SSL/TLS: Add Padding Extension (20)
http://tools.ietf.org/html/draft-agl-tls-padding-03 Change-Id: I181718edf5b5f297aaf2e247524dfce069c90cce Reviewed-on: https://code.wireshark.org/review/1703 Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
7e4b8a1497
commit
57e380af36
|
@ -1101,6 +1101,7 @@ const value_string tls_hello_extension_types[] = {
|
|||
{ 18, "signed_certificate_timestamp" }, /* RFC 6962 */
|
||||
{ 19, "client_certificate_type" }, /* http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11 */
|
||||
{ 20, "server_certificate_type" }, /* http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11 */
|
||||
{ SSL_HND_HELLO_EXT_PADDING, "Padding" }, /* http://tools.ietf.org/html/draft-agl-tls-padding */
|
||||
{ SSL_HND_HELLO_EXT_SESSION_TICKET, "SessionTicket TLS" }, /* RFC 4507 */
|
||||
{ SSL_HND_HELLO_EXT_NPN, "next_protocol_negotiation"}, /* http://technotes.googlecode.com/git/nextprotoneg.html */
|
||||
{ SSL_HND_HELLO_EXT_RENEG_INFO, "renegotiation_info" }, /* RFC 5746 */
|
||||
|
@ -4973,6 +4974,32 @@ ssl_dissect_hnd_hello_ext_server_name(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
|||
return offset;
|
||||
}
|
||||
|
||||
static gint
|
||||
ssl_dissect_hnd_hello_ext_padding(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
||||
proto_tree *tree, guint32 offset, guint32 ext_len)
|
||||
{
|
||||
guint8 padding_length;
|
||||
proto_tree *padding_tree;
|
||||
proto_item *ti;
|
||||
|
||||
if (ext_len == 0) {
|
||||
return offset;
|
||||
}
|
||||
|
||||
ti = proto_tree_add_item(tree, hf->hf.hs_ext_padding_data, tvb, offset, ext_len, ENC_NA);
|
||||
padding_tree = proto_item_add_subtree(ti, hf->ett.hs_ext_padding);
|
||||
|
||||
|
||||
proto_tree_add_item(padding_tree, hf->hf.hs_ext_padding_len, tvb, offset, 2, ENC_NA);
|
||||
padding_length = tvb_get_guint8(tvb, offset);
|
||||
offset += 2;
|
||||
|
||||
proto_tree_add_item(padding_tree, hf->hf.hs_ext_padding_data, tvb, offset, padding_length, ENC_NA);
|
||||
offset += padding_length;
|
||||
|
||||
return offset;
|
||||
}
|
||||
|
||||
static gint
|
||||
ssl_dissect_hnd_hello_ext_session_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb,
|
||||
proto_tree *tree, guint32 offset, guint32 ext_len, gboolean is_client, SslDecryptSession *ssl)
|
||||
|
@ -5272,6 +5299,9 @@ ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *t
|
|||
tvb, offset, 1, ENC_BIG_ENDIAN);
|
||||
offset += ext_len;
|
||||
break;
|
||||
case SSL_HND_HELLO_EXT_PADDING:
|
||||
offset = ssl_dissect_hnd_hello_ext_padding(hf, tvb, ext_tree, offset, ext_len);
|
||||
break;
|
||||
case SSL_HND_HELLO_EXT_SESSION_TICKET:
|
||||
offset = ssl_dissect_hnd_hello_ext_session_ticket(hf, tvb, ext_tree, offset, ext_len, is_client, ssl);
|
||||
break;
|
||||
|
|
|
@ -164,6 +164,7 @@
|
|||
#define SSL_HND_HELLO_EXT_HEARTBEAT 0x000f
|
||||
#define SSL_HND_HELLO_EXT_ALPN 0x0010
|
||||
#define SSL_HND_HELLO_EXT_STATUS_REQUEST_V2 0x0011
|
||||
#define SSL_HND_HELLO_EXT_PADDING 0x0014
|
||||
#define SSL_HND_HELLO_EXT_SESSION_TICKET 0x0023
|
||||
#define SSL_HND_HELLO_EXT_RENEG_INFO 0xff01
|
||||
#define SSL_HND_HELLO_EXT_NPN 0x3374
|
||||
|
@ -614,6 +615,9 @@ typedef struct ssl_common_dissect {
|
|||
gint hs_ext_server_name_len;
|
||||
gint hs_ext_server_name_list_len;
|
||||
gint hs_ext_server_name_type;
|
||||
gint hs_ext_padding;
|
||||
gint hs_ext_padding_len;
|
||||
gint hs_ext_padding_data;
|
||||
gint hs_ext_type;
|
||||
gint hs_sig_hash_alg;
|
||||
gint hs_sig_hash_alg_len;
|
||||
|
@ -629,6 +633,7 @@ typedef struct ssl_common_dissect {
|
|||
gint hs_ext_npn;
|
||||
gint hs_ext_reneg_info;
|
||||
gint hs_ext_server_name;
|
||||
gint hs_ext_padding;
|
||||
gint hs_sig_hash_alg;
|
||||
gint hs_sig_hash_algs;
|
||||
gint urlhash;
|
||||
|
@ -654,10 +659,10 @@ ssl_common_dissect_t name = { \
|
|||
/* hf */ { \
|
||||
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
||||
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
||||
-1, -1, -1, -1, -1, \
|
||||
-1, -1, -1, -1, -1, -1, -1, -1, \
|
||||
}, \
|
||||
/* ett */ { \
|
||||
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
||||
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
|
||||
}, \
|
||||
/* ei */ { \
|
||||
EI_INIT, \
|
||||
|
@ -765,6 +770,21 @@ ssl_common_dissect_t name = { \
|
|||
FT_STRING, BASE_NONE, NULL, 0x0, \
|
||||
NULL, HFILL } \
|
||||
}, \
|
||||
{ & name .hf.hs_ext_padding, \
|
||||
{ "Padding", prefix ".handshake.extensions_padding", \
|
||||
FT_NONE, BASE_NONE, NULL, 0x0, \
|
||||
NULL, HFILL } \
|
||||
}, \
|
||||
{ & name .hf.hs_ext_padding_len, \
|
||||
{ "Padding length", prefix ".handshake.extensions_padding_len", \
|
||||
FT_UINT16, BASE_DEC, NULL, 0x0, \
|
||||
"Length of Padding", HFILL } \
|
||||
}, \
|
||||
{ & name .hf.hs_ext_padding_data, \
|
||||
{ "Padding Data", prefix ".handshake.extensions_padding_data", \
|
||||
FT_BYTES, BASE_NONE, NULL, 0x0, \
|
||||
"Must be zero", HFILL } \
|
||||
}, \
|
||||
{ & name .hf.hs_ext_cert_url_type, \
|
||||
{ "Certificate Chain Type", prefix ".handshake.cert_url_type", \
|
||||
FT_UINT8, BASE_DEC, VALS(tls_cert_chain_type), 0x0, \
|
||||
|
|
Loading…
Reference in New Issue