| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Decrypted TLS records must be stored in a single SslPacketInfo or else
plaintext will go missing (in Follow SSL or when subdissectors need
reassembly). As this structure is currently keyed by the layer number
(pinfo->curr_layer_num) which is changed by call_dissector, it must be
copied and propagated before calling subdissectors.
Change-Id: Ic42ba6c0854154272058f9bf9796e06ad7f94bfd
Fixes: v2.3.0rc0-3740-ge1f84f985e ("Fix Decode As for protocols that may use tunneling.")
Bug: 13885
Reviewed-on: https://code.wireshark.org/review/23190
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The IP address has been unused since 2.0. The port/protocol fields have
become unnecessary since 2.4 with the introduction of Decode As. Do not
require the user to specify these fields if they just want to set the
RSA key file.
In a future version, these three fields will be completely removed.
Change-Id: Iefc5a8778aa1122b76b707018c00b6ec429dc107
Reviewed-on: https://code.wireshark.org/review/22640
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
During the esPcape challenge at SharkFest 2017 US, we had a SSL
decryption challenge. Normally you have to use Decode As to recognize
the custom port number, but the latest development branch has a feature
that automatically recognizes TLS (heuristics dissector).
SSL 2.0 Client Hello messages were however not recognized by this
heuristics which totally broke TLS decryption. Add some very strong
heuristics to detect these. "Mosterd na de maaltijd" :p
Change-Id: I0ac6aa666393335bb191e395faa1d32d3588ded7
Reviewed-on: https://code.wireshark.org/review/22337
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Whenever a SSL preference is set (e.g. through tshark -ossl.psk:x),
proto_reg_handoff_ssl is invoked. This is currently necessary for
registering ports from the RSA keys table, but things like heuristics
dissectors should be registered only once. Fixes warning during tests:
"Protocol Secure Sockets Layer is already registered in "tcp" table
Change-Id: I08fc9da524888e00eea7b0d0df54f3f0a3f08eb5
Fixes: v2.5.0rc0-109-ge815bbb2e6 ("ssl: add heuristics to detect SSL/TLS on non-standard TCP port")
Reviewed-on: https://code.wireshark.org/review/22105
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
TLS is quite easy to identify. When you see prefix "17 03 01"
(Application Data, TLS 1.0) or "15 03 01" (Handshake, TLS 1.0), it is
likely TLS. Rather than requiring manual Decode As, add a heuristic.
Note that the Application Data protocol might still require a manual
Decode As if the ALPN extension is missing or if the protocol (like
HTTP) is not registered as SSL/TLS heuristics dissector.
Change-Id: I2eac2aded821d3fd100bc5627850b936fadb63f7
Ping-Bug: 13743
Reviewed-on: https://code.wireshark.org/review/22083
Reviewed-by: Michael Mann <mmann78@netscape.net>
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Loading PEM and PKCS#11 keys was being done in static functions
in packet-ssl-utils.c. These were moved to wsutil, with prototypes
in a new <wsutil/rsa.h> header. This adds gnutls as optional
dependency to wsutil.
The RSA decryption helper was also moved and is now provided in
<wsutil/wsgcrypt.h>.
This allows more dissectors to access this functionality.
Change-Id: I6cfbbf5203f2881c82bad721747834ccd76e2033
Reviewed-on: https://code.wireshark.org/review/21941
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Store SslPacketInfo under the same key as used by p_get_proto_data and
pass this data to the Follow SSL tap.
Change-Id: If9b97d0e0e2a82562abe6cb9e61986744680066d
Fixes: v2.3.0rc0-3740-ge1f84f985e ("Fix Decode As for protocols that may use tunneling.")
Reviewed-on: https://code.wireshark.org/review/21893
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Dissectors that rely on pinfo structure information may have the
data overwritten if the data is tunneled. Address it by using
proto data that is based on pinfo->curr_layer_num.
Bug: 13746
Change-Id: I1c29f26a3c49f368876f0e96908705bc9c099ce1
Reviewed-on: https://code.wireshark.org/review/21559
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This was inspired by using the Decode-As UI to decode Field "SSL TCP Dissector"
Value (port) XXX as YYY. "SSL Port" makes more sense as the UI name.
Change-Id: Id6398a5dc79e32bddc4f1bfcf0a468ae1364808f
Reviewed-on: https://code.wireshark.org/review/19573
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
checkAPIs.pl doesn't like tvb_get_* parameters because it thinks
proto_tree_add_item should be used. This is just to pacify the check.
Change-Id: If40728bcdf5558c351999057321ffba5d802c7c7
Reviewed-on: https://code.wireshark.org/review/21694
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The handshake_messages for extended master secret start at Client Hello
and end at ClientKeyExchange. Previously all handshake messages in a
record would be hashed, possibly covering those after CKE. Now it will
hash each handshake message separately.
For DTLS, the CH and HVR messages must also be ignored. Additionally,
DTLS needs special treatment to merge multiple fragments.
Bug: 13704
Change-Id: I0c8f19b4c352c0195848ded319b6991d76542720
Reviewed-on: https://code.wireshark.org/review/21625
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
This is a breaking change.
prefs_register_filename_preference hasn't been differentiating
between files to be saved and ones to be opened.
On GTK, a neutral dialog is used, so no problems there.
On Qt, a save dialog has been always used, even in dissectors that
were reading configuration files without modification.
prefs_register_filename_preference now takes an argument to indicate
whether UI could be a save dialog with a warning on overwriting
a file, or whether it's a general purpose open file dialog.
Qt now does this. Previously no warning was shown on overwriting a file,
so it may be used for opening files too without irritating the user.
This has been changed, as non-destructive reads should now use
the open dialog.
Dissectors were changed accordingly.
Change-Id: I9087fefa5ee7ca58de0775d4fe2c0fdcfa3a3018
Reviewed-on: https://code.wireshark.org/review/21086
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change from col_append_sep_fstr() to col_append_sep_str() when
appending strings without formatting.
Change-Id: I315aca9b815c204a5bc78f7326402c40d1325f0e
Reviewed-on: https://code.wireshark.org/review/20846
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Always prefix Info column entries with comma if the column is
not empty.
Bug: 13539
Change-Id: I47b43841b092671fe5a74c99ec8aaa15f144bced
Reviewed-on: https://code.wireshark.org/review/20844
Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
It changed from an alert to a handshake message.
Change-Id: Ic24776e612a291153290543ba1ec8680d9d74264
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20586
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The encrypted "Finished" message was wrongly decoded as two
"HelloRequest" messages due to the presence of GCM nonce.
Bug: 10235
Change-Id: I44f9bb5d927ac0d3c604e4125034cd34981d3943
Reviewed-on: https://code.wireshark.org/review/20119
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Pascal Quantin <pascal.quantin@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Adds support for dissecting the Signed Certificate Timestamp List
in the TLS Hello, X.509v3 Certificate and OCSP Response extensions.
Tested with tls-sct.pcap (TLS extension, OCSP) and x509-sct.pcap (cert).
Bug: 13372
Change-Id: I127dbf5cfe9a8dd9ed13741322273c4841b0f582
Reviewed-on: https://code.wireshark.org/review/20110
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Refactor DigitallySigned dissection to return the length and make it
accept a version integer instead of Session pointer. Hopefully this
makes it easier to use the routine for SCT dissection in X.509 certs.
While at it, convert it to use ssl_add_vector.
Change-Id: I64afecc65ff597fda50d208d8f96ca0b97bfcbde
Reviewed-on: https://code.wireshark.org/review/20111
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Process NewSessionTicket and CertificateRequest extensions for TLS 1.3.
CertificateExtension in draft -18 is replaced by Extension in the next
draft, so anticipate for that and start decoding this extensions vector.
Rename ssl_dissect_hnd_hello_ext to reflect extended functionality.
(Certificate Extensions SCT is still not dissected though, but at least
OCSP (status_request(_v2)) is supported now.)
Change-Id: I3cae58dbde600e82598b3c2f8e29e92e38cd1db1
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20104
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The plaintext length is limited to 2^14, but the actual record length
(TLSCiphertext) may be larger due to expansion from compression and the
cipher (like AEAD auth tags). The wrong check led to false expert infos.
Change-Id: I3a56f1b0af05ecc1d97c4f1f0bcf35ff4d0fad42
Fixes: v2.3.0rc0-1584-gff0371e898 ("ssl,dtls: add expert info for overly large record lengths")
Reviewed-on: https://code.wireshark.org/review/20099
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Jaap Keuter <jaap.keuter@xs4all.nl>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Removed all guards for HAVE_LIBGCRYPT, change autotools and CMake to
error out if it is not available. Update release notes, developer
documentation and README with the new status. Clarify relation with
GnuTLS in macosx-setup.sh. Install Libgcrypt via brew script.
Motivation for this change is that many dissectors depend on Libgcrypt
and having it optional increases the maintenance burden (there have been
several compile issues in the past due to the optional status).
Furthermore, wsutil has crypto code that can be replaced by Libgcrypt.
Change-Id: Idf0021b8c4cd5db70b8766f7dcc2a8b3acbf042f
Link: https://www.wireshark.org/lists/wireshark-dev/201702/msg00011.html
Reviewed-on: https://code.wireshark.org/review/20030
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Generate new key upon receipt of Key Update message. Untested.
Note that the "traffic_secret" field in SslDecryptSession was unused and
since the client and server have two different encryption states, store
the application traffic secret in SslDecoder.
Change-Id: Iefca3f6cb75745a996fecb0fe7769c876dc9c4ee
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/20013
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Actual decryption support will be added later.
Ping-Bug: 12779
Change-Id: I3ff1f243fd0bd1467e84d8a6a5433c1fe71bbebf
Reviewed-on: https://code.wireshark.org/review/20012
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
This also introduces a new macro, "G_MAXUINT24" as symbol for 2^24-1
(this name does not exist in GLib and uncommon in Google).
Change-Id: If000f41f6286161e3a7697357fc33ae16c1e11db
Reviewed-on: https://code.wireshark.org/review/20003
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Select the full message instead of just the first 12 bytes (as was the
case in previous TLS versions. No check is added since it is too much
work for little gain (it would require looking up the hash length for
the cipher suite).
Change-Id: Iea13d5abe6a7e55b04fabacfa8919a02acd8517d
Reviewed-on: https://code.wireshark.org/review/20011
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Change "length" to "offset_end" parameter for consistency. Clarify
applicable TLS version in comments. Remove unnecessary check for length.
Change-Id: Icdc7edff9c8fdaf4c7d7349f65fed42f5344f2c3
Reviewed-on: https://code.wireshark.org/review/20001
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Use ssl_add_vector to process DTLS Cookie, cipher_suites,
compression_methods, client_hello_extension_list. Removed some checks
(like cipher_suite_length > 0) since (per specification) these must be
non-empty (if this is not the case, then at worst an empty tree is
visible).
Change-Id: I7ab2ef12e210d5878769478c7dfba33a799fb567
Reviewed-on: https://code.wireshark.org/review/19993
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
The new ticket_age_add field resulted in a dissector exception. With
this fixed, the tls13-18-picotls-earlydata.pcap capture can now be fully
decrypted.
Also add validation for the ticket length (using ssl_add_vector).
Change-Id: I167038f682b47b2d1da020a8f241daaf7af22017
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19992
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Update "early_data" extension to draft 18 (context field is gone).
Add support for "client_early_traffic_secret" to the keylog.
Support decryption of 0-RTT data (required handling cipher in Client
Hello and handling of "end_of_early_data" alert).
Tested with tls13-18-picotls-earlydata.pcap, early data decrypts
correctly. (The server data is messed up, but that is possibly the
result of broken NewSessionTicket handling which throws a dissector
exception and thus breaks the record sequence number.)
Ping-Bug: 12779
Change-Id: I9e6aeeb08111d5d977f2c0ab855f14d6d86ca87d
Reviewed-on: https://code.wireshark.org/review/19989
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
Merge the length parsing into the SignatureAndHashAlgorithm vector
parsing. Remove extra expert info which are replaced by the generic
ones.
Tested with a mutated pcap where the signature length field is off by
one (too large = expert error, too small = expert warning, as expected).
Change-Id: I43350352ae00eb42bbe5c2ee81289fb592b88f86
Reviewed-on: https://code.wireshark.org/review/19933
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
See https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.3.1
Change-Id: I35e049d991be4c242ef2b84db3a322c6a13d2f96
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19860
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Extract the content type and handle padding per
https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-5.2
When TLS 1.3 is detected, rename the "Content Type" field to "Opaque
[Content] Type" and add a new generated field for the content type that
was extracted from the decrypted contents.
Change-Id: I149a5d7e2493dded6e2c0190e170fa350f76466e
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19859
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
The bare essentials are now in place to perform decryption
(HKDF-Expand-Label, calculation of traffic secrets, AEAD integration).
Can successfully decrypt the initial handshake message. Only AES ciphers
are supported, ChaCha20-Poly1305 still needs to be added.
Note: "decryption" indeed works, but dissection needs to be updated. The
padding must be stripped and the content type extracted.
Ping-Bug: 12779
Change-Id: I3869c9ae5131e57519be99c5f439c4fa68841bae
Reviewed-on: https://code.wireshark.org/review/19858
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The current ssl_decrypt_record is hard to understand due to mixing CBC
concepts (MAC, padding) with AEAD. Extract the AEAD functionality and
use better variable naming.
The "Plaintext" debug print now includes just the plaintext (the auth
tag is stripped). A write_iv.data_len check is added just to be sure and
more prep work is done for auth tag validation and TLS 1.3 support.
Tested against the (D)TLS AEAD tests on Libgcrypt 1.4.5 (CentOS 6),
1.6.5 (Ubuntu 14.04), 1.7.6 (Arch Linux). Compile-tested w/o Libgcrypt.
Change-Id: I94dd2fd70e1281d85c954abfe523f7483d9ac68b
Reviewed-on: https://code.wireshark.org/review/19852
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
The record sequence number is 64-bit, not 32-bit. This applies to all
SSLv3/TLS/DTLS versions. Without this fix, after about four million
records, the wrong MAC is calculated (for TLS 1.2) or decryption will
fail (for TLS 1.3).
Change-Id: I05e5e8bc4229ac443a1b06c5fe984fb885eab1ca
Reviewed-on: https://code.wireshark.org/review/19824
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Register all reassembly tables with a central unit, allowing the
central unit to have the callback that initializes and destroys
the reassembly tables, rather than have dissectors do it individually.
Change-Id: Ic92619c06fb5ba6f1c3012f613cae14982e101d4
Reviewed-on: https://code.wireshark.org/review/19834
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
This will also avoid invoking ssl_finalize_decryption which will not be
used for TLS 1.3.
Change-Id: I958508276488764ad1a82e6412504bcd72f3b995
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19823
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Previously there was a distinction between decrypted handshake
Application Data records ("Decrypted SSL data") and some others (like
Alerts, Handshake and Heartbeat, "Decrypted SSL record"). Remove this
distinction and always decrypt the payload before passing it on and
always display a data sources for decrypted contents ("Decrypted SSL").
This is prepatory work for TLS 1.3 support where the content type is
located in the encrypted record, having the record decryption in one
place makes it easier to adapt.
Change-Id: I92c51c7f9e87e5c93231d28c39a8e896f5afd1ef
Ping-Bug: 12779
Reviewed-on: https://code.wireshark.org/review/19789
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Change-Id: I785db404969f89a3f90eddbda5542ee6b676ddb8
Reviewed-on: https://code.wireshark.org/review/19623
Reviewed-by: Pascal Quantin <pascal.quantin@gmail.com>
|
|
This function will free the resources allocated by the caller.
Change-Id: Ib486c14e4fd3c321662fb71f7fd06733ce9a64a4
Reviewed-on: https://code.wireshark.org/review/19375
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
They already know who they are when they register themselves. Saving the
handle then to avoid finding it later.
Not sure if this will increase unnecessary register_dissector functions
(instead of using create_dissector_handle in proto_reg_handoff function)
when other dissectors copy/paste, but it should make startup time
a few microseconds better.
Change-Id: I3839be791b32b84887ac51a6a65fb5733e9f1f43
Reviewed-on: https://code.wireshark.org/review/19481
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
|
|
Decryption support will be added later. Tested with
dtls-srtp-ws-sip.pcapng from the linked bug.
Change-Id: Ida1a2da754ef9aef16ad15ff64455b6f8e703ffd
Ping-Bug: 13193
Reviewed-on: https://code.wireshark.org/review/18996
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
All TLS and DTLS RFCs (and SSLv3) limit the record length to 2^14, so
add expert info if this is exceeded. Spotted in the wild via
https://ask.wireshark.org/questions/57641/tls12-record-length-gt-16k-valid
Tested with a synthetic pcap having length 2^14+1 using Python:
from scapy.all import IP, TCP, UDP, wrpcap
len_plus_frag = b'\x40\x01' + 0x4001 * b'\0'
wrpcap('bad-record-length.pcap', [
IP()/TCP(sport=2000, dport=443)/(b'\x17\x03\x03' + len_plus_frag),
IP()/UDP(sport=2000, dport=853)/(b'\x17\xfe\xfd' + 8*b'\0' + len_plus_frag)
])
Change-Id: I5eac48775333d8d222e013a24a6d06da79892b77
Reviewed-on: https://code.wireshark.org/review/18959
Reviewed-by: Graham Bloice <graham.bloice@trihedral.com>
Petri-Dish: Graham Bloice <graham.bloice@trihedral.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Add also special case on hello key_share extension
Ping-Bug: 12779
Change-Id: Ib8e2dd060f322c2404a8afa9b8cb70de7c2c65b7
Reviewed-on: https://code.wireshark.org/review/18093
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
Change-Id: I947dc83e3b1b853873b5158f234e44ef933c3bcc
Reviewed-on: https://code.wireshark.org/review/17982
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
|
|
There was an implicit dependency between the block size in the cipher
suites table and the size expected by Libgcrypt. Just remove the block
size from the table and rely on the value from Libgcrypt to avoid the
risk of mismatching values (which could lead to a buffer overflow).
While at it, remove the size of the key ("bits") and the size of key
material ("eff_bits") too. Move the key material sizes for export
ciphers away from the table and use byte quantities instead of bits.
Additionally, this fixes an issue where 8 bytes of uninitialized stack
memory is written to the SSL debug log for stream ciphers like RC4.
The size of the Write Key is also corrected for export ciphers, now it
prints the actual (restricted) number of bytes that are used.
Change-Id: I71d3c83ece0f02b2e11e45455dc08c41740836be
Reviewed-on: https://code.wireshark.org/review/17714
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
|
|
The protocol version from a SSL/TLS record contains the minimum
supported SSL/TLS version and is the best guess for Client Hello
handshake messages if no authorative version is available.
By considering the version from the conversation for the initial
col_set_str call, we can also remove some other calls down the road.
Change-Id: I4be25f5c9057ffd0abcea7280d826867c135fed7
Reviewed-on: https://code.wireshark.org/review/17490
Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com>
Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
In a two-pass dissection with renegotiated sessions, the
is_session_resumed flag is not updated according to the current protocol
flow. Fix this by performing detection of abbreviated handshakes in
all cases, do not limit it to the decryption stage (where ssl != NULL).
Reset the resumption assumption after the first ChangeCipherSpec
(normally from the server side, but explicitly add this in case client
packets somehow arrive earlier in the capture). This should not have a
functional effect on normal TLS captures with Session Tickets.
Bug: 12793
Change-Id: I1eb2a8262b4e359b8c1d3d0a1e004a9e856bec8c
Reviewed-on: https://code.wireshark.org/review/17483
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
This name is displayed in the SSL prototcol tree (Application Data
Protocol: http-over-tls), rename to avoid possible user confusion.
Modify the SSL dissector such that both "http" and "http-over-tls"
invoke the same dissector function.
Change-Id: I2d52890a8ec8fa88b6390b133a11df607a5ec3dc
Reviewed-on: https://code.wireshark.org/review/17481
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
|
|
Have all dissector tables have a "supports Decode As" flag, which
defaults to FALSE, and which is set to TRUE if a register_decode_as()
refers to it.
When adding a dissector to a dissector table with a given key, only add
it for Decode As if the dissector table supports it.
For non-FT_STRING dissector tables, always check for multiple entries
for the same protocol with different dissectors, and report an error if
we found them.
This means there's no need for the creator of a dissector table to
specify whether duplicates of that sort should be allowed - we always do
the check when registering something for "Decode As" (in a non-FT_STRING
dissector table), and just don't bother registering anything for "Decode
As" if the dissector table doesn't support "Decode As", so there's no
check done for those dissector tables.
Change-Id: I4a1fdea3bddc2af27a65cfbca23edc99b26c0eed
Reviewed-on: https://code.wireshark.org/review/17402
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
|
