osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Enhance dissection of the NewSessionTicket handshake message. 

svn path=/trunk/; revision=43304
This commit is contained in:
Sake Blok 2012-06-17 11:30:25 +00:00
parent e058a65c17
commit 3bbb0d3bc6
2 changed files with 158 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

159
epan/dissectors/packet-dtls.c
View File

@ -117,6 +117,9 @@ static gint hf_dtls_handshake_extensions_len = -1;
static gint hf_dtls_handshake_extension_type = -1;
static gint hf_dtls_handshake_extension_len = -1;
static gint hf_dtls_handshake_extension_data = -1;
static gint hf_dtls_handshake_session_ticket_lifetime_hint = -1;
static gint hf_dtls_handshake_session_ticket_len = -1;
static gint hf_dtls_handshake_session_ticket = -1;
static gint hf_dtls_handshake_certificates_len = -1;
static gint hf_dtls_handshake_certificates = -1;
static gint hf_dtls_handshake_certificate = -1;
@ -160,6 +163,7 @@ static gint ett_dtls_heartbeat = -1;
static gint ett_dtls_cipher_suites = -1;
static gint ett_dtls_comp_methods = -1;
static gint ett_dtls_extension = -1;
static gint ett_dtls_new_ses_ticket = -1;
static gint ett_dtls_certs = -1;
static gint ett_dtls_cert_types = -1;
static gint ett_dtls_dnames = -1;
@ -331,15 +335,19 @@ static void dissect_dtls_hnd_cli_hello(tvbuff_t *tvb,
guint32 offset, guint32 length,
SslDecryptSession* ssl);
static int dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset, guint32 length,
SslDecryptSession* ssl);
static int dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset,
SslDecryptSession* ssl);
static int dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
static void dissect_dtls_hnd_new_ses_ticket(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset, guint32 length,
SslDecryptSession* ssl);
guint32 offset, guint32 length);
static void dissect_dtls_hnd_cert(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, packet_info *pinfo);
@ -1336,16 +1344,16 @@ dissect_dtls_handshake(tvbuff_t *tvb, packet_info *pinfo,
dissect_dtls_hnd_cli_hello(sub_tvb, ssl_hand_tree, 0, length, ssl);
break;
case SSL_HND_SERVER_HELLO:
dissect_dtls_hnd_srv_hello(sub_tvb, ssl_hand_tree, 0, length, ssl);
break;
case SSL_HND_HELLO_VERIFY_REQUEST:
dissect_dtls_hnd_hello_verify_request(sub_tvb, ssl_hand_tree, 0, ssl);
break;
case SSL_HND_NEWSESSION_TICKET:
/* Content depends on implementation, so nothing to do! */
break;
case SSL_HND_SERVER_HELLO:
dissect_dtls_hnd_srv_hello(sub_tvb, ssl_hand_tree, 0, length, ssl);
dissect_dtls_hnd_new_ses_ticket(sub_tvb, ssl_hand_tree, 0, length);
break;
case SSL_HND_CERTIFICATE:
@ -1801,52 +1809,6 @@ dissect_dtls_hnd_cli_hello(tvbuff_t *tvb,
}
}
static int
dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb, proto_tree *tree,
guint32 offset, SslDecryptSession* ssl)
{
/*
* struct {
* ProtocolVersion server_version;
* opaque cookie<0..32>;
* } HelloVerifyRequest;
*/
guint8 cookie_length;
if (tree || ssl)
{
/* show the client version */
if (tree)
proto_tree_add_item(tree, hf_dtls_handshake_server_version, tvb,
offset, 2, ENC_BIG_ENDIAN);
offset += 2;
/* look for a cookie */
cookie_length = tvb_get_guint8(tvb, offset);
if (!tree)
return offset;
proto_tree_add_uint(tree, hf_dtls_handshake_cookie_len,
tvb, offset, 1, cookie_length);
offset ++; /* skip opaque length */
if (cookie_length > 0)
{
proto_tree_add_bytes_format(tree, hf_dtls_handshake_cookie,
tvb, offset, cookie_length,
NULL, "Cookie (%u byte%s)",
cookie_length,
plurality(cookie_length, "", "s"));
offset += cookie_length;
}
}
return offset;
}
static int
dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 length, SslDecryptSession* ssl)
@ -1936,6 +1898,79 @@ dissect_dtls_hnd_srv_hello(tvbuff_t *tvb,
return offset;
}
static int
dissect_dtls_hnd_hello_verify_request(tvbuff_t *tvb, proto_tree *tree,
guint32 offset, SslDecryptSession* ssl)
{
/*
* struct {
* ProtocolVersion server_version;
* opaque cookie<0..32>;
* } HelloVerifyRequest;
*/
guint8 cookie_length;
if (tree || ssl)
{
/* show the client version */
if (tree)
proto_tree_add_item(tree, hf_dtls_handshake_server_version, tvb,
offset, 2, ENC_BIG_ENDIAN);
offset += 2;
/* look for a cookie */
cookie_length = tvb_get_guint8(tvb, offset);
if (!tree)
return offset;
proto_tree_add_uint(tree, hf_dtls_handshake_cookie_len,
tvb, offset, 1, cookie_length);
offset ++; /* skip opaque length */
if (cookie_length > 0)
{
proto_tree_add_bytes_format(tree, hf_dtls_handshake_cookie,
tvb, offset, cookie_length,
NULL, "Cookie (%u byte%s)",
cookie_length,
plurality(cookie_length, "", "s"));
offset += cookie_length;
}
}
return offset;
}
static void
dissect_dtls_hnd_new_ses_ticket(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 length)
{
guint nst_len;
proto_item *ti;
proto_tree *subtree;
nst_len = tvb_get_ntohs(tvb, offset+4);
if (6 + nst_len != length) {
return;
}
ti = proto_tree_add_text(tree, tvb, offset, 6+nst_len, "TLS Session Ticket");
subtree = proto_item_add_subtree(ti, ett_dtls_new_ses_ticket);
proto_tree_add_item(subtree, hf_dtls_handshake_session_ticket_lifetime_hint,
tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_uint(subtree, hf_dtls_handshake_session_ticket_len,
tvb, offset, 2, nst_len);
/* Content depends on implementation, so just show data! */
proto_tree_add_item(subtree, hf_dtls_handshake_session_ticket,
tvb, offset + 2, nst_len, ENC_NA);
}
static void
dissect_dtls_hnd_cert(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, packet_info *pinfo)
@ -2453,6 +2488,21 @@ proto_register_dtls(void)
FT_BYTES, BASE_NONE, NULL, 0x0,
"Hello Extension data", HFILL }
},
{ &hf_dtls_handshake_session_ticket_lifetime_hint,
{ "Session Ticket Lifetime Hint", "dtls.handshake.session_ticket_lifetime_hint",
FT_UINT32, BASE_DEC, NULL, 0x0,
"New DTLS Session Ticket Lifetime Hint", HFILL }
},
{ &hf_dtls_handshake_session_ticket_len,
{ "Session Ticket Length", "dtls.handshake.session_ticket_length",
FT_UINT16, BASE_DEC, NULL, 0x0,
"New DTLS Session Ticket Length", HFILL }
},
{ &hf_dtls_handshake_session_ticket,
{ "Session Ticket", "dtls.handshake.session_ticket",
FT_BYTES, BASE_NONE, NULL, 0x0,
"New DTLS Session Ticket", HFILL }
},
{ &hf_dtls_handshake_certificates_len,
{ "Certificates Length", "dtls.handshake.certificates_length",
FT_UINT24, BASE_DEC, NULL, 0x0,
@ -2609,6 +2659,7 @@ proto_register_dtls(void)
&ett_dtls_cipher_suites,
&ett_dtls_comp_methods,
&ett_dtls_extension,
&ett_dtls_new_ses_ticket,
&ett_dtls_certs,
&ett_dtls_cert_types,
&ett_dtls_dnames,

54
epan/dissectors/packet-ssl.c
View File

@ -180,6 +180,9 @@ static gint hf_ssl_handshake_extension_server_name_len = -1;
static gint hf_ssl_handshake_extension_server_name_list_len = -1;
static gint hf_ssl_handshake_extension_server_name_type = -1;
static gint hf_ssl_handshake_extension_server_name = -1;
static gint hf_ssl_handshake_session_ticket_lifetime_hint = -1;
static gint hf_ssl_handshake_session_ticket_len = -1;
static gint hf_ssl_handshake_session_ticket = -1;
static gint hf_ssl_handshake_certificates_len = -1;
static gint hf_ssl_handshake_certificates = -1;
static gint hf_ssl_handshake_certificate = -1;
@ -289,6 +292,7 @@ static gint ett_ssl_sig_hash_algs = -1;
static gint ett_ssl_sig_hash_alg = -1;
static gint ett_ssl_dnames = -1;
static gint ett_ssl_random = -1;
static gint ett_ssl_new_ses_ticket = -1;
static gint ett_ssl_keyex_params = -1;
static gint ett_ssl_cert_status = -1;
static gint ett_ssl_ocsp_resp = -1;
@ -505,6 +509,10 @@ static void dissect_ssl3_hnd_srv_hello(tvbuff_t *tvb,
guint32 offset, guint32 length,
SslDecryptSession* ssl);
static void dissect_ssl3_hnd_new_ses_ticket(tvbuff_t *tvb,
proto_tree *tree,
guint32 offset, guint32 length);
static void dissect_ssl3_hnd_cert(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, packet_info *pinfo);
@ -1966,7 +1974,7 @@ dissect_ssl3_handshake(tvbuff_t *tvb, packet_info *pinfo,
break;
case SSL_HND_NEWSESSION_TICKET:
/* Content depends on implementation, so nothing to do! */
dissect_ssl3_hnd_new_ses_ticket(tvb, ssl_hand_tree, offset, length);
break;
case SSL_HND_CERTIFICATE:
@ -2778,6 +2786,34 @@ no_cipher:
}
}
static void
dissect_ssl3_hnd_new_ses_ticket(tvbuff_t *tvb, proto_tree *tree,
guint32 offset, guint32 length)
{
guint nst_len;
proto_item *ti;
proto_tree *subtree;
nst_len = tvb_get_ntohs(tvb, offset+4);
if (6 + nst_len != length) {
return;
}
ti = proto_tree_add_text(tree, tvb, offset, 6+nst_len, "TLS Session Ticket");
subtree = proto_item_add_subtree(ti, ett_ssl_new_ses_ticket);
proto_tree_add_item(subtree, hf_ssl_handshake_session_ticket_lifetime_hint,
tvb, offset, 4, ENC_BIG_ENDIAN);
offset += 4;
proto_tree_add_uint(subtree, hf_ssl_handshake_session_ticket_len,
tvb, offset, 2, nst_len);
/* Content depends on implementation, so just show data! */
proto_tree_add_item(subtree, hf_ssl_handshake_session_ticket,
tvb, offset + 2, nst_len, ENC_NA);
}
static void
dissect_ssl3_hnd_cert(tvbuff_t *tvb,
proto_tree *tree, guint32 offset, packet_info *pinfo)
@ -5136,6 +5172,21 @@ proto_register_ssl(void)
FT_STRING, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_ssl_handshake_session_ticket_lifetime_hint,
{ "Session Ticket Lifetime Hint", "ssl.handshake.session_ticket_lifetime_hint",
FT_UINT32, BASE_DEC, NULL, 0x0,
"New TLS Session Ticket Lifetime Hint", HFILL }
},
{ &hf_ssl_handshake_session_ticket_len,
{ "Session Ticket Length", "ssl.handshake.session_ticket_length",
FT_UINT16, BASE_DEC, NULL, 0x0,
"New TLS Session Ticket Length", HFILL }
},
{ &hf_ssl_handshake_session_ticket,
{ "Session Ticket", "ssl.handshake.session_ticket",
FT_BYTES, BASE_NONE, NULL, 0x0,
"New TLS Session Ticket", HFILL }
},
{ &hf_ssl_handshake_certificates_len,
{ "Certificates Length", "ssl.handshake.certificates_length",
FT_UINT24, BASE_DEC, NULL, 0x0,
@ -5585,6 +5636,7 @@ proto_register_ssl(void)
&ett_ssl_sig_hash_alg,
&ett_ssl_dnames,
&ett_ssl_random,
&ett_ssl_new_ses_ticket,
&ett_ssl_keyex_params,
&ett_ssl_cert_status,
&ett_ssl_ocsp_resp,