telnet: full START_TLS support

Assumes that the source and destination ports are different (or else some packets may be wrongly dissected as TLS instead of telnet). SSL does something similar. Bug: 11874 Change-Id: Ibf6d3ce2950cb5745c33716db21005cd28bf603b Reviewed-on: https://code.wireshark.org/review/12652 Reviewed-by: Alexis La Goutte <alexis.lagoutte@gmail.com> Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
2015-12-15 14:10:15 +01:00 · 2015-12-15 14:10:15 +01:00 · 4d17b275e7
parent e3dd3f97f1
commit 4d17b275e7
1 changed files with 34 additions and 0 deletions
--- a/epan/dissectors/packet-telnet.c
+++ b/epan/dissectors/packet-telnet.c
@ -31,6 +31,7 @@
 #include <epan/expert.h>
 #include <epan/asn1.h>
 #include "packet-kerberos.h"
+#include "packet-ssl-utils.h"
 #include "packet-tn3270.h"
 #include "packet-tn5250.h"

@ -148,6 +149,7 @@ static dissector_handle_t telnet_handle;

 static dissector_handle_t tn3270_handle;
 static dissector_handle_t tn5250_handle;
+static dissector_handle_t ssl_handle;

 /* Some defines for Telnet */

@ -214,6 +216,11 @@ typedef struct tn_opt {
                                  /* routine to dissect option */
 } tn_opt;

+typedef struct _telnet_conv_info {
+  guint32   starttls_requested_in;  /* Frame of first sender of START_TLS FOLLOWS */
+  guint32   starttls_port;          /* Source port for first sender */
+} telnet_conv_info_t;
+
 static void
 check_tn3270_model(packet_info *pinfo _U_, const char *terminaltype)
 {
@ -254,6 +261,20 @@ check_for_tn3270(packet_info *pinfo _U_, const char *optname, const char *termin
    add_tn5250_conversation(pinfo, 0);
 }

+static telnet_conv_info_t *
+telnet_get_session(packet_info *pinfo)
+{
+  conversation_t        *conversation = find_or_create_conversation(pinfo);
+  telnet_conv_info_t    *telnet_info;
+
+  telnet_info = (telnet_conv_info_t*)conversation_get_proto_data(conversation, proto_telnet);
+  if (!telnet_info) {
+    telnet_info = wmem_new0(wmem_file_scope(), telnet_conv_info_t);
+    conversation_add_proto_data(conversation, proto_telnet, telnet_info);
+  }
+  return telnet_info;
+}
+
 static void
 dissect_string_subopt(packet_info *pinfo, const char *optname, tvbuff_t *tvb, int offset, int len,
                      proto_tree *tree, proto_item *item)
@ -455,7 +476,19 @@ static void
 dissect_starttls_subopt(packet_info *pinfo _U_, const char *optname _U_, tvbuff_t *tvb, int offset,
                       int len _U_, proto_tree *tree, proto_item *item _U_)
 {
+  telnet_conv_info_t *session = telnet_get_session(pinfo);
+
  proto_tree_add_item(tree, hf_telnet_starttls, tvb, offset, 1, ENC_BIG_ENDIAN);
+
+  if (session->starttls_requested_in == 0) {
+    /* First sender (client or server) requesting to start TLS. */
+    session->starttls_requested_in = pinfo->fd->num;
+    session->starttls_port = pinfo->srcport;
+  } else if (session->starttls_requested_in < pinfo->fd->num &&
+      session->starttls_port != pinfo->srcport) {
+    /* Other side confirms that following data is TLS. */
+    ssl_starttls_ack(ssl_handle, pinfo, telnet_handle);
+  }
 }

 static const value_string telnet_outmark_subopt_cmd_vals[] = {
@ -2165,6 +2198,7 @@ proto_reg_handoff_telnet(void)
  dissector_add_uint("tcp.port", TCP_PORT_TELNET, telnet_handle);
  tn3270_handle = find_dissector("tn3270");
  tn5250_handle = find_dissector("tn5250");
+  ssl_handle = find_dissector("ssl");
 }

 /*