert_message = -1; +static gint hf_tls_alert_message_level = -1; +static gint hf_tls_alert_message_description = -1; +static gint hf_tls_handshake_protocol = -1; +static gint hf_tls_handshake_type = -1; +static gint hf_tls_handshake_length = -1; +static gint hf_tls_handshake_npn_selected_protocol_len = -1; +static gint hf_tls_handshake_npn_selected_protocol = -1; +static gint hf_tls_handshake_npn_padding_len = -1; +static gint hf_tls_handshake_npn_padding = -1; static gint hf_ssl2_handshake_cipher_spec_len = -1; static gint hf_ssl2_handshake_session_id_len = -1; static gint hf_ssl2_handshake_challenge_len = -1; @@ -213,40 +213,40 @@ static int hf_ssl_pct_specs_mismatch_client_cert = -1; static int hf_ssl_pct_specs_mismatch_client_sig = -1; static int hf_ssl_pct_error_information_data = -1; -static int hf_ssl_reassembled_in = -1; -static int hf_ssl_reassembled_length = -1; -static int hf_ssl_reassembled_data = -1; -static int hf_ssl_segments = -1; -static int hf_ssl_segment = -1; -static int hf_ssl_segment_overlap = -1; -static int hf_ssl_segment_overlap_conflict = -1; -static int hf_ssl_segment_multiple_tails = -1; -static int hf_ssl_segment_too_long_fragment = -1; -static int hf_ssl_segment_error = -1; -static int hf_ssl_segment_count = -1; -static int hf_ssl_segment_data = -1; - -static gint hf_ssl_heartbeat_message = -1; -static gint hf_ssl_heartbeat_message_type = -1; -static gint hf_ssl_heartbeat_message_payload_length = -1; -static gint hf_ssl_heartbeat_message_payload = -1; -static gint hf_ssl_heartbeat_message_padding = -1; +static int hf_tls_reassembled_in = -1; +static int hf_tls_reassembled_length = -1; +static int hf_tls_reassembled_data = -1; +static int hf_tls_segments = -1; +static int hf_tls_segment = -1; +static int hf_tls_segment_overlap = -1; +static int hf_tls_segment_overlap_conflict = -1; +static int hf_tls_segment_multiple_tails = -1; +static int hf_tls_segment_too_long_fragment = -1; +static int hf_tls_segment_error = -1; +static int hf_tls_segment_count = -1; +static int hf_tls_segment_data = -1; + +static gint hf_tls_heartbeat_message = -1; +static gint hf_tls_heartbeat_message_type = -1; +static gint hf_tls_heartbeat_message_payload_length = -1; +static gint hf_tls_heartbeat_message_payload = -1; +static gint hf_tls_heartbeat_message_padding = -1; static ssl_hfs_t ssl_hfs = { -1, -1 }; /* Initialize the subtree pointers */ -static gint ett_ssl = -1; -static gint ett_ssl_record = -1; -static gint ett_ssl_alert = -1; -static gint ett_ssl_handshake = -1; -static gint ett_ssl_heartbeat = -1; -static gint ett_ssl_certs = -1; +static gint ett_tls = -1; +static gint ett_tls_record = -1; +static gint ett_tls_alert = -1; +static gint ett_tls_handshake = -1; +static gint ett_tls_heartbeat = -1; +static gint ett_tls_certs = -1; static gint ett_pct_cipher_suites = -1; static gint ett_pct_hash_suites = -1; static gint ett_pct_cert_suites = -1; static gint ett_pct_exch_suites = -1; -static gint ett_ssl_segments = -1; -static gint ett_ssl_segment = -1; +static gint ett_tls_segments = -1; +static gint ett_tls_segment = -1; static expert_field ei_ssl2_handshake_session_id_len_error = EI_INIT; static expert_field ei_ssl3_heartbeat_payload_length = EI_INIT; @@ -255,26 +255,26 @@ static expert_field ei_tls_unexpected_message = EI_INIT; /* Generated from convert_proto_tree_add_text.pl */ static expert_field ei_ssl_pct_ch_offset = EI_INIT; static expert_field ei_ssl_pct_server_version = EI_INIT; -static expert_field ei_ssl_ignored_unknown_record = EI_INIT; +static expert_field ei_tls_ignored_unknown_record = EI_INIT; static expert_field ei_ssl_pct_client_version = EI_INIT; -/* not all of the hf_fields below make sense for SSL but we have to provide +/* not all of the hf_fields below make sense for TLS but we have to provide them anyways to comply with the api (which was aimed for ip fragment reassembly) */ static const fragment_items ssl_segment_items = { - &ett_ssl_segment, - &ett_ssl_segments, - &hf_ssl_segments, - &hf_ssl_segment, - &hf_ssl_segment_overlap, - &hf_ssl_segment_overlap_conflict, - &hf_ssl_segment_multiple_tails, - &hf_ssl_segment_too_long_fragment, - &hf_ssl_segment_error, - &hf_ssl_segment_count, - &hf_ssl_reassembled_in, - &hf_ssl_reassembled_length, - &hf_ssl_reassembled_data, + &ett_tls_segment, + &ett_tls_segments, + &hf_tls_segments, + &hf_tls_segment, + &hf_tls_segment_overlap, + &hf_tls_segment_overlap_conflict, + &hf_tls_segment_multiple_tails, + &hf_tls_segment_too_long_fragment, + &hf_tls_segment_error, + &hf_tls_segment_count, + &hf_tls_reassembled_in, + &hf_tls_reassembled_length, + &hf_tls_reassembled_data, "Segments" }; @@ -290,7 +290,7 @@ ssl_proto_tree_add_segment_data( { proto_tree_add_bytes_format( tree, - hf_ssl_segment_data, + hf_tls_segment_data, tvb, offset, length, @@ -303,14 +303,14 @@ ssl_proto_tree_add_segment_data( static ssl_master_key_map_t ssl_master_key_map; -/* used by "Export SSL Session Keys" */ +/* used by "Export TLS Session Keys" */ GHashTable *ssl_session_hash; GHashTable *ssl_crandom_hash; static GHashTable *ssl_key_hash = NULL; static wmem_stack_t *key_list_stack = NULL; static dissector_table_t ssl_associations = NULL; -static dissector_handle_t ssl_handle = NULL; +static dissector_handle_t tls_handle = NULL; static StringInfo ssl_compressed_data = {NULL, 0}; static StringInfo ssl_decrypted_data = {NULL, 0}; static gint ssl_decrypted_data_avail = 0; @@ -320,7 +320,7 @@ static uat_t *ssldecrypt_uat = NULL; static const gchar *ssl_keys_list = NULL; static ssl_common_options_t ssl_options = { NULL, NULL}; -/* List of dissectors to call for SSL data */ +/* List of dissectors to call for TLS data */ static heur_dissector_list_t ssl_heur_subdissector_list; static const gchar *ssl_debug_file_name = NULL; @@ -329,22 +329,22 @@ static const gchar *ssl_debug_file_name = NULL; /* Forward declaration we need below */ void proto_reg_handoff_ssl(void); -/* Desegmentation of SSL streams */ -/* table to hold defragmented SSL streams */ +/* Desegmentation of TLS streams */ +/* table to hold defragmented TLS streams */ static reassembly_table ssl_reassembly_table; /* initialize/reset per capture state data (ssl sessions cache) */ static void ssl_init(void) { - module_t *ssl_module = prefs_find_module("ssl"); + module_t *ssl_module = prefs_find_module("tls"); pref_t *keys_list_pref; ssl_common_init(&ssl_master_key_map, &ssl_decrypted_data, &ssl_compressed_data); ssl_debug_flush(); - /* for "Export SSL Session Keys" */ + /* for "Export TLS Session Keys" */ ssl_session_hash = ssl_master_key_map.session; ssl_crandom_hash = ssl_master_key_map.crandom; @@ -394,7 +394,7 @@ ssl_parse_uat(void) port = GPOINTER_TO_UINT(wmem_stack_pop(key_list_stack)); handle = dissector_get_uint_handle(ssl_associations, port); if (handle != NULL) - ssl_association_remove("ssl.port", ssl_handle, handle, port, FALSE); + ssl_association_remove("tls.port", tls_handle, handle, port, FALSE); } } /* parse private keys string, load available keys and put them in key hash*/ @@ -402,12 +402,12 @@ ssl_parse_uat(void) ssl_private_key_equal, g_free, rsa_private_key_free); - if (nssldecrypt > 0) { + if (ntlsdecrypt > 0) { if (key_list_stack == NULL) key_list_stack = wmem_stack_new(NULL); - for (i = 0; i < nssldecrypt; i++) { - ssldecrypt_assoc_t *ssl_uat = &(sslkeylist_uats[i]); - ssl_parse_key_list(ssl_uat, ssl_key_hash, "ssl.port", ssl_handle, TRUE); + for (i = 0; i < ntlsdecrypt; i++) { + ssldecrypt_assoc_t *ssl_uat = &(tlskeylist_uats[i]); + ssl_parse_key_list(ssl_uat, ssl_key_hash, "tls.port", tls_handle, TRUE); if (key_list_stack && ws_strtou16(ssl_uat->port, NULL, &port) && port > 0) wmem_stack_push(key_list_stack, GUINT_TO_POINTER(port)); } @@ -487,9 +487,9 @@ ssl_follow_tap_listener(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _ * Handshake messages and alerts. */ if (appl_data->type != SSL_ID_APP_DATA) continue; - /* TCP segments that contain the end of two or more SSL PDUs will be - queued to SSL taps for each of those PDUs. Therefore a single - packet could be processed by this SSL tap listener multiple times. + /* TCP segments that contain the end of two or more TLS PDUs will be + queued to TLS taps for each of those PDUs. Therefore a single + packet could be processed by this TLS tap listener multiple times. The following test handles that scenario by treating the follow_info->bytes_written[] values as the next expected appl_data->seq. Any appl_data instances that fall below that have @@ -501,7 +501,7 @@ ssl_follow_tap_listener(void *tapdata, packet_info *pinfo, epan_dissect_t *edt _ consolidate multiple appl_data instances into a single record, it is beneficial to use a one-to-one mapping. This affords the Follow Stream dialog view modes (ASCII, EBCDIC, Hex Dump, C Arrays, Raw) - the opportunity to accurately reflect SSL PDU boundaries. Currently + the opportunity to accurately reflect TLS PDU boundaries. Currently the Hex Dump view does by starting a new line, and the C Arrays view does by starting a new array declaration. */ follow_record = g_new(follow_record_t,1); @@ -659,7 +659,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) g_ascii_isprint(tmp[1]) && g_ascii_isprint(tmp[2]) && g_ascii_isprint(tmp[3])) { - /* it is extremely unlikely that real SSL traffic starts with four + /* it is extremely unlikely that real TLS traffic starts with four * printable ascii characters; this looks like it's unencrypted * text, so assume it's not ours (SSL does have some unencrypted * text fields in certain packets, but you'd have to get very @@ -685,7 +685,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * in addition to conv_version */ conversation = find_or_create_conversation(pinfo); - ssl_session = ssl_get_session(conversation, ssl_handle); + ssl_session = ssl_get_session(conversation, tls_handle); session = &ssl_session->session; is_from_server = ssl_packet_from_server(session, ssl_associations, pinfo); @@ -704,14 +704,14 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_printf(" conversation = %p, ssl_session = %p\n", (void *)conversation, (void *)ssl_session); /* Initialize the protocol column; we'll override it later when we - * detect a different version or flavor of SSL (assuming we don't + * detect a different version or flavor of TLS (assuming we don't * throw an exception before we get the chance to do so). */ col_set_str(pinfo->cinfo, COL_PROTOCOL, val_to_str_const(session->version, ssl_version_short_names, "SSL")); /* clear the the info column */ col_clear(pinfo->cinfo, COL_INFO); - /* TCP packets and SSL records are orthogonal. + /* TCP packets and TLS records are orthogonal. * A tcp packet may contain multiple ssl records and an ssl * record may be spread across multiple tcp packets. * @@ -725,11 +725,11 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * reassembly. */ - /* Create display subtree for SSL as a whole */ + /* Create display subtree for TLS as a whole */ if (tree) { - ti = proto_tree_add_item(tree, proto_ssl, tvb, 0, -1, ENC_NA); - ssl_tree = proto_item_add_subtree(ti, ett_ssl); + ti = proto_tree_add_item(tree, proto_tls, tvb, 0, -1, ENC_NA); + ssl_tree = proto_item_add_subtree(ti, ett_tls); } /* iterate through the records in this tvbuff */ while (tvb_reported_length_remaining(tvb, offset) > 0) @@ -759,7 +759,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) case TLSV1DOT2_VERSION: /* SSLv3/TLS record headers need at least 1+2+2 = 5 bytes. */ if (tvb_reported_length_remaining(tvb, offset) < 5) { - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { pinfo->desegment_offset = offset; pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; need_desegmentation = TRUE; @@ -803,7 +803,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) * bytes, but the data will hopefully be larger than three bytes). */ if (tvb_reported_length_remaining(tvb, offset) < 5) { - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { pinfo->desegment_offset = offset; pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; need_desegmentation = TRUE; @@ -847,7 +847,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_printf(" need_desegmentation: offset = %d, reported_length_remaining = %d\n", offset, tvb_reported_length_remaining(tvb, offset)); /* Make data available to ssl_follow_tap_listener */ - tap_queue_packet(ssl_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, curr_layer_num_ssl)); + tap_queue_packet(tls_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, curr_layer_num_ssl)); return tvb_captured_length(tvb); } } @@ -857,7 +857,7 @@ dissect_ssl(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data _U_) ssl_debug_flush(); /* Make data available to ssl_follow_tap_listener */ - tap_queue_packet(ssl_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, curr_layer_num_ssl)); + tap_queue_packet(tls_tap, pinfo, p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, curr_layer_num_ssl)); return tvb_captured_length(tvb); } @@ -972,7 +972,7 @@ dissect_ssl_heur(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data } conversation = find_or_create_conversation(pinfo); - conversation_set_dissector(conversation, ssl_handle); + conversation_set_dissector(conversation, tls_handle); return dissect_ssl(tvb, pinfo, tree, data); } @@ -1010,7 +1010,7 @@ tls_save_decrypted_record(packet_info *pinfo, gint record_id, SslDecryptSession /* In TLS 1.3 only Handshake and Application Data can be fragmented. * Alert messages MUST NOT be fragmented across records, so do not * bother maintaining a flow for those. */ - ssl_add_record_info(proto_ssl, pinfo, data, datalen, record_id, + ssl_add_record_info(proto_tls, pinfo, data, datalen, record_id, allow_fragments ? decoder->flow : NULL, (ContentType)content_type, curr_layer_num_ssl); } @@ -1059,7 +1059,7 @@ decrypt_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, guint32 offset, SslDecryp /* run decryption and add decrypted payload to protocol data, if decryption * is successful*/ ssl_decrypted_data_avail = ssl_decrypted_data.data_len; - success = ssl_decrypt_record(ssl, decoder, content_type, record_version, ssl_ignore_mac_failed, + success = ssl_decrypt_record(ssl, decoder, content_type, record_version, tls_ignore_mac_failed, tvb_get_ptr(tvb, offset, record_length), record_length, &ssl_compressed_data, &ssl_decrypted_data, &ssl_decrypted_data_avail) == 0; /* */ @@ -1313,7 +1313,7 @@ again: /* * This is *not* the last segment. It is part of a PDU in the same * frame, so no another PDU can follow this one. - * Do not reassemble SSL yet, it will be done in the final segment. + * Do not reassemble TLS yet, it will be done in the final segment. * Clear the Info column and avoid displaying [SSL segment of a * reassembled PDU], the payload dissector will typically set it. * (This is needed here for the second pass.) @@ -1332,8 +1332,8 @@ again: int old_len; /* - * Reset column in case multiple SSL segments form the - * PDU and this last SSL segment is not in the first TCP segment of + * Reset column in case multiple TLS segments form the + * PDU and this last TLS segment is not in the first TCP segment of * this frame. * XXX prevent clearing the column if the last layer is not SSL? */ @@ -1674,7 +1674,7 @@ dissect_ssl_payload(tvbuff_t *decrypted, packet_info *pinfo, ssl_print_data("decrypted app data fragment", record->plain_data, record->data_len); /* Can we desegment this segment? */ - if (ssl_desegment_app_data) { + if (tls_desegment_app_data) { /* Yes. */ pinfo->can_desegment = 2; desegment_ssl(decrypted, pinfo, 0, record->seq, record->seq + record->data_len, @@ -1751,7 +1751,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, session->version==TLSV1DOT1_VERSION || session->version==TLSV1DOT2_VERSION) && (available_bytes >=1 ) && !ssl_is_valid_content_type(tvb_get_guint8(tvb, offset))) { - proto_tree_add_expert(tree, pinfo, &ei_ssl_ignored_unknown_record, tvb, offset, available_bytes); + proto_tree_add_expert(tree, pinfo, &ei_tls_ignored_unknown_record, tvb, offset, available_bytes); col_append_sep_str(pinfo->cinfo, COL_INFO, NULL, "Ignored Unknown Record"); return offset + available_bytes; } @@ -1763,7 +1763,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and that we need @@ -1798,7 +1798,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and how many @@ -1810,7 +1810,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, * pinfo->desegment_len = DESEGMENT_ONE_MORE_SEGMENT; * it avoids some minor display glitches when a frame contains * the continuation of a previous PDU together with a full new - * PDU, but it completely breaks dissection for jumbo SSL frames + * PDU, but it completely breaks dissection for jumbo TLS frames */ pinfo->desegment_len = (record_length + 5) - available_bytes; @@ -1832,28 +1832,28 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, } /* add the record layer subtree header */ - ti = proto_tree_add_item(tree, hf_ssl_record, tvb, + ti = proto_tree_add_item(tree, hf_tls_record, tvb, offset, 5 + record_length, ENC_NA); - ssl_record_tree = proto_item_add_subtree(ti, ett_ssl_record); + ssl_record_tree = proto_item_add_subtree(ti, ett_tls_record); /* show the one-byte content type */ if (session->version == TLSV1DOT3_VERSION && content_type == SSL_ID_APP_DATA) { - ct_pi = proto_tree_add_item(ssl_record_tree, hf_ssl_record_opaque_type, + ct_pi = proto_tree_add_item(ssl_record_tree, hf_tls_record_opaque_type, tvb, offset, 1, ENC_BIG_ENDIAN); } else { - ct_pi = proto_tree_add_item(ssl_record_tree, hf_ssl_record_content_type, + ct_pi = proto_tree_add_item(ssl_record_tree, hf_tls_record_content_type, tvb, offset, 1, ENC_BIG_ENDIAN); } content_type_offset = offset; offset++; /* add the version */ - proto_tree_add_item(ssl_record_tree, hf_ssl_record_version, tvb, + proto_tree_add_item(ssl_record_tree, hf_tls_record_version, tvb, offset, 2, ENC_BIG_ENDIAN); offset += 2; /* add the length */ - length_pi = proto_tree_add_uint(ssl_record_tree, hf_ssl_record_length, tvb, + length_pi = proto_tree_add_uint(ssl_record_tree, hf_tls_record_length, tvb, offset, 2, record_length); offset += 2; /* move past length field itself */ @@ -1914,12 +1914,12 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, } /* try to retrieve and use decrypted alert/handshake/appdata record, if any. */ - decrypted = ssl_get_record_info(tvb, proto_ssl, pinfo, tvb_raw_offset(tvb)+offset, curr_layer_num_ssl, &record); + decrypted = ssl_get_record_info(tvb, proto_tls, pinfo, tvb_raw_offset(tvb)+offset, curr_layer_num_ssl, &record); if (decrypted) { add_new_data_source(pinfo, decrypted, "Decrypted SSL"); if (session->version == TLSV1DOT3_VERSION) { content_type = record->type; - ti = proto_tree_add_uint(ssl_record_tree, hf_ssl_record_content_type, + ti = proto_tree_add_uint(ssl_record_tree, hf_tls_record_content_type, tvb, content_type_offset, 1, record->type); PROTO_ITEM_SET_GENERATED(ti); } @@ -1997,7 +1997,7 @@ dissect_ssl3_record(tvbuff_t *tvb, packet_info *pinfo, app_handle ? dissector_handle_get_dissector_name(app_handle) : "Application Data"); - proto_tree_add_item(ssl_record_tree, hf_ssl_record_appdata, tvb, + proto_tree_add_item(ssl_record_tree, hf_tls_record_appdata, tvb, offset, record_length, ENC_NA); if (decrypted) { @@ -2061,9 +2061,9 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, ssl_alert_tree = NULL; if (tree) { - ti = proto_tree_add_item(tree, hf_ssl_alert_message, tvb, + ti = proto_tree_add_item(tree, hf_tls_alert_message, tvb, offset, record_length, ENC_NA); - ssl_alert_tree = proto_item_add_subtree(ti, ett_ssl_alert); + ssl_alert_tree = proto_item_add_subtree(ti, ett_tls_alert); } /* @@ -2097,10 +2097,10 @@ dissect_ssl3_alert(tvbuff_t *tvb, packet_info *pinfo, "(Level: %s, Description: %s)", val_to_str_const(session->version, ssl_version_short_names, "SSL"), level, desc); - proto_tree_add_item(ssl_alert_tree, hf_ssl_alert_message_level, + proto_tree_add_item(ssl_alert_tree, hf_tls_alert_message_level, tvb, offset++, 1, ENC_BIG_ENDIAN); - proto_tree_add_item(ssl_alert_tree, hf_ssl_alert_message_description, + proto_tree_add_item(ssl_alert_tree, hf_tls_alert_message_description, tvb, offset++, 1, ENC_BIG_ENDIAN); } else @@ -2245,9 +2245,9 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, } /* add a subtree for the handshake protocol */ - ti = proto_tree_add_item(tree, hf_ssl_handshake_protocol, tvb, + ti = proto_tree_add_item(tree, hf_tls_handshake_protocol, tvb, offset, length + 4, ENC_NA); - ssl_hand_tree = proto_item_add_subtree(ti, ett_ssl_handshake); + ssl_hand_tree = proto_item_add_subtree(ti, ett_tls_handshake); /* set the text label on the subtree node */ proto_item_set_text(ssl_hand_tree, "Handshake Protocol: %s", @@ -2259,10 +2259,10 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo, return; /* add nodes for the message type and message length */ - proto_tree_add_uint(ssl_hand_tree, hf_ssl_handshake_type, + proto_tree_add_uint(ssl_hand_tree, hf_tls_handshake_type, tvb, offset, 1, msg_type); offset += 1; - proto_tree_add_uint(ssl_hand_tree, hf_ssl_handshake_length, + proto_tree_add_uint(ssl_hand_tree, hf_tls_handshake_length, tvb, offset, 3, length); offset += 3; @@ -2454,9 +2454,9 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, tls_heartbeat_tree = NULL; if (tree) { - ti = proto_tree_add_item(tree, hf_ssl_heartbeat_message, tvb, + ti = proto_tree_add_item(tree, hf_tls_heartbeat_message, tvb, offset, record_length, ENC_NA); - tls_heartbeat_tree = proto_item_add_subtree(ti, ett_ssl_heartbeat); + tls_heartbeat_tree = proto_item_add_subtree(ti, ett_tls_heartbeat); } /* @@ -2488,10 +2488,10 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, "%s", val_to_str_const(session->version, ssl_version_short_names, "SSL"), type); - proto_tree_add_item(tls_heartbeat_tree, hf_ssl_heartbeat_message_type, + proto_tree_add_item(tls_heartbeat_tree, hf_tls_heartbeat_message_type, tvb, offset, 1, ENC_BIG_ENDIAN); offset += 1; - ti = proto_tree_add_uint(tls_heartbeat_tree, hf_ssl_heartbeat_message_payload_length, + ti = proto_tree_add_uint(tls_heartbeat_tree, hf_tls_heartbeat_message_payload_length, tvb, offset, 2, payload_length); offset += 2; if (3u + payload_length + 16 > record_length) { @@ -2503,14 +2503,14 @@ dissect_ssl3_heartbeat(tvbuff_t *tvb, packet_info *pinfo, padding_length = 0; proto_item_append_text (ti, " (invalid, using %u to decode payload)", payload_length); } - proto_tree_add_bytes_format(tls_heartbeat_tree, hf_ssl_heartbeat_message_payload, + proto_tree_add_bytes_format(tls_heartbeat_tree, hf_tls_heartbeat_message_payload, tvb, offset, payload_length, NULL, "Payload (%u byte%s)", payload_length, plurality(payload_length, "", "s")); offset += payload_length; if (padding_length) - proto_tree_add_bytes_format(tls_heartbeat_tree, hf_ssl_heartbeat_message_padding, + proto_tree_add_bytes_format(tls_heartbeat_tree, hf_tls_heartbeat_message_padding, tvb, offset, padding_length, NULL, "Padding and HMAC (%u byte%s)", padding_length, @@ -2533,18 +2533,18 @@ dissect_ssl3_hnd_encrypted_exts(tvbuff_t *tvb, proto_tree *tree, guint8 padding_len; selected_protocol_len = tvb_get_guint8(tvb, offset); - proto_tree_add_item(tree, hf_ssl_handshake_npn_selected_protocol_len, + proto_tree_add_item(tree, hf_tls_handshake_npn_selected_protocol_len, tvb, offset, 1, ENC_BIG_ENDIAN); offset++; - proto_tree_add_item(tree, hf_ssl_handshake_npn_selected_protocol, + proto_tree_add_item(tree, hf_tls_handshake_npn_selected_protocol, tvb, offset, selected_protocol_len, ENC_ASCII|ENC_NA); offset += selected_protocol_len; padding_len = tvb_get_guint8(tvb, offset); - proto_tree_add_item(tree, hf_ssl_handshake_npn_padding_len, + proto_tree_add_item(tree, hf_tls_handshake_npn_padding_len, tvb, offset, 1, ENC_BIG_ENDIAN); offset++; - proto_tree_add_item(tree, hf_ssl_handshake_npn_padding, + proto_tree_add_item(tree, hf_tls_handshake_npn_padding, tvb, offset, padding_len, ENC_NA); } @@ -2597,7 +2597,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* * Yes - can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and that we need @@ -2638,7 +2638,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* * Yes - Can we do reassembly? */ - if (ssl_desegment && pinfo->can_desegment) { + if (tls_desegment && pinfo->can_desegment) { /* * Yes. Tell the TCP dissector where the data for this * message starts in the data it handed us, and how many @@ -2659,7 +2659,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, /* add the record layer subtree header */ ti = proto_tree_add_item(tree, hf_ssl2_record, tvb, initial_offset, record_length_length + record_length, ENC_NA); - ssl_record_tree = proto_item_add_subtree(ti, ett_ssl_record); + ssl_record_tree = proto_item_add_subtree(ti, ett_tls_record); /* pull the msg_type so we can bail if it's unknown */ msg_type = tvb_get_guint8(tvb, initial_offset + record_length_length); @@ -2717,7 +2717,7 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, * record layer version 0x0002 */ ti = proto_tree_add_uint(ssl_record_tree, - hf_ssl_record_version, tvb, + hf_tls_record_version, tvb, initial_offset, 0, 0x0002); PROTO_ITEM_SET_GENERATED(ti); } @@ -2750,14 +2750,14 @@ dissect_ssl2_record(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, * record layer version 0x0002 */ ti = proto_tree_add_uint(ssl_record_tree, - hf_ssl_record_version, tvb, + hf_tls_record_version, tvb, initial_offset, 0, 0x0002); PROTO_ITEM_SET_GENERATED(ti); /* add the record length */ tvb_ensure_bytes_exist(tvb, offset, record_length_length); proto_tree_add_uint (ssl_record_tree, - hf_ssl_record_length, tvb, + hf_tls_record_length, tvb, initial_offset, record_length_length, record_length); } @@ -3516,7 +3516,7 @@ void ssl_set_master_secret(guint32 frame_num, address *addr_srv, address *addr_c conversation = conversation_new(frame_num, addr_srv, addr_cli, conversation_pt_to_endpoint_type(ptype), port_srv, port_cli, 0); ssl_debug_printf(" new conversation = %p created\n", (void *)conversation); } - ssl = ssl_get_session(conversation, ssl_handle); + ssl = ssl_get_session(conversation, tls_handle); ssl_debug_printf(" conversation = %p, ssl_session = %p\n", (void *)conversation, (void *)ssl); @@ -3857,7 +3857,7 @@ tls_get_cipher_info(packet_info *pinfo, int *cipher_algo, int *cipher_mode, int return FALSE; } - void *conv_data = conversation_get_proto_data(conv, proto_ssl); + void *conv_data = conversation_get_proto_data(conv, proto_tls); if (conv_data == NULL) { return FALSE; } @@ -3988,7 +3988,7 @@ tls13_exporter(packet_info *pinfo, gboolean is_early, return FALSE; } - void *conv_data = conversation_get_proto_data(conv, proto_ssl); + void *conv_data = conversation_get_proto_data(conv, proto_tls); if (conv_data == NULL) { return FALSE; } @@ -4056,11 +4056,11 @@ ssldecrypt_uat_fld_protocol_chk_cb(void* r _U_, const char* p, guint len _U_, co if (!ssl_find_appdata_dissector(p)) { if (proto_get_id_by_filter_name(p) != -1) { *err = g_strdup_printf("While '%s' is a valid dissector filter name, that dissector is not configured" - " to support SSL decryption.\n\n" - "If you need to decrypt '%s' over SSL, please contact the Wireshark development team.", p, p); + " to support TLS decryption.\n\n" + "If you need to decrypt '%s' over TLS, please contact the Wireshark development team.", p, p); } else { - char* ssl_str = ssl_association_info("ssl.port", "TCP"); - *err = g_strdup_printf("Could not find dissector for: '%s'\nCommonly used SSL dissectors include:\n%s", p, ssl_str); + char* ssl_str = ssl_association_info("tls.port", "TCP"); + *err = g_strdup_printf("Could not find dissector for: '%s'\nCommonly used TLS dissectors include:\n%s", p, ssl_str); g_free(ssl_str); } return FALSE; @@ -4077,7 +4077,7 @@ ssl_src_prompt(packet_info *pinfo, gchar *result) SslPacketInfo* pi; guint32 srcport = pinfo->srcport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) srcport = pi->srcport; @@ -4089,7 +4089,7 @@ ssl_src_value(packet_info *pinfo) { SslPacketInfo* pi; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi == NULL) return GUINT_TO_POINTER(pinfo->srcport); @@ -4102,7 +4102,7 @@ ssl_dst_prompt(packet_info *pinfo, gchar *result) SslPacketInfo* pi; guint32 destport = pinfo->destport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) destport = pi->destport; @@ -4114,7 +4114,7 @@ ssl_dst_value(packet_info *pinfo) { SslPacketInfo* pi; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi == NULL) return GUINT_TO_POINTER(pinfo->destport); @@ -4128,7 +4128,7 @@ ssl_both_prompt(packet_info *pinfo, gchar *result) guint32 srcport = pinfo->srcport, destport = pinfo->destport; - pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_ssl, pinfo->curr_layer_num); + pi = (SslPacketInfo *)p_get_proto_data(wmem_file_scope(), pinfo, proto_tls, pinfo->curr_layer_num); if (pi != NULL) { srcport = pi->srcport; @@ -4144,28 +4144,28 @@ ssl_both_prompt(packet_info *pinfo, gchar *result) * *********************************************************************/ void -proto_register_ssl(void) +proto_register_tls(void) { /* Setup list of header fields See Section 1.6.1 for details*/ static hf_register_info hf[] = { - { &hf_ssl_record, - { "Record Layer", "ssl.record", + { &hf_tls_record, + { "Record Layer", "tls.record", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_record_content_type, - { "Content Type", "ssl.record.content_type", + { &hf_tls_record_content_type, + { "Content Type", "tls.record.content_type", FT_UINT8, BASE_DEC, VALS(ssl_31_content_type), 0x0, NULL, HFILL} }, - { &hf_ssl_record_opaque_type, - { "Opaque Type", "ssl.record.opaque_type", + { &hf_tls_record_opaque_type, + { "Opaque Type", "tls.record.opaque_type", FT_UINT8, BASE_DEC, VALS(ssl_31_content_type), 0x0, "Always set to value 23, actual content type is known after decryption", HFILL} }, { &hf_ssl2_msg_type, - { "Handshake Message Type", "ssl.handshake.type", + { "Handshake Message Type", "tls.handshake.type", FT_UINT8, BASE_DEC, VALS(ssl_20_msg_types), 0x0, "SSLv2 handshake message type", HFILL} }, @@ -4174,191 +4174,191 @@ proto_register_ssl(void) FT_UINT8, BASE_DEC, VALS(pct_msg_types), 0x0, "PCT handshake message type", HFILL} }, - { &hf_ssl_record_version, - { "Version", "ssl.record.version", + { &hf_tls_record_version, + { "Version", "tls.record.version", FT_UINT16, BASE_HEX, VALS(ssl_versions), 0x0, "Record layer version", HFILL } }, - { &hf_ssl_record_length, - { "Length", "ssl.record.length", + { &hf_tls_record_length, + { "Length", "tls.record.length", FT_UINT16, BASE_DEC, NULL, 0x0, - "Length of SSL record data", HFILL } + "Length of TLS record data", HFILL } }, - { &hf_ssl_record_appdata, - { "Encrypted Application Data", "ssl.app_data", + { &hf_tls_record_appdata, + { "Encrypted Application Data", "tls.app_data", FT_BYTES, BASE_NONE, NULL, 0x0, "Payload is encrypted application data", HFILL } }, { &hf_ssl2_record, - { "SSLv2/PCT Record Header", "ssl.record", + { "SSLv2/PCT Record Header", "tls.record", FT_NONE, BASE_NONE, NULL, 0x0, "SSLv2/PCT record data", HFILL } }, { &hf_ssl2_record_is_escape, - { "Is Escape", "ssl.record.is_escape", + { "Is Escape", "tls.record.is_escape", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Indicates a security escape", HFILL} }, { &hf_ssl2_record_padding_length, - { "Padding Length", "ssl.record.padding_length", + { "Padding Length", "tls.record.padding_length", FT_UINT8, BASE_DEC, NULL, 0x0, "Length of padding at end of record", HFILL } }, - { &hf_ssl_alert_message, - { "Alert Message", "ssl.alert_message", + { &hf_tls_alert_message, + { "Alert Message", "tls.alert_message", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_alert_message_level, - { "Level", "ssl.alert_message.level", + { &hf_tls_alert_message_level, + { "Level", "tls.alert_message.level", FT_UINT8, BASE_DEC, VALS(ssl_31_alert_level), 0x0, "Alert message level", HFILL } }, - { &hf_ssl_alert_message_description, - { "Description", "ssl.alert_message.desc", + { &hf_tls_alert_message_description, + { "Description", "tls.alert_message.desc", FT_UINT8, BASE_DEC, VALS(ssl_31_alert_description), 0x0, "Alert message description", HFILL } }, - { &hf_ssl_handshake_protocol, - { "Handshake Protocol", "ssl.handshake", + { &hf_tls_handshake_protocol, + { "Handshake Protocol", "tls.handshake", FT_NONE, BASE_NONE, NULL, 0x0, "Handshake protocol message", HFILL} }, - { &hf_ssl_handshake_type, - { "Handshake Type", "ssl.handshake.type", + { &hf_tls_handshake_type, + { "Handshake Type", "tls.handshake.type", FT_UINT8, BASE_DEC, VALS(ssl_31_handshake_type), 0x0, "Type of handshake message", HFILL} }, - { &hf_ssl_handshake_length, - { "Length", "ssl.handshake.length", + { &hf_tls_handshake_length, + { "Length", "tls.handshake.length", FT_UINT24, BASE_DEC, NULL, 0x0, "Length of handshake message", HFILL } }, { &hf_ssl2_handshake_cipher_spec, - { "Cipher Spec", "ssl.handshake.cipherspec", + { "Cipher Spec", "tls.handshake.cipherspec", FT_UINT24, BASE_HEX|BASE_EXT_STRING, &ssl_20_cipher_suites_ext, 0x0, "Cipher specification", HFILL } }, - { &hf_ssl_handshake_npn_selected_protocol_len, - { "Selected Protocol Length", "ssl.handshake.npn_selected_protocol_len", + { &hf_tls_handshake_npn_selected_protocol_len, + { "Selected Protocol Length", "tls.handshake.npn_selected_protocol_len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_handshake_npn_selected_protocol, - { "Selected Protocol", "ssl.handshake.npn_selected_protocol", + { &hf_tls_handshake_npn_selected_protocol, + { "Selected Protocol", "tls.handshake.npn_selected_protocol", FT_STRING, BASE_NONE, NULL, 0x0, "Protocol to be used for connection", HFILL } }, - { &hf_ssl_handshake_npn_padding_len, - { "Padding Length", "ssl.handshake.npn_padding_len", + { &hf_tls_handshake_npn_padding_len, + { "Padding Length", "tls.handshake.npn_padding_len", FT_UINT8, BASE_DEC, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_handshake_npn_padding, - { "Padding", "ssl.handshake.npn_padding", + { &hf_tls_handshake_npn_padding, + { "Padding", "tls.handshake.npn_padding", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL } }, { &ssl_hfs.hs_md5_hash, - { "MD5 Hash", "ssl.handshake.md5_hash", + { "MD5 Hash", "tls.handshake.md5_hash", FT_NONE, BASE_NONE, NULL, 0x0, "Hash of messages, master_secret, etc.", HFILL } }, { &ssl_hfs.hs_sha_hash, - { "SHA-1 Hash", "ssl.handshake.sha_hash", + { "SHA-1 Hash", "tls.handshake.sha_hash", FT_NONE, BASE_NONE, NULL, 0x0, "Hash of messages, master_secret, etc.", HFILL } }, - { &hf_ssl_heartbeat_message, - { "Heartbeat Message", "ssl.heartbeat_message", + { &hf_tls_heartbeat_message, + { "Heartbeat Message", "tls.heartbeat_message", FT_NONE, BASE_NONE, NULL, 0x0, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_type, - { "Type", "ssl.heartbeat_message.type", + { &hf_tls_heartbeat_message_type, + { "Type", "tls.heartbeat_message.type", FT_UINT8, BASE_DEC, VALS(tls_heartbeat_type), 0x0, "Heartbeat message type", HFILL } }, - { &hf_ssl_heartbeat_message_payload_length, - { "Payload Length", "ssl.heartbeat_message.payload_length", + { &hf_tls_heartbeat_message_payload_length, + { "Payload Length", "tls.heartbeat_message.payload_length", FT_UINT16, BASE_DEC, NULL, 0x00, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_payload, - { "Payload Length", "ssl.heartbeat_message.payload", + { &hf_tls_heartbeat_message_payload, + { "Payload Length", "tls.heartbeat_message.payload", FT_BYTES, BASE_NONE, NULL, 0x00, NULL, HFILL } }, - { &hf_ssl_heartbeat_message_padding, - { "Payload Length", "ssl.heartbeat_message.padding", + { &hf_tls_heartbeat_message_padding, + { "Payload Length", "tls.heartbeat_message.padding", FT_BYTES, BASE_NONE, NULL, 0x00, NULL, HFILL } }, { &hf_ssl2_handshake_challenge, - { "Challenge", "ssl.handshake.challenge", + { "Challenge", "tls.handshake.challenge", FT_NONE, BASE_NONE, NULL, 0x0, "Challenge data used to authenticate server", HFILL } }, { &hf_ssl2_handshake_cipher_spec_len, - { "Cipher Spec Length", "ssl.handshake.cipher_spec_len", + { "Cipher Spec Length", "tls.handshake.cipher_spec_len", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of cipher specs field", HFILL } }, { &hf_ssl2_handshake_session_id_len, - { "Session ID Length", "ssl.handshake.session_id_length", + { "Session ID Length", "tls.handshake.session_id_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of session ID field", HFILL } }, { &hf_ssl2_handshake_challenge_len, - { "Challenge Length", "ssl.handshake.challenge_length", + { "Challenge Length", "tls.handshake.challenge_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of challenge field", HFILL } }, { &hf_ssl2_handshake_clear_key_len, - { "Clear Key Data Length", "ssl.handshake.clear_key_length", + { "Clear Key Data Length", "tls.handshake.clear_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of clear key data", HFILL } }, { &hf_ssl2_handshake_enc_key_len, - { "Encrypted Key Data Length", "ssl.handshake.encrypted_key_length", + { "Encrypted Key Data Length", "tls.handshake.encrypted_key_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of encrypted key data", HFILL } }, { &hf_ssl2_handshake_key_arg_len, - { "Key Argument Length", "ssl.handshake.key_arg_length", + { "Key Argument Length", "tls.handshake.key_arg_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of key argument", HFILL } }, { &hf_ssl2_handshake_clear_key, - { "Clear Key Data", "ssl.handshake.clear_key_data", + { "Clear Key Data", "tls.handshake.clear_key_data", FT_NONE, BASE_NONE, NULL, 0x0, "Clear portion of MASTER-KEY", HFILL } }, { &hf_ssl2_handshake_enc_key, - { "Encrypted Key", "ssl.handshake.encrypted_key", + { "Encrypted Key", "tls.handshake.encrypted_key", FT_NONE, BASE_NONE, NULL, 0x0, "Secret portion of MASTER-KEY encrypted to server", HFILL } }, { &hf_ssl2_handshake_key_arg, - { "Key Argument", "ssl.handshake.key_arg", + { "Key Argument", "tls.handshake.key_arg", FT_NONE, BASE_NONE, NULL, 0x0, "Key Argument (e.g., Initialization Vector)", HFILL } }, { &hf_ssl2_handshake_session_id_hit, - { "Session ID Hit", "ssl.handshake.session_id_hit", + { "Session ID Hit", "tls.handshake.session_id_hit", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Did the server find the client's Session ID?", HFILL } }, { &hf_ssl2_handshake_cert_type, - { "Certificate Type", "ssl.handshake.cert_type", + { "Certificate Type", "tls.handshake.cert_type", FT_UINT8, BASE_DEC, VALS(ssl_20_certificate_type), 0x0, NULL, HFILL } }, { &hf_ssl2_handshake_connection_id_len, - { "Connection ID Length", "ssl.handshake.connection_id_length", + { "Connection ID Length", "tls.handshake.connection_id_length", FT_UINT16, BASE_DEC, NULL, 0x0, "Length of connection ID", HFILL } }, { &hf_ssl2_handshake_connection_id, - { "Connection ID", "ssl.handshake.connection_id", + { "Connection ID", "tls.handshake.connection_id", FT_NONE, BASE_NONE, NULL, 0x0, "Server's challenge to client", HFILL } }, @@ -4435,7 +4435,7 @@ proto_register_ssl(void) { &hf_ssl_pct_server_version, { "Server Version", "ssl.pct.server_version", FT_UINT16, BASE_HEX, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_sh_restart_session_ok_flag, { "SH_RESTART_SESSION_OK flag", "ssl.pct.sh_restart_session_ok_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_sh_client_auth_req_flag, { "SH_CLIENT_AUTH_REQ flag", "ssl.pct.sh_client_auth_req_flag", FT_UINT8, BASE_HEX, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_pct_connection_id_data, { "Connection ID Data", "ssl.connection_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, + { &hf_ssl_pct_connection_id_data, { "Connection ID Data", "tls.connection_id_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_server_certificate_length, { "Server Certificate Length", "ssl.pct.server_certificate_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_client_cert_specs_length, { "Client CERT_SPECS Length", "ssl.pct.client_cert_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, { &hf_ssl_pct_client_sig_specs_length, { "Client SIG_SPECS Length", "ssl.pct.client_sig_specs_length", FT_UINT16, BASE_DEC, NULL, 0x0, NULL, HFILL }}, @@ -4464,124 +4464,125 @@ proto_register_ssl(void) { &hf_ssl_pct_error_information_data, { "Error Information data", "ssl.pct.error_information_data", FT_BYTES, BASE_NONE, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segment_overlap, - { "Segment overlap", "ssl.segment.overlap", + { &hf_tls_segment_overlap, + { "Segment overlap", "tls.segment.overlap", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Segment overlaps with other segments", HFILL }}, - { &hf_ssl_segment_overlap_conflict, - { "Conflicting data in segment overlap", "ssl.segment.overlap.conflict", + { &hf_tls_segment_overlap_conflict, + { "Conflicting data in segment overlap", "tls.segment.overlap.conflict", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Overlapping segments contained conflicting data", HFILL }}, - { &hf_ssl_segment_multiple_tails, - { "Multiple tail segments found", "ssl.segment.multipletails", + { &hf_tls_segment_multiple_tails, + { "Multiple tail segments found", "tls.segment.multipletails", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Several tails were found when reassembling the pdu", HFILL }}, - { &hf_ssl_segment_too_long_fragment, - { "Segment too long", "ssl.segment.toolongfragment", + { &hf_tls_segment_too_long_fragment, + { "Segment too long", "tls.segment.toolongfragment", FT_BOOLEAN, BASE_NONE, NULL, 0x0, "Segment contained data past end of the pdu", HFILL }}, - { &hf_ssl_segment_error, - { "Reassembling error", "ssl.segment.error", + { &hf_tls_segment_error, + { "Reassembling error", "tls.segment.error", FT_FRAMENUM, BASE_NONE, NULL, 0x0, "Reassembling error due to illegal segments", HFILL }}, - { &hf_ssl_segment_count, - { "Segment count", "ssl.segment.count", + { &hf_tls_segment_count, + { "Segment count", "tls.segment.count", FT_UINT32, BASE_DEC, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segment, - { "SSL segment", "ssl.segment", + { &hf_tls_segment, + { "TLS segment", "tls.segment", FT_FRAMENUM, BASE_NONE, NULL, 0x0, NULL, HFILL }}, - { &hf_ssl_segments, - { "Reassembled SSL segments", "ssl.segments", + { &hf_tls_segments, + { "Reassembled TLS segments", "tls.segments", FT_NONE, BASE_NONE, NULL, 0x0, - "SSL Segments", HFILL }}, + "TLS Segments", HFILL }}, - { &hf_ssl_reassembled_in, - { "Reassembled PDU in frame", "ssl.reassembled_in", + { &hf_tls_reassembled_in, + { "Reassembled PDU in frame", "tls.reassembled_in", FT_FRAMENUM, BASE_NONE, NULL, 0x0, "The PDU that doesn't end in this segment is reassembled in this frame", HFILL }}, - { &hf_ssl_reassembled_length, - { "Reassembled PDU length", "ssl.reassembled.length", + { &hf_tls_reassembled_length, + { "Reassembled PDU length", "tls.reassembled.length", FT_UINT32, BASE_DEC, NULL, 0x0, "The total length of the reassembled payload", HFILL }}, - { &hf_ssl_reassembled_data, - { "Reassembled PDU data", "ssl.reassembled.data", + { &hf_tls_reassembled_data, + { "Reassembled PDU data", "tls.reassembled.data", FT_BYTES, BASE_NONE, NULL, 0x00, - "The payload of multiple reassembled SSL segments", HFILL }}, + "The payload of multiple reassembled TLS segments", HFILL }}, - { &hf_ssl_segment_data, - { "SSL segment data", "ssl.segment.data", + { &hf_tls_segment_data, + { "TLS segment data", "tls.segment.data", FT_BYTES, BASE_NONE, NULL, 0x00, - "The payload of a single SSL segment", HFILL } + "The payload of a single TLS segment", HFILL } }, - SSL_COMMON_HF_LIST(dissect_ssl3_hf, "ssl") + SSL_COMMON_HF_LIST(dissect_ssl3_hf, "tls") }; /* Setup protocol subtree array */ static gint *ett[] = { - &ett_ssl, - &ett_ssl_record, - &ett_ssl_alert, - &ett_ssl_handshake, - &ett_ssl_heartbeat, - &ett_ssl_certs, + &ett_tls, + &ett_tls_record, + &ett_tls_alert, + &ett_tls_handshake, + &ett_tls_heartbeat, + &ett_tls_certs, &ett_pct_cipher_suites, &ett_pct_hash_suites, &ett_pct_cert_suites, &ett_pct_exch_suites, - &ett_ssl_segments, - &ett_ssl_segment, + &ett_tls_segments, + &ett_tls_segment, SSL_COMMON_ETT_LIST(dissect_ssl3_hf) }; static ei_register_info ei[] = { - { &ei_ssl2_handshake_session_id_len_error, { "ssl.handshake.session_id_length.error", PI_MALFORMED, PI_ERROR, "Session ID length error", EXPFILL }}, - { &ei_ssl3_heartbeat_payload_length, { "ssl.heartbeat_message.payload_length.invalid", PI_MALFORMED, PI_ERROR, "Invalid heartbeat payload length", EXPFILL }}, - { &ei_tls_unexpected_message, { "ssl.unexpected_message", PI_PROTOCOL, PI_ERROR, "Unexpected message", EXPFILL }}, + { &ei_ssl2_handshake_session_id_len_error, { "tls.handshake.session_id_length.error", PI_MALFORMED, PI_ERROR, "Session ID length error", EXPFILL }}, + { &ei_ssl3_heartbeat_payload_length, { "tls.heartbeat_message.payload_length.invalid", PI_MALFORMED, PI_ERROR, "Invalid heartbeat payload length", EXPFILL }}, + { &ei_tls_unexpected_message, { "tls.unexpected_message", PI_PROTOCOL, PI_ERROR, "Unexpected message", EXPFILL }}, /* Generated from convert_proto_tree_add_text.pl */ - { &ei_ssl_ignored_unknown_record, { "ssl.ignored_unknown_record", PI_PROTOCOL, PI_WARN, "Ignored Unknown Record", EXPFILL }}, + { &ei_tls_ignored_unknown_record, { "tls.ignored_unknown_record", PI_PROTOCOL, PI_WARN, "Ignored Unknown Record", EXPFILL }}, { &ei_ssl_pct_client_version, { "ssl.pct.client_version.invalid", PI_PROTOCOL, PI_WARN, "Client Version invalid", EXPFILL }}, { &ei_ssl_pct_ch_offset, { "ssl.pct.ch_offset.invalid", PI_PROTOCOL, PI_WARN, "CH_OFFSET invalid", EXPFILL }}, { &ei_ssl_pct_server_version, { "ssl.pct.server_version.invalid", PI_PROTOCOL, PI_WARN, "Server Version invalid", EXPFILL }}, - SSL_COMMON_EI_LIST(dissect_ssl3_hf, "ssl") + SSL_COMMON_EI_LIST(dissect_ssl3_hf, "tls") }; static build_valid_func ssl_da_src_values[1] = {ssl_src_value}; static build_valid_func ssl_da_dst_values[1] = {ssl_dst_value}; static build_valid_func ssl_da_both_values[2] = {ssl_src_value, ssl_dst_value}; static decode_as_value_t ssl_da_values[3] = {{ssl_src_prompt, 1, ssl_da_src_values}, {ssl_dst_prompt, 1, ssl_da_dst_values}, {ssl_both_prompt, 2, ssl_da_both_values}}; - static decode_as_t ssl_da = {"ssl", "Transport", "ssl.port", 3, 2, ssl_da_values, "TCP", "port(s) as", + static decode_as_t ssl_da = {"tls", "Transport", "tls.port", 3, 2, ssl_da_values, "TCP", "port(s) as", decode_as_default_populate_list, decode_as_default_reset, decode_as_default_change, NULL}; expert_module_t* expert_ssl; /* Register the protocol name and description */ - proto_ssl = proto_register_protocol("Secure Sockets Layer", - "SSL", "ssl"); + proto_tls = proto_register_protocol("Transport Layer Security", + "TLS", "tls"); - ssl_associations = register_dissector_table("ssl.port", "SSL Port", proto_ssl, FT_UINT16, BASE_DEC); + ssl_associations = register_dissector_table("tls.port", "TLS Port", proto_tls, FT_UINT16, BASE_DEC); /* Required function calls to register the header fields and * subtrees used */ - proto_register_field_array(proto_ssl, hf, array_length(hf)); + proto_register_field_array(proto_tls, hf, array_length(hf)); + proto_register_alias(proto_tls, "ssl"); proto_register_subtree_array(ett, array_length(ett)); - expert_ssl = expert_register_protocol(proto_ssl); + expert_ssl = expert_register_protocol(proto_tls); expert_register_field_array(expert_ssl, ei, array_length(ei)); { - module_t *ssl_module = prefs_register_protocol(proto_ssl, proto_reg_handoff_ssl); + module_t *ssl_module = prefs_register_protocol(proto_tls, proto_reg_handoff_ssl); #ifdef HAVE_LIBGNUTLS static uat_field_t sslkeylist_uats_flds[] = { @@ -4593,12 +4594,12 @@ proto_register_ssl(void) UAT_END_FIELDS }; - ssldecrypt_uat = uat_new("SSL Decrypt", + ssldecrypt_uat = uat_new("TLS Decrypt", sizeof(ssldecrypt_assoc_t), "ssl_keys", /* filename */ TRUE, /* from_profile */ - &sslkeylist_uats, /* data_ptr */ - &nssldecrypt, /* numitems_ptr */ + &tlskeylist_uats, /* data_ptr */ + &ntlsdecrypt, /* numitems_ptr */ UAT_AFFECTS_DISSECTION, /* affects dissection of packets, but not set of named fields */ NULL, /* Help section (currently a wiki page) */ ssldecrypt_copy_cb, @@ -4610,47 +4611,47 @@ proto_register_ssl(void) prefs_register_uat_preference(ssl_module, "key_table", "RSA keys list", - "A table of RSA keys for SSL decryption", + "A table of RSA keys for TLS decryption", ssldecrypt_uat); #endif /* HAVE_LIBGNUTLS */ - prefs_register_filename_preference(ssl_module, "debug_file", "SSL debug file", - "Redirect SSL debug to the file specified. Leave empty to disable debugging " + prefs_register_filename_preference(ssl_module, "debug_file", "TLS debug file", + "Redirect TLS debug to the file specified. Leave empty to disable debugging " "or use \"" SSL_DEBUG_USE_STDERR "\" to redirect output to stderr.", &ssl_debug_file_name, TRUE); prefs_register_string_preference(ssl_module, "keys_list", "RSA keys list (deprecated)", - "Semicolon-separated list of private RSA keys used for SSL decryption. " + "Semicolon-separated list of private RSA keys used for TLS decryption. " "Used by versions of Wireshark prior to 1.6", &ssl_keys_list); prefs_register_bool_preference(ssl_module, "desegment_ssl_records", - "Reassemble SSL records spanning multiple TCP segments", - "Whether the SSL dissector should reassemble SSL records spanning multiple TCP segments. " + "Reassemble TLS records spanning multiple TCP segments", + "Whether the TLS dissector should reassemble TLS records spanning multiple TCP segments. " "To use this option, you must also enable \"Allow subdissectors to reassemble TCP streams\" in the TCP protocol settings.", - &ssl_desegment); + &tls_desegment); prefs_register_bool_preference(ssl_module, "desegment_ssl_application_data", - "Reassemble SSL Application Data spanning multiple SSL records", - "Whether the SSL dissector should reassemble SSL Application Data spanning multiple SSL records. ", - &ssl_desegment_app_data); + "Reassemble TLS Application Data spanning multiple TLS records", + "Whether the TLS dissector should reassemble TLS Application Data spanning multiple TLS records. ", + &tls_desegment_app_data); prefs_register_bool_preference(ssl_module, "ignore_ssl_mac_failed", "Message Authentication Code (MAC), ignore \"mac failed\"", "For troubleshooting ignore the mac check result and decrypt also if the Message Authentication Code (MAC) fails.", - &ssl_ignore_mac_failed); + &tls_ignore_mac_failed); ssl_common_register_options(ssl_module, &ssl_options); } /* heuristic dissectors for any premable e.g. CredSSP before RDP */ - ssl_heur_subdissector_list = register_heur_dissector_list("ssl", proto_ssl); + ssl_heur_subdissector_list = register_heur_dissector_list("tls", proto_tls); - ssl_common_register_ssl_alpn_dissector_table("ssl.handshake.extensions_alpn_str", + ssl_common_register_ssl_alpn_dissector_table("tls.handshake.extensions_alpn_str", "SSL/TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs", - proto_ssl); + proto_tls); - ssl_handle = register_dissector("ssl", dissect_ssl, proto_ssl); + tls_handle = register_dissector("tls", dissect_ssl, proto_tls); register_init_routine(ssl_init); register_cleanup_routine(ssl_cleanup); @@ -4659,11 +4660,11 @@ proto_register_ssl(void) register_decode_as(&ssl_da); /* XXX: this seems unused due to new "Follow SSL" method, remove? */ - ssl_tap = register_tap("ssl"); + tls_tap = register_tap("tls"); ssl_debug_printf("proto_register_ssl: registered tap %s:%d\n", - "ssl", ssl_tap); + "tls", tls_tap); - register_follow_stream(proto_ssl, "ssl", tcp_follow_conv_filter, tcp_follow_index_filter, tcp_follow_address_filter, + register_follow_stream(proto_tls, "tls", tcp_follow_conv_filter, tcp_follow_index_filter, tcp_follow_address_filter, tcp_port_to_display, ssl_follow_tap_listener); } @@ -4706,22 +4707,22 @@ proto_reg_handoff_ssl(void) exported_pdu_tap = find_tap_id(EXPORT_PDU_TAP_NAME_LAYER_7); /* Certificate Transparency extensions: 2 (Certificate), 5 (OCSP Response) */ - register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.2", dissect_tls_sct_ber, proto_ssl, "SignedCertificateTimestampList"); - register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.5", dissect_tls_sct_ber, proto_ssl, "SignedCertificateTimestampList"); + register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.2", dissect_tls_sct_ber, proto_tls, "SignedCertificateTimestampList"); + register_ber_oid_dissector("1.3.6.1.4.1.11129.2.4.5", dissect_tls_sct_ber, proto_tls, "SignedCertificateTimestampList"); - heur_dissector_add("tcp", dissect_ssl_heur, "SSL/TLS over TCP", "ssl_tcp", proto_ssl, HEURISTIC_ENABLE); + heur_dissector_add("tcp", dissect_ssl_heur, "SSL/TLS over TCP", "tls_tcp", proto_tls, HEURISTIC_ENABLE); } void ssl_dissector_add(guint port, dissector_handle_t handle) { - ssl_association_add("ssl.port", ssl_handle, handle, port, TRUE); + ssl_association_add("tls.port", tls_handle, handle, port, TRUE); } void ssl_dissector_delete(guint port, dissector_handle_t handle) { - ssl_association_remove("ssl.port", ssl_handle, handle, port, TRUE); + ssl_association_remove("tls.port", tls_handle, handle, port, TRUE); } /* diff --git a/epan/dissectors/packet-stun.c b/epan/dissectors/packet-stun.c index cd70cb890b..49a5b0d80a 100644 --- a/epan/dissectors/packet-stun.c +++ b/epan/dissectors/packet-stun.c @@ -1735,7 +1735,7 @@ proto_reg_handoff_stun(void) * SSL/TLS and DTLS Application-Layer Protocol Negotiation (ALPN) * protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "stun.nat-discovery", stun_tcp_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "stun.nat-discovery", stun_tcp_handle); dissector_add_string("dtls.handshake.extensions_alpn_str", "stun.nat-discovery", stun_udp_handle); heur_dissector_add("udp", dissect_stun_heur, "STUN over UDP", "stun_udp", proto_stun, HEURISTIC_ENABLE); diff --git a/epan/dissectors/packet-telnet.c b/epan/dissectors/packet-telnet.c index 2c9b8e04bc..39805762f0 100644 --- a/epan/dissectors/packet-telnet.c +++ b/epan/dissectors/packet-telnet.c @@ -137,7 +137,7 @@ static dissector_handle_t telnet_handle; static dissector_handle_t tn3270_handle; static dissector_handle_t tn5250_handle; -static dissector_handle_t ssl_handle; +static dissector_handle_t tls_handle; /* Some defines for Telnet */ @@ -471,7 +471,7 @@ dissect_starttls_subopt(packet_info *pinfo _U_, const char *optname _U_, tvbuff_ } else if (session->starttls_requested_in < pinfo->num && session->starttls_port != pinfo->srcport) { /* Other side confirms that following data is TLS. */ - ssl_starttls_ack(ssl_handle, pinfo, telnet_handle); + ssl_starttls_ack(tls_handle, pinfo, telnet_handle); } } @@ -2181,7 +2181,7 @@ proto_reg_handoff_telnet(void) dissector_add_uint_with_preference("tcp.port", TCP_PORT_TELNET, telnet_handle); tn3270_handle = find_dissector_add_dependency("tn3270", proto_telnet); tn5250_handle = find_dissector_add_dependency("tn5250", proto_telnet); - ssl_handle = find_dissector("ssl"); + tls_handle = find_dissector("tls"); } /* diff --git a/epan/dissectors/packet-turnchannel.c b/epan/dissectors/packet-turnchannel.c index e3c2f364f4..313b4f3f7c 100644 --- a/epan/dissectors/packet-turnchannel.c +++ b/epan/dissectors/packet-turnchannel.c @@ -206,7 +206,7 @@ proto_reg_handoff_turnchannel(void) * SSL/TLS and DTLS Application-Layer Protocol Negotiation (ALPN) * protocol ID. */ - dissector_add_string("ssl.handshake.extensions_alpn_str", "stun.turn", turnchannel_tcp_handle); + dissector_add_string("tls.handshake.extensions_alpn_str", "stun.turn", turnchannel_tcp_handle); dissector_add_string("dtls.handshake.extensions_alpn_str", "stun.turn", turnchannel_udp_handle); /* TURN negotiation is handled through STUN2 dissector (packet-stun.c), diff --git a/epan/dissectors/packet-xmpp-core.c b/epan/dissectors/packet-xmpp-core.c index 5ff85a83cf..add7392f99 100644 --- a/epan/dissectors/packet-xmpp-core.c +++ b/epan/dissectors/packet-xmpp-core.c @@ -718,7 +718,7 @@ xmpp_proceed(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, } ssl_proceed = - ssl_starttls_ack(find_dissector("ssl"), pinfo, find_dissector("xmpp")); + ssl_starttls_ack(find_dissector("tls"), pinfo, find_dissector("xmpp")); if (ssl_proceed > 0 && ssl_proceed != pinfo->num) { expert_add_info_format(pinfo, proceed_item, &ei_xmpp_proceed_already_in_frame, "Already saw PROCEED in frame %u", ssl_proceed); |