osmocom
/
wireshark
14
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

SSL/TLS: Add Padding Extension (20) 

http://tools.ietf.org/html/draft-agl-tls-padding-03

Change-Id: I181718edf5b5f297aaf2e247524dfce069c90cce
Reviewed-on: https://code.wireshark.org/review/1703
Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
Alexis La Goutte 2014-05-20 18:54:17 +02:00 committed by Anders Broman
parent 7e4b8a1497
commit 57e380af36
2 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
epan/dissectors/packet-ssl-utils.c
View File

@ -1101,6 +1101,7 @@ const value_string tls_hello_extension_types[] = {
{ 18, "signed_certificate_timestamp" }, /* RFC 6962 */
{ 19, "client_certificate_type" }, /* http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11 */
{ 20, "server_certificate_type" }, /* http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-11 */
{ SSL_HND_HELLO_EXT_PADDING, "Padding" }, /* http://tools.ietf.org/html/draft-agl-tls-padding */
{ SSL_HND_HELLO_EXT_SESSION_TICKET, "SessionTicket TLS" }, /* RFC 4507 */
{ SSL_HND_HELLO_EXT_NPN, "next_protocol_negotiation"}, /* http://technotes.googlecode.com/git/nextprotoneg.html */
{ SSL_HND_HELLO_EXT_RENEG_INFO, "renegotiation_info" }, /* RFC 5746 */
@ -4973,6 +4974,32 @@ ssl_dissect_hnd_hello_ext_server_name(ssl_common_dissect_t *hf, tvbuff_t *tvb,
return offset;
}
static gint
ssl_dissect_hnd_hello_ext_padding(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 ext_len)
{
guint8 padding_length;
proto_tree *padding_tree;
proto_item *ti;
if (ext_len == 0) {
return offset;
}
ti = proto_tree_add_item(tree, hf->hf.hs_ext_padding_data, tvb, offset, ext_len, ENC_NA);
padding_tree = proto_item_add_subtree(ti, hf->ett.hs_ext_padding);
proto_tree_add_item(padding_tree, hf->hf.hs_ext_padding_len, tvb, offset, 2, ENC_NA);
padding_length = tvb_get_guint8(tvb, offset);
offset += 2;
proto_tree_add_item(padding_tree, hf->hf.hs_ext_padding_data, tvb, offset, padding_length, ENC_NA);
offset += padding_length;
return offset;
}
static gint
ssl_dissect_hnd_hello_ext_session_ticket(ssl_common_dissect_t *hf, tvbuff_t *tvb,
proto_tree *tree, guint32 offset, guint32 ext_len, gboolean is_client, SslDecryptSession *ssl)
@ -5272,6 +5299,9 @@ ssl_dissect_hnd_hello_ext(ssl_common_dissect_t *hf, tvbuff_t *tvb, proto_tree *t
tvb, offset, 1, ENC_BIG_ENDIAN);
offset += ext_len;
break;
case SSL_HND_HELLO_EXT_PADDING:
offset = ssl_dissect_hnd_hello_ext_padding(hf, tvb, ext_tree, offset, ext_len);
break;
case SSL_HND_HELLO_EXT_SESSION_TICKET:
offset = ssl_dissect_hnd_hello_ext_session_ticket(hf, tvb, ext_tree, offset, ext_len, is_client, ssl);
break;

24
epan/dissectors/packet-ssl-utils.h
View File

@ -164,6 +164,7 @@
#define SSL_HND_HELLO_EXT_HEARTBEAT 0x000f
#define SSL_HND_HELLO_EXT_ALPN 0x0010
#define SSL_HND_HELLO_EXT_STATUS_REQUEST_V2 0x0011
#define SSL_HND_HELLO_EXT_PADDING 0x0014
#define SSL_HND_HELLO_EXT_SESSION_TICKET 0x0023
#define SSL_HND_HELLO_EXT_RENEG_INFO 0xff01
#define SSL_HND_HELLO_EXT_NPN 0x3374
@ -614,6 +615,9 @@ typedef struct ssl_common_dissect {
gint hs_ext_server_name_len;
gint hs_ext_server_name_list_len;
gint hs_ext_server_name_type;
gint hs_ext_padding;
gint hs_ext_padding_len;
gint hs_ext_padding_data;
gint hs_ext_type;
gint hs_sig_hash_alg;
gint hs_sig_hash_alg_len;
@ -629,6 +633,7 @@ typedef struct ssl_common_dissect {
gint hs_ext_npn;
gint hs_ext_reneg_info;
gint hs_ext_server_name;
gint hs_ext_padding;
gint hs_sig_hash_alg;
gint hs_sig_hash_algs;
gint urlhash;
@ -654,10 +659,10 @@ ssl_common_dissect_t name = { \
/* hf */ { \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, \
}, \
/* ett */ { \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, \
}, \
/* ei */ { \
EI_INIT, \
@ -765,6 +770,21 @@ ssl_common_dissect_t name = { \
FT_STRING, BASE_NONE, NULL, 0x0, \
NULL, HFILL } \
}, \
{ & name .hf.hs_ext_padding, \
{ "Padding", prefix ".handshake.extensions_padding", \
FT_NONE, BASE_NONE, NULL, 0x0, \
NULL, HFILL } \
}, \
{ & name .hf.hs_ext_padding_len, \
{ "Padding length", prefix ".handshake.extensions_padding_len", \
FT_UINT16, BASE_DEC, NULL, 0x0, \
"Length of Padding", HFILL } \
}, \
{ & name .hf.hs_ext_padding_data, \
{ "Padding Data", prefix ".handshake.extensions_padding_data", \
FT_BYTES, BASE_NONE, NULL, 0x0, \
"Must be zero", HFILL } \
}, \
{ & name .hf.hs_ext_cert_url_type, \
{ "Certificate Chain Type", prefix ".handshake.cert_url_type", \
FT_UINT8, BASE_DEC, VALS(tls_cert_chain_type), 0x0, \