osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

HTTP3: Use NG-HTTP3 to dissect headers. 

All code by Omer Shapira.
Copy of MR #9330 with minor fixes.
This commit is contained in:
Omer Shapira 2023-08-25 15:18:56 +02:00 committed by AndersBroman
parent 80f9a28921
commit 8564c8d525
9 changed files with 250 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
cmake/modules/FindNGHTTP3.cmake Normal file
View File

@ -0,0 +1,62 @@
# Find the system's Nghttp3 includes and library
#
# NGHTTP3_INCLUDE_DIRS - where to find nghttp3.h
# NGHTTP3_LIBRARIES - List of libraries when using nghttp3
# NGHTTP3_FOUND - True if nghttp3 found
# NGHTTP3_DLL_DIR - (Windows) Path to the Nghttp2 DLL
# NGHTTP3_DLL - (Windows) Name of the Nghttp2 DLL
include( FindWSWinLibs )
FindWSWinLibs( "nghttp3-.*" "NGHTTP3_HINTS" )
if( NOT WIN32)
find_package(PkgConfig)
pkg_search_module(NGHTTP3 libnghttp3)
endif()
find_path( NGHTTP3_INCLUDE_DIR
NAMES nghttp3/nghttp3.h
HINTS
"${NGHTTP3_INCLUDEDIR}"
"${NGHTTP3_HINTS}/include"
PATHS /usr/local/include /usr/include
)
find_library( NGHTTP3_LIBRARY
NAMES nghttp3
HINTS
"${NGHTTP3_LIBDIR}"
"${NGHTTP3_HINTS}/lib"
PATHS /usr/local/lib /usr/lib
)
include( FindPackageHandleStandardArgs )
find_package_handle_standard_args( NGHTTP3 DEFAULT_MSG NGHTTP3_LIBRARY NGHTTP3_INCLUDE_DIR )
if( NGHTTP3_FOUND )
set( NGHTTP3_INCLUDE_DIRS ${NGHTTP3_INCLUDE_DIR} )
set( NGHTTP3_LIBRARIES ${NGHTTP3_LIBRARY} )
if (WIN32)
set ( NGHTTP3_DLL_DIR "${NGHTTP3_HINTS}/bin"
CACHE PATH "Path to nghttp3 DLL"
)
file( GLOB _nghttp3_dll RELATIVE "${NGHTTP3_DLL_DIR}"
"${NGHTTP3_DLL_DIR}/nghttp3.dll"
)
set ( NGHTTP3_DLL ${_nghttp3_dll}
CACHE FILEPATH "nghttp3 DLL file name"
)
file( GLOB _nghttp3_pdb RELATIVE "${NGHTTP3_DLL_DIR}"
"${NGHTTP3_DLL_DIR}/nghttp3.pdb"
)
set ( NGHTTP3_PDB ${_nghttp3_pdb}
CACHE FILEPATH "nghttp3 PDB file name"
)
mark_as_advanced( NGHTTP3_DLL_DIR NGHTTP3_DLL NGHTTP3_PDB )
endif()
else()
set( NGHTTP3_INCLUDE_DIRS )
set( NGHTTP3_LIBRARIES )
endif()
mark_as_advanced( NGHTTP3_LIBRARIES NGHTTP3_INCLUDE_DIRS )

103
doc/http3.md Normal file
View File

@ -0,0 +1,103 @@
# Supported features
The HTTP3 dissector is a work in progress.
At the moment, the following aspects of HTTP3 are supported:
- Diseciton of different HTTP3 stream types
- Dissection of different HTTP3 frame types
- Dissection of HTTP header fields
- Dissection of QPACK instructions
In addition, the dissector suports decoding of the HTTP3
header fields. This ability requires `nghttp3` third-party library.
## High-level overview
The HTTP3 dissector is invoked by the QUIC dissector.
The essential call tree:
- `dissect_http3`
Main entry point. Depending on the stream type, invokes one of the following:
- `dissect_http3_uni_stream`
Processes unidirectional streams, including the control streams,
the QPACK encoder/decoder streams, and the HTTP3 server push streams.
NOTE: the HTTP3 server push streams support is rudimental.
- `dissect_http3_qpack_enc`
Dissects the QPACK encoder stream.
If Wireshark was built with the optional `nghttp3` library,
this function is also responsible on updating the state
of the QPACK decoder.
- `dissect_http3_frame`
Processed HTTP3 frames from the client-initiated bidirectional stream.
Determines the frame type, and dispatches the call to one of the
sub-dissectors:
- `dissect_http3_data`
Dissects the `HTTP3_DATA` frames.
- `dissect_http3_headers`
Dissects the `HTTP3_HEADER` frames.
If Wireshark was built with the optional `nghttp3` library,
this function attempts to decode the header fields, using
the QPACK decoder.
- `dissect_http3_settings`
Dissects the `HTTP3_SETTINGS` frames.
### Overview of the HTTP3 header dissection
The QPACK implementation from `nghttp3` requires a separate QPACK decoder instance
for every HTTP3 connection. The different HTTP3 streams that constitute a single
HTTP3 conneciton are sharing the same QPACK decoder instance.
The HTTP3 dissector interacts with the QPACK decoder in 2 ways:
- On the reception of QPACK encoder data (which is delivered on a dedicated unidirectional stream),
the dissector updates the connection's decoder instance.
- On the reception of compressed HTTP3 headers, the dissector uses the connection's decoder
to uncompress the HTTP headers.
If decompression succeeds, the dissector adds tree items to the packet tree. Otherwise,
the dissector adds expert info items.
The decompression can fail due to several reasons:
- If the instruction count required by the compressed HTTP3 headers
exceeds the maximal instruction count that the QPACK decoder is aware of,
the decoding becomes "blocked". This situation can occure when the QUIC packets
that carry the QPACK encoder instructions are dropped/reordered.
- If the state of the decoder becomes invalid, which may happen when a "garbage"
data is received on the QUIC stream.
- Lastly, the decoding can fail if the underlying QUIC desegmentation is
not working correctly.
### Overview of HTTP3 data frames dissection
The higher-level dissectors that could use HTTP3 (e.g. WebTransport) need to be able
to access the contents of a single HTTP3 stream as a contiguous span of data.
For that purpose, the HTTP3 dissector is defining a custom conversation finder.
See functions `http3_find_inner_conversation` and `http3_reset_inner_conversation`.
## Essential data structures
### File-level state
#### `HTTP3_CONN_INFO_MAP`
The `HTTP3_CONN_INFO_MAP` contains session-level information for every HTTP3 connection
in a PCAP file. This map is lazily allocated, and is cleared upon exiting the file scope.
### HTTP3 header caches
The dissector attempts to conserve memory, by avoding allocating memory for
duplicate header names/values. Instead, the dissector keeps the decoded names/values
in two caches: `HTTP3_HEADER_CACHE` and `HTTP3_HEADER_DEF_CACHE`. The former stores
the decoded HTTP3 header values, and the latter stores the decoded HTTP3 header names.
### Connection-level state
#### `http3_session_info_t`
The `http3_session_info_t` keeps the state of the QPACK decoder. Every HTTP3 connection
corresponds to a single session. In the future, the session may be shared between multiple
connections, to support connection migration or multipath HTTP3.
At the moment, there are no shared sessions.
### Stream-level state
#### `http3_stream_info_t`
The `http3_stream_info_t` keeps the information about the individual HTTP3 streams,
as well as mapping to the underlying QUIC streams.
### Frame-level state
#### `http3_header_field_t`
The `http3_header_field_t` keeps the information about a single HTTP header.
It contains both the encoded and the decoded representation of the header.
The actual decoded strings are stored in `HTTP3_HEADER_CACHE`/`HTTP3_HEADER_DEF_CACHE`;
the individual `http3_header_field_t` instances contain pointers to the strings.

125
epan/dissectors/packet-http3.c
View File

@ -74,7 +74,7 @@ static int hf_http3_frame_payload = -1;
static int hf_http3_data = -1;
static int hf_http3_headers = -1;
//static int hf_http3_headers = -1;
static int hf_http3_headers_count = -1;
static int hf_http3_header = -1;
static int hf_http3_header_length = -1;
@ -87,7 +87,7 @@ static int hf_http3_header_request_full_uri = -1;
static int hf_http3_header_qpack_blocked = -1;
static int hf_http3_header_qpack_blocked_stream_rcint = -1;
static int hf_http3_header_qpack_blocked_decoder_wicnt = -1;
static int hf_http3_header_qpack_fatal = -1;
//static int hf_http3_header_qpack_fatal = -1;
#ifdef HAVE_NGHTTP3
/* Static HTTP3 headers */
@ -143,12 +143,12 @@ static int hf_http3_headers_via = -1;
static int hf_http3_headers_www_authenticate = -1;
#endif
static int hf_http3_qpack = -1;
//static int hf_http3_qpack = -1;
static int hf_http3_qpack_encoder = -1;
static int hf_http3_qpack_encoder_length = -1;
//static int hf_http3_qpack_encoder_length = -1;
static int hf_http3_qpack_encoder_icnt = -1;
static int hf_http3_qpack_encoder_icnt_inc = -1;
static int hf_http3_qpack_encoder_opcode = -1;
//static int hf_http3_qpack_encoder_opcode = -1;
static int hf_http3_qpack_encoder_opcode_insert_indexed = -1;
static int hf_http3_qpack_encoder_opcode_insert_indexed_ref = -1;
static int hf_http3_qpack_encoder_opcode_insert_indexed_val = -1;
@ -159,7 +159,7 @@ static int hf_http3_qpack_encoder_opcode_insert_hname = -1;
static int hf_http3_qpack_encoder_opcode_insert_val = -1;
static int hf_http3_qpack_encoder_opcode_insert_hval = -1;
static int hf_http3_qpack_encoder_opcode_duplicate = -1;
static int hf_http3_qpack_encoder_opcode_duplicate_val = -1;
//static int hf_http3_qpack_encoder_opcode_duplicate_val = -1;
static int hf_http3_qpack_encoder_opcode_dtable_cap = -1;
static int hf_http3_qpack_encoder_opcode_dtable_cap_val = -1;
@ -177,11 +177,11 @@ static int hf_http3_priority_update_element_id = -1;
static int hf_http3_priority_update_field_value = -1;
/* QPACK dissection EIs */
static expert_field ei_http3_qpack_enc_update = EI_INIT;
//static expert_field ei_http3_qpack_enc_update = EI_INIT;
static expert_field ei_http3_qpack_failed = EI_INIT;
/* HTTP3 dissection EIs */
static expert_field ei_http3_unknown_stream_type = EI_INIT;
static expert_field ei_http3_data_not_decoded = EI_INIT;
//static expert_field ei_http3_data_not_decoded = EI_INIT;
/* Encoded data EIs */
static expert_field ei_http3_header_encoded_state = EI_INIT;
/* HTTP3 header decoding EIs */
@ -580,7 +580,7 @@ http3_nghttp3_malloc(size_t size, void *user_data _U_)
static void
http3_nghttp3_free(void *ptr, void *user_data _U_)
{
return wmem_free(wmem_file_scope(), ptr);
wmem_free(wmem_file_scope(), ptr);
}
static void *
@ -1759,7 +1759,7 @@ dissect_http3_uni_stream(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, in
proto_tree *stream_tree;
const gchar *stream_display_name;
ti_stream = proto_tree_add_item(tree, hf_http3_stream_uni, tvb, offset, 1, ENC_NA);
ti_stream = proto_tree_add_item(tree, hf_http3_stream_uni, tvb, offset, -1, ENC_NA);
stream_tree = proto_item_add_subtree(ti_stream, ett_http3_stream_uni);
if (stream_info->offset == 0) {
@ -1767,21 +1767,20 @@ dissect_http3_uni_stream(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, in
&lenvar);
offset += lenvar;
http3_stream->uni_stream_type = stream_type;
if (http3_is_reserved_code(stream_type)) {
// Reserved to exercise requirement that unknown types are ignored.
proto_item_set_text(ti_stream_type, "Stream Type: Reserved (%#" PRIx64 ")", stream_type);
stream_display_name = "Reserved";
}
else {
stream_display_name = val64_to_str_const(stream_type, http3_stream_types, "Unknown");
}
proto_item_set_text(ti_stream, "UNI STREAM: %s off=%" PRIu64 "", stream_display_name, stream_info->stream_offset);
} else {
stream_type = http3_stream->uni_stream_type;
ti_stream_type = proto_tree_add_item(stream_tree, hf_http3_stream_uni_type, tvb, offset, -1, ENC_NA);
/*ti_stream_type = proto_tree_add_item(stream_tree, hf_http3_stream_uni_type, tvb, offset, -1, ENC_NA);*/
}
if (http3_is_reserved_code(stream_type)) {
// Reserved to exercise requirement that unknown types are ignored.
proto_item_set_text(ti_stream_type, "Stream Type: Reserved (%#" PRIx64 ")", stream_type);
stream_display_name = "Reserved";
} else {
stream_display_name = val64_to_str_const(stream_type, http3_stream_types, "Unknown");
}
proto_item_set_text(ti_stream, "UNI STREAM: %s off=%" PRIu64 "", stream_display_name, stream_info->stream_offset);
switch (stream_type) {
case HTTP3_STREAM_TYPE_CONTROL:
break;
@ -2214,11 +2213,11 @@ proto_register_http3(void)
NULL, HFILL }
},
/* Headers */
{ &hf_http3_headers,
{ "Header", "http3.headers",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
//{ &hf_http3_headers,
// { "Header", "http3.headers",
// FT_UINT32, BASE_DEC, NULL, 0x0,
// NULL, HFILL }
//},
{ &hf_http3_headers_count,
{ "Headers Count", "http3.headers.count",
FT_UINT32, BASE_DEC, NULL, 0x0,
@ -2274,26 +2273,26 @@ proto_register_http3(void)
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_http3_header_qpack_fatal,
{ "QPACK decoding error", "http3.header.qpack.fatal",
FT_BOOLEAN, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_http3_qpack,
{ "QPACK", "http3.qpack",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
//{ &hf_http3_header_qpack_fatal,
// { "QPACK decoding error", "http3.header.qpack.fatal",
// FT_BOOLEAN, BASE_NONE, NULL, 0x0,
// NULL, HFILL }
//},
//{ &hf_http3_qpack,
// { "QPACK", "http3.qpack",
// FT_BYTES, BASE_NONE, NULL, 0x0,
// NULL, HFILL }
//},
{ &hf_http3_qpack_encoder,
{ "QPACK encoder", "http3.qpack.encoder",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_http3_qpack_encoder_length,
{ "QPACK encoder update length", "http3.qpack.encoder.length",
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
//{ &hf_http3_qpack_encoder_length,
// { "QPACK encoder update length", "http3.qpack.encoder.length",
// FT_UINT32, BASE_DEC, NULL, 0x0,
// NULL, HFILL }
//},
{ &hf_http3_qpack_encoder_icnt,
{ "QPACK encoder instruction count", "http3.qpack.encoder.icnt",
FT_UINT32, BASE_DEC, NULL, 0x0,
@ -2304,11 +2303,11 @@ proto_register_http3(void)
FT_UINT32, BASE_DEC, NULL, 0x0,
NULL, HFILL }
},
{ &hf_http3_qpack_encoder_opcode,
{ "QPACK encoder opcode", "http3.qpack.encoder.opcode",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
//{ &hf_http3_qpack_encoder_opcode,
// { "QPACK encoder opcode", "http3.qpack.encoder.opcode",
// FT_BYTES, BASE_NONE, NULL, 0x0,
// NULL, HFILL }
// },
{ &hf_http3_qpack_encoder_opcode_insert_indexed,
{ "Insert with Name Reference", "http3.qpack.encoder.opcode.insert_indexed",
FT_BYTES, BASE_NONE, NULL, 0x0,
@ -2359,11 +2358,11 @@ proto_register_http3(void)
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
{ &hf_http3_qpack_encoder_opcode_duplicate_val,
{ "Duplicate Index", "http3.qpack.encoder.opcode.duplicate.val",
FT_BYTES, BASE_NONE, NULL, 0x0,
NULL, HFILL }
},
//{ &hf_http3_qpack_encoder_opcode_duplicate_val,
// { "Duplicate Index", "http3.qpack.encoder.opcode.duplicate.val",
// FT_BYTES, BASE_NONE, NULL, 0x0,
// NULL, HFILL }
//},
{ &hf_http3_qpack_encoder_opcode_dtable_cap,
{ "Set Dynamic Table Capacity", "http3.qpack.encoder.opcode.dtable_cap",
FT_BYTES, BASE_NONE, NULL, 0x0,
@ -2455,16 +2454,16 @@ proto_register_http3(void)
{ "http3.unknown_stream_type", PI_UNDECODED, PI_WARN,
"An unknown stream type was encountered", EXPFILL }
},
{ &ei_http3_data_not_decoded,
{ "http3.data_not_decoded", PI_UNDECODED, PI_WARN,
"Data not decoded", EXPFILL }
},
{ &ei_http3_qpack_enc_update ,
{ "http3.qpack_enc_update", PI_UNDECODED, PI_WARN,
"Success decoding QPACK buffer", EXPFILL }
},
//{ &ei_http3_data_not_decoded,
// { "http3.data_not_decoded", PI_UNDECODED, PI_WARN,
// "Data not decoded", EXPFILL }
// },
// { &ei_http3_qpack_enc_update,
// { "http3.qpack_enc_update", PI_UNDECODED, PI_WARN,
// "Success decoding QPACK buffer", EXPFILL }
// },
{ &ei_http3_qpack_failed,
{ "http3.qpack_enc_failed", PI_UNDECODED, PI_WARN,
{ "http3.qpack_enc_failed", PI_UNDECODED, PI_NOTE,
"Error decoding QPACK buffer", EXPFILL }
},
{ &ei_http3_header_encoded_state ,
@ -2472,15 +2471,15 @@ proto_register_http3(void)
"HTTP3 header encoded block", EXPFILL }
},
{ &ei_http3_header_decoding_failed ,
{ "http3.expert.header_decoding.failed", PI_UNDECODED, PI_WARN,
{ "http3.expert.header_decoding.failed", PI_UNDECODED, PI_NOTE,
"Failed to decode HTTP3 header name/value", EXPFILL }
},
{ &ei_http3_header_decoding_blocked,
{ "http3.expert.header_decoding.blocked", PI_UNDECODED, PI_WARN,
{ "http3.expert.header_decoding.blocked", PI_UNDECODED, PI_NOTE,
"Failed to decode HTTP3 header name/value (blocked on QPACK)", EXPFILL}
},
{ &ei_http3_header_decoding_no_output,
{ "http3.expert.header_decoding.no_output", PI_UNDECODED, PI_WARN,
{ "http3.expert.header_decoding.no_output", PI_UNDECODED, PI_NOTE,
"Failed to decode HTTP3 header name/value (QPACK decoder no emission)", EXPFILL}
},
};

24
epan/dissectors/packet-quic.c
View File

@ -166,8 +166,8 @@ static int hf_quic_af_sequence_number = -1;
static int hf_quic_af_ack_eliciting_threshold = -1;
static int hf_quic_af_request_max_ack_delay = -1;
static int hf_quic_af_reordering_threshold = -1;
static int hf_quic_af_ignore_order = -1;
static int hf_quic_af_ignore_ce = -1;
//static int hf_quic_af_ignore_order = -1;
//static int hf_quic_af_ignore_ce = -1;
static int hf_quic_ts = -1;
static int hf_quic_unpredictable_bits = -1;
static int hf_quic_stateless_reset_token = -1;
@ -5355,16 +5355,16 @@ proto_register_quic(void)
FT_UINT64, BASE_DEC, NULL, 0x0,
"The value that indicates the maximum packet reordering before eliciting an immediate ACK", HFILL }
},
{ &hf_quic_af_ignore_order,
{ "Ignore Order", "quic.af.ignore_order",
FT_BOOLEAN, 8, NULL, 0x02,
"This field is set to true by an endpoint that does not wish to receive an immediate acknowledgement when the peer receives a packet out of order", HFILL }
},
{ &hf_quic_af_ignore_ce,
{ "Ignore CE", "quic.af.ignore_ce",
FT_BOOLEAN, 8, NULL, 0x01,
"This field is set to true by an endpoint that does not wish to receive an immediate acknowledgement when the peer receives CE-marked packets", HFILL }
},
//{ &hf_quic_af_ignore_order,
// { "Ignore Order", "quic.af.ignore_order",
// FT_BOOLEAN, 8, NULL, 0x02,
// "This field is set to true by an endpoint that does not wish to receive an immediate acknowledgement when the peer receives a packet out of order", HFILL }
//},
//{ &hf_quic_af_ignore_ce,
// { "Ignore CE", "quic.af.ignore_ce",
// FT_BOOLEAN, 8, NULL, 0x01,
// "This field is set to true by an endpoint that does not wish to receive an immediate acknowledgement when the peer receives CE-marked packets", HFILL }
//},
/* TIME STAMP */
{ &hf_quic_ts,

9
epan/dissectors/packet-tls-utils.c
View File

@ -8950,7 +8950,7 @@ ssl_is_authoritative_version_message(guint8 content_type, guint8 handshake_type,
*/
void
tls_scan_server_hello(tvbuff_t *tvb, guint32 offset, guint32 offset_end,
guint16 *server_version, gboolean *is_hrr, guint16 *max_supported_version)
guint16 *server_version, gboolean *is_hrr)
{
/* SHA256("HelloRetryRequest") */
static const guint8 tls13_hrr_random_magic[] = {
@ -8985,12 +8985,7 @@ tls_scan_server_hello(tvbuff_t *tvb, guint32 offset, guint32 offset_end,
break; /* not enough data for type, length and data */
}
if (ext_type == SSL_HND_HELLO_EXT_SUPPORTED_VERSIONS && ext_len == 2) {
guint16 higher_version = tvb_get_ntohs(tvb, offset + 4);
if (max_supported_version) {
*max_supported_version = higher_version;
} else {
*server_version = higher_version;
}
*server_version = tvb_get_ntohs(tvb, offset + 4);
return;
}
offset += 4 + ext_len;

2
epan/dissectors/packet-tls-utils.h
View File

@ -824,7 +824,7 @@ ssl_is_valid_handshake_type(guint8 hs_type, gboolean is_dtls);
extern void
tls_scan_server_hello(tvbuff_t *tvb, guint32 offset, guint32 offset_end,
guint16 *server_version, gboolean *is_hrr, guint16 *max_supported_version);
guint16 *server_version, gboolean *is_hrr);
extern void
ssl_try_set_version(SslSession *session, SslDecryptSession *ssl,

29
epan/dissectors/packet-tls.c
View File

@ -2581,7 +2581,6 @@ dissect_tls_handshake(tvbuff_t *tvb, packet_info *pinfo,
if (!PINFO_FD_VISITED(pinfo)) {
// 1. (First pass:) If a previous handshake message needed reasembly.
ssl_debug_printf("%s Handshake %s fragmented", G_STRFUNC, (*hs_reassembly_id_p) ? " is " : " is not ");
if (*hs_reassembly_id_p) {
// Continuation, so a previous fragment *must* exist.
fh = fragment_get(&tls_hs_reassembly_table, pinfo, *hs_reassembly_id_p, NULL);
@ -2789,13 +2788,9 @@ dissect_tls_handshake_full(tvbuff_t *tvb, packet_info *pinfo,
}
if (is_first_msg && msg_type == SSL_HND_SERVER_HELLO && length > 2) {
guint16 server_version, max_supported_version;
tls_scan_server_hello(tvb, offset + 4, offset + 4 + length, &server_version, &is_hrr, &max_supported_version);
if (ssl && ssl->session.version != server_version && ssl->session.version == max_supported_version) {
server_version = max_supported_version;
}
guint16 server_version;
tls_scan_server_hello(tvb, offset + 4, offset + 4 + length, &server_version, &is_hrr);
ssl_try_set_version(session, ssl, SSL_ID_HANDSHAKE, SSL_HND_SERVER_HELLO, FALSE, server_version);
if (is_hrr) {
msg_type_str = "Hello Retry Request";
@ -2869,7 +2864,6 @@ dissect_tls_handshake_full(tvbuff_t *tvb, packet_info *pinfo,
break;
case SSL_HND_SERVER_HELLO:
ssl_debug_printf("%s SSL_HND_SERVER_HELLO\n", G_STRFUNC);
ssl_dissect_hnd_srv_hello(&dissect_ssl3_hf, tvb, pinfo, ssl_hand_tree,
offset, offset + length, session, ssl, FALSE, is_hrr);
if (ssl) {
@ -4127,26 +4121,15 @@ tls13_get_quic_secret(packet_info *pinfo, gboolean is_from_server, int type, gui
ws_assert_not_reached();
}
ssl_debug_printf("%s Looking for QUIC %s of size %d..%d for client_random of size %d bytes: ",
G_STRFUNC, label, secret_min_len, secret_max_len, ssl->client_random.data_len);
ssl_print_data("Client random", ssl->client_random.data, ssl->client_random.data_len);
ssl_print_data("Server random", ssl->server_random.data, ssl->server_random.data_len);
StringInfo *secret = (StringInfo *)g_hash_table_lookup(key_map, &ssl->client_random);
if (!secret) {
ssl_debug_printf("%s Can not find QUIC %s of size %d..%d: not found\n",
G_STRFUNC, label, secret_min_len, secret_max_len);
return 0;
}
if (secret->data_len < secret_min_len || secret->data_len > secret_max_len) {
ssl_debug_printf("%s Cannot find QUIC %s: size %d out of bounds %d..%d\n",
G_STRFUNC, label, secret->data_len, secret_min_len, secret_max_len);
if (!secret || secret->data_len < secret_min_len || secret->data_len > secret_max_len) {
ssl_debug_printf("%s Cannot find QUIC %s of size %d..%d, found bad size %d!\n",
G_STRFUNC, label, secret_min_len, secret_max_len, secret ? secret->data_len : 0);
return 0;
}
ssl_debug_printf("%s Retrieved QUIC traffic secret.\n", G_STRFUNC);
ssl_print_string("Client Random", &ssl->client_random);
ssl_print_string(label, secret);
memcpy(secret_out, secret->data, secret->data_len);
return secret->data_len;

2
tools/macos-setup.sh
View File

@ -177,7 +177,7 @@ LIBSSH_VERSION=0.9.6
# mmdbresolve
MAXMINDDB_VERSION=1.4.3
NGHTTP2_VERSION=1.46.0
NGHTTP3_VERSION=0.6.0
NGHTTP3_VERSION=0.14.0
SPANDSP_VERSION=0.0.6
SPEEXDSP_VERSION=1.2.0
if [ "$SPANDSP_VERSION" ]; then

1
tools/win-setup.ps1
View File

@ -87,6 +87,7 @@ $X64Archives = @{
"lz4/lz4-1.9.3-1-win64ws.zip" = "7129515893ffdc439f4ffe9673c4bc43f9042e910bb2607e68dde6b99a1ab058";
"minizip/minizip-1.2.11-4-win64ws.zip" = "dd6bf24e2d946465ad19aa4f8c38e0db91da6585887935de68011982cd6fb2cb";
"nghttp2/nghttp2-1.49.0-1-win64ws.zip" = "215919ec20be62101d4704ec2464bfb72c5677126c5245b92ba495a3d30642ca";
"nghttp3/nghttp3-0.14.0-1-x64-windows-ws.zip" = "233ab84530cbf2800bc55723f91269600ea6792907b14413acf5e26ff31019b1";
"opus/opus-1.3.1-3-win64ws.zip" = "1f7a55a6d2d7215dffa4a43bca8ca05024bd4ba1ac3d0d0c405fd38b09cc2205";
"pcre2/pcre2-10.40-1-win64ws.zip" = "17eee615990b23bc859a862c19f5ac10c61776587603bc452285abe073a0fad9";
"sbc/sbc-2.0-1-x64-windows-ws.zip" = "d1a58f977dcffa168b11b280bd10228191582d263b7c901e50cde7c1c43d9c04";