osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

TLS: add mechanism to set the TLS appdata protocol 

For use by EAP-TTLS which embeds TLS.

Change-Id: I4770d03f912dd75f92878dd74ad830ebb7eb1431
Reviewed-on: https://code.wireshark.org/review/34311
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Peter Wu 2019-08-15 01:30:00 +01:00 committed by Anders Broman
parent e5a052fb39
commit 9ad4f907e8
3 changed files with 40 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/libwireshark0.symbols vendored
View File

@ -1646,6 +1646,7 @@ libwireshark.so.0 libwireshark0 #MINVER#
timestamp_set_precision@Base 1.9.1 timestamp_set_precision@Base 1.9.1
timestamp_set_seconds_type@Base 1.9.1 timestamp_set_seconds_type@Base 1.9.1
timestamp_set_type@Base 1.9.1 timestamp_set_type@Base 1.9.1
tls_set_appdata_dissector@Base 3.1.1
tmp_color_filters_used@Base 2.1.0 tmp_color_filters_used@Base 2.1.0
trans2_cmd_vals_ext@Base 1.9.1 trans2_cmd_vals_ext@Base 1.9.1
tree_expanded@Base 1.12.0~rc1 tree_expanded@Base 1.12.0~rc1

20
epan/dissectors/packet-tls-utils.c
View File

@ -4441,6 +4441,22 @@ static void ssl_reset_session(SslSession *session, SslDecryptSession *ssl, gbool
} }
} }
void
tls_set_appdata_dissector(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle)
{
conversation_t *conversation;
SslSession *session;
/* Ignore if the TLS or other dissector is disabled. */
if (!tls_handle || !app_handle)
return;
conversation = find_or_create_conversation(pinfo);
session = &ssl_get_session(conversation, tls_handle)->session;
session->app_handle = app_handle;
}
static guint32 static guint32
ssl_starttls(dissector_handle_t tls_handle, packet_info *pinfo, ssl_starttls(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle, guint32 last_nontls_frame) dissector_handle_t app_handle, guint32 last_nontls_frame)
@ -4477,9 +4493,9 @@ ssl_starttls(dissector_handle_t tls_handle, packet_info *pinfo,
/* TLS starts after this frame. */ /* TLS starts after this frame. */
session->last_nontls_frame = last_nontls_frame; session->last_nontls_frame = last_nontls_frame;
return 0; return 0;
} /* }}} */ }
/* ssl_starttls_ack: mark future frames as encrypted. {{{ */ /* ssl_starttls_ack: mark future frames as encrypted. */
guint32 guint32
ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo, ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle) dissector_handle_t app_handle)

31
epan/dissectors/packet-tls-utils.h
View File

@ -509,38 +509,49 @@ gchar* ssl_association_info(const char* dissector_table_name, const char* table_
/** Retrieve a SslSession, creating it if it did not already exist. /** Retrieve a SslSession, creating it if it did not already exist.
* @param conversation The SSL conversation. * @param conversation The SSL conversation.
* @param ssl_handle The dissector handle for SSL or DTLS. * @param tls_handle The dissector handle for SSL or DTLS.
*/ */
extern SslDecryptSession * extern SslDecryptSession *
ssl_get_session(conversation_t *conversation, dissector_handle_t ssl_handle); ssl_get_session(conversation_t *conversation, dissector_handle_t tls_handle);
/** Set server address and port */ /** Set server address and port */
extern void extern void
ssl_set_server(SslSession *session, address *addr, port_type ptype, guint32 port); ssl_set_server(SslSession *session, address *addr, port_type ptype, guint32 port);
/** Marks this packet as the last one before switching to SSL that is supposed /** Sets the application data protocol dissector. Intended to be called by
* to encapsulate this protocol. * protocols that encapsulate TLS instead of switching to it using STARTTLS.
* @param ssl_handle The dissector handle for SSL or DTLS. * @param tls_handle The dissector handle for TLS or DTLS.
* @param pinfo Packet Info. * @param pinfo Packet Info.
* @param app_handle Dissector handle for the protocol inside the decrypted * @param app_handle Dissector handle for the protocol inside the decrypted
* Application Data record. * Application Data record.
* @return 0 for the first STARTTLS acknowledgement (success) or if ssl_handle */
WS_DLL_PUBLIC void
tls_set_appdata_dissector(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle);
/** Marks this packet as the last one before switching to SSL that is supposed
* to encapsulate this protocol.
* @param tls_handle The dissector handle for SSL or DTLS.
* @param pinfo Packet Info.
* @param app_handle Dissector handle for the protocol inside the decrypted
* Application Data record.
* @return 0 for the first STARTTLS acknowledgement (success) or if tls_handle
* is NULL. >0 if STARTTLS was started before. * is NULL. >0 if STARTTLS was started before.
*/ */
WS_DLL_PUBLIC guint32 WS_DLL_PUBLIC guint32
ssl_starttls_ack(dissector_handle_t ssl_handle, packet_info *pinfo, ssl_starttls_ack(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle); dissector_handle_t app_handle);
/** Marks this packet as belonging to an SSL conversation started with STARTTLS. /** Marks this packet as belonging to an SSL conversation started with STARTTLS.
* @param ssl_handle The dissector handle for SSL or DTLS. * @param tls_handle The dissector handle for SSL or DTLS.
* @param pinfo Packet Info. * @param pinfo Packet Info.
* @param app_handle Dissector handle for the protocol inside the decrypted * @param app_handle Dissector handle for the protocol inside the decrypted
* Application Data record. * Application Data record.
* @return 0 for the first STARTTLS acknowledgement (success) or if ssl_handle * @return 0 for the first STARTTLS acknowledgement (success) or if tls_handle
* is NULL. >0 if STARTTLS was started before. * is NULL. >0 if STARTTLS was started before.
*/ */
WS_DLL_PUBLIC guint32 WS_DLL_PUBLIC guint32
ssl_starttls_post_ack(dissector_handle_t ssl_handle, packet_info *pinfo, ssl_starttls_post_ack(dissector_handle_t tls_handle, packet_info *pinfo,
dissector_handle_t app_handle); dissector_handle_t app_handle);
extern dissector_handle_t extern dissector_handle_t